[Samba] I can't login into my Linux client with Samba DC users.

Sun Jul 18 14:49:56 UTC 2021

Thank you.
I removed "sssd" from my Linux client:
# yum remove sssd

Then, changed "/etc/krb5.conf" as below:

[libdefaults]
    default_realm = MYDOMAIN.Z
    dns_lookup_realm = false
    dns_lookup_kdc = true

Should I install winbind and winbind-clients on the client?

I executed the script on the server and client and results are:

On server:
https://0bin.net/paste/i6JpJ9fp#j3yydvkUw9tXWO2P2oXIuBZVg-7c8ytk0KPMkBind5U

On client:
https://0bin.net/paste/ewb5i6Va#FEoBJ7QHCyxUTJOFHNo4tELG6sDAzVwJMZUzFNjtEwa

On Sunday, July 18, 2021, 01:12:16 PM GMT+4:30, Rowland Penny via samba <samba at lists.samba.org> wrote: 

On Sun, 2021-07-18 at 08:15 +0000, Jason Long via samba wrote:
> 

> I installed Samba from its manual and in Samba manual, the "sss"
> existed. Why "sss" doesn't need? 

If sssd is installed, remove it, you cannot use sssd with Samba.

> 
> And I changed the content of "/etc/krb5.conf" to:
> 
> 
> On the Linux client:
> I added below lines to the "/etc/hosts" file:
> 
> 127.0.0.1  localhost localhost.localdomain localhost4
> localhost4.localdomain4
> ::1        localhost localhost.localdomain localhost6
> localhost6.localdomain6
> 192.168.56.7 mydc.mydomain.z mydc
> 10.0.3.15  mydc.mydomain.z

You cannot multihome a DC, choose an ipaddress and use just that one.

> 
> The content of the "/etc/krb5.conf" file is:
> 
> includedir /etc/krb5.conf.d/
> [libdefaults]
>    default_realm = MYDC.MYDOMAIN.Z

HOW MANY TIMES DO I HAVE TO TO TELL YOU, 'MYDC.MYDOMAIN.Z' IS NOT YOUR
REALM!!!

Your realm is 'MYDOMAIN.Z'

>    dns_lookup_realm = false
>    dns_lookup_kdc = true
> 
> 

You can remove the rest of /etc/krb5.conf , you do not need it.

> 
> 
> I rebooted my client and I can't login to my Linux client with my
> Samba DC usernames.

Have you installed winbind and winbind-clients ?

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba