[Samba] Samba and Kerberos

Mark Cogan arcturus1966 at gmail.com
Wed Apr 27 22:03:45 UTC 2022


Well, not exactly.  I'm running as a Kerberos users from a Mac client.
smb://thig.<redacted> from Finder.
This is the output on the server side as I am trying to connect.
So why would the Samba client be trying to say that's root trying to
connect?

- M

On Wed, Apr 27, 2022 at 5:57 PM Rob Townley <rob.townley at gmail.com> wrote:

> A couple things stood out to me, but I am going completely from memory and
> do not have much recent experience in SaMBa kerberos:
>
> 1.)   Kerberos generally requires IP Names.   IP Addresses _might_ work if
> registered under servicePrincipalNames `HOST/thig$`
> `HOST/thigsIPaddress$` ?
> `samba-tool spn list`
> output might help.  In short, when you try to authenticate, use a
> servicePrincipalName  HOST entry.
>
> 2.)   Looks like you are trying as the root user which may have been
> disabled by default for security reasons recently.   For instance, TrueNAS
> core no longer allows the root user to use the smb share.  Must create
> another user.  Make sure that user actually has userPrincipalName or upn in
> kerberos.
>
> `[2022/04/27 14:15:01.089431,  5, pid=17085, effective(0, 0), real(0, 0)]
> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>
>   UNIX token of user 0
>
>   Primary group is 0 and contains 0 supplementary groups`
>
> On Wed, Apr 27, 2022 at 1:21 PM Mark Cogan via samba <
> samba at lists.samba.org> wrote:
>
>> And from the IP log trying to inbound:
>>
>> [2022/04/27 14:15:01.088980, 10, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/lib/util_event.c:43(smbd_idle_event_handler)
>>
>>   smbd_idle_event_handler: idle_evt(deadtime) (nil) called
>>
>> [2022/04/27 14:15:01.089072,  2, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/process.c:2926(deadtime_fn)
>>
>>   Closing idle connection
>>
>> [2022/04/27 14:15:01.089095, 10, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/lib/util_event.c:47(smbd_idle_event_handler)
>>
>>   smbd_idle_event_handler: idle_evt(deadtime) (nil) stopped
>>
>> [2022/04/27 14:15:01.089115,  3, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/server.c:162(msg_exit_server)
>>
>>   got a SHUTDOWN message
>>
>> [2022/04/27 14:15:01.089142,  4, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
>>
>>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
>>
>> [2022/04/27 14:15:01.089153,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../libcli/security/security_token.c:47(security_token_debug)
>>
>>   Security token: (NULL)
>>
>> [2022/04/27 14:15:01.089162,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>>
>>   UNIX token of user 0
>>
>>   Primary group is 0 and contains 0 supplementary groups
>>
>> [2022/04/27 14:15:01.089194,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/uid.c:494(smbd_change_to_root_user)
>>
>>   change_to_root_user: now uid=(0,0) gid=(0,0)
>>
>> [2022/04/27 14:15:01.089275,  4, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
>>
>>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
>>
>> [2022/04/27 14:15:01.089288,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../libcli/security/security_token.c:47(security_token_debug)
>>
>>   Security token: (NULL)
>>
>> [2022/04/27 14:15:01.089296,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>>
>>   UNIX token of user 0
>>
>>   Primary group is 0 and contains 0 supplementary groups
>>
>> [2022/04/27 14:15:01.089312,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/uid.c:494(smbd_change_to_root_user)
>>
>>   change_to_root_user: now uid=(0,0) gid=(0,0)
>>
>> [2022/04/27 14:15:01.089322,  4, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
>>
>>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
>>
>> [2022/04/27 14:15:01.089331,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../libcli/security/security_token.c:47(security_token_debug)
>>
>>   Security token: (NULL)
>>
>> [2022/04/27 14:15:01.089339,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>>
>>   UNIX token of user 0
>>
>>   Primary group is 0 and contains 0 supplementary groups
>>
>> [2022/04/27 14:15:01.089358,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/uid.c:494(smbd_change_to_root_user)
>>
>>   change_to_root_user: now uid=(0,0) gid=(0,0)
>>
>> [2022/04/27 14:15:01.089370,  4, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
>>
>>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
>>
>> [2022/04/27 14:15:01.089379,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../libcli/security/security_token.c:47(security_token_debug)
>>
>>   Security token: (NULL)
>>
>> [2022/04/27 14:15:01.089387,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>>
>>   UNIX token of user 0
>>
>>   Primary group is 0 and contains 0 supplementary groups
>>
>> [2022/04/27 14:15:01.089401,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/uid.c:494(smbd_change_to_root_user)
>>
>>   change_to_root_user: now uid=(0,0) gid=(0,0)
>>
>> [2022/04/27 14:15:01.089414,  4, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
>>
>>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
>>
>> [2022/04/27 14:15:01.089422,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../libcli/security/security_token.c:47(security_token_debug)
>>
>>   Security token: (NULL)
>>
>> [2022/04/27 14:15:01.089431,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/auth/token_util.c:874(debug_unix_user_token)
>>
>>   UNIX token of user 0
>>
>>   Primary group is 0 and contains 0 supplementary groups
>>
>> [2022/04/27 14:15:01.089444,  5, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/uid.c:494(smbd_change_to_root_user)
>>
>>   change_to_root_user: now uid=(0,0) gid=(0,0)
>>
>> [2022/04/27 14:15:01.089493, 10, pid=17085, effective(0, 0), real(0, 0)]
>> ../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)
>>
>>   msg_dgm_ref_destructor: refs=(nil)
>>
>> [2022/04/27 14:15:01.089783,  3, pid=17085, effective(0, 0), real(0, 0)]
>> ../../source3/smbd/server_exit.c:240(exit_server_common)
>>
>>   Server exit (normal exit)
>>
>> On Wed, Apr 27, 2022 at 2:16 PM Mark Cogan <arcturus1966 at gmail.com>
>> wrote:
>>
>> > [2022/04/27 14:14:00.895242, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)
>> >
>> >   msg_dgm_ref_destructor: refs=(nil)
>> >
>> > [2022/04/27 14:14:00.896142, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)
>> >
>> >   messaging_dgm_ref: messaging_dgm_init returned Success
>> >
>> > [2022/04/27 14:14:00.896171, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)
>> >
>> >   messaging_dgm_ref: unique = 16432613736172089981
>> >
>> > [2022/04/27 14:14:00.896185,  2, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
>> >
>> >   Registered MSG_REQ_POOL_USAGE
>> >
>> > [2022/04/27 14:14:00.896201,  5, pid=17084, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)
>> >
>> >   Attempting to find a passdb backend to match tdbsam (tdbsam)
>> >
>> > [2022/04/27 14:14:00.896212,  5, pid=17084, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
>> >
>> >   Found pdb backend tdbsam
>> >
>> > [2022/04/27 14:14:00.896240,  5, pid=17084, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)
>> >
>> >   pdb backend tdbsam has a valid init
>> >
>> > [2022/04/27 14:14:00.896260, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)
>> >
>> > [2022/04/27 14:14:00.896270, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)
>> >
>> >   smbXsrv_client_create:
>> > client_guid[00000000-0000-0000-0000-000000000000] created
>> >
>> > [2022/04/27 14:14:00.896288,  1, pid=17084, effective(0, 0), real(0, 0),
>> > class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)
>> >
>> >        &client_blob: struct smbXsrv_clientB
>> >
>> >           version                  : SMBXSRV_VERSION_0 (0)
>> >
>> >           reserved                 : 0x00000000 (0)
>> >
>> >           info                     : union smbXsrv_clientU(case 0)
>> >
>> >           info0                    : *
>> >
>> >               info0: struct smbXsrv_client
>> >
>> >                   table                    : *
>> >
>> >                   raw_ev_ctx               : *
>> >
>> >                   msg_ctx                  : *
>> >
>> >                   global                   : *
>> >
>> >                       global: struct smbXsrv_client_global0
>> >
>> >                           db_rec                   : NULL
>> >
>> >                           server_id: struct server_id
>> >
>> >                               pid                      :
>> > 0x00000000000042bc (17084)
>> >
>> >                               task_id                  : 0x00000000 (0)
>> >
>> >                               vnn                      : 0xffffffff
>> > (4294967295)
>> >
>> >                               unique_id                :
>> > 0xe40c5f211bbdf27d (-2014130337537461635)
>> >
>> >                           local_address            : NULL
>> >
>> >                           remote_address           : NULL
>> >
>> >                           remote_name              : NULL
>> >
>> >                           initial_connect_time     : Wed Apr 27 02:14:01
>> > PM 2022 EDT
>> >
>> >                           client_guid              :
>> > 00000000-0000-0000-0000-000000000000
>> >
>> >                           stored                   : 0x00 (0)
>> >
>> >                   sconn                    : NULL
>> >
>> >                   session_table            : NULL
>> >
>> >                   tcon_table               : NULL
>> >
>> >                   open_table               : NULL
>> >
>> >                   connections              : NULL
>> >
>> >                   server_multi_channel_enabled: 0x00 (0)
>> >
>> >                   next_channel_id          : 0x0000000000000000 (0)
>> >
>> >                   connection_pass_subreq   : NULL
>> >
>> >                   pending_breaks           : NULL
>> >
>> > [2022/04/27 14:14:00.896439,  5, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/util/util_net.c:990(print_socket_options)
>> >
>> >   Socket options:
>> >
>> >   SO_KEEPALIVE = 1
>> >
>> >   SO_REUSEADDR = 1
>> >
>> >   SO_BROADCAST = 0
>> >
>> >   TCP_NODELAY = 1
>> >
>> >   TCP_KEEPCNT = 9
>> >
>> >   TCP_KEEPIDLE = 7200
>> >
>> >   TCP_KEEPINTVL = 75
>> >
>> >   IPTOS_LOWDELAY = 0
>> >
>> >   IPTOS_THROUGHPUT = 0
>> >
>> >   SO_REUSEPORT = 1
>> >
>> >   SO_SNDBUF = 87040
>> >
>> >   SO_RCVBUF = 369280
>> >
>> >   SO_SNDLOWAT = 1
>> >
>> >   SO_RCVLOWAT = 1
>> >
>> >   SO_SNDTIMEO = 0
>> >
>> >   SO_RCVTIMEO = 0
>> >
>> >   TCP_QUICKACK = 1
>> >
>> >   TCP_DEFER_ACCEPT = 0
>> >
>> >   TCP_USER_TIMEOUT = 0
>> >
>> > [2022/04/27 14:14:00.896491,  5, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/util/util_net.c:990(print_socket_options)
>> >
>> >   Socket options:
>> >
>> >   SO_KEEPALIVE = 1
>> >
>> >   SO_REUSEADDR = 1
>> >
>> >   SO_BROADCAST = 0
>> >
>> >   TCP_NODELAY = 1
>> >
>> >   TCP_KEEPCNT = 9
>> >
>> >   TCP_KEEPIDLE = 7200
>> >
>> >   TCP_KEEPINTVL = 75
>> >
>> >   IPTOS_LOWDELAY = 0
>> >
>> >   IPTOS_THROUGHPUT = 0
>> >
>> >   SO_REUSEPORT = 1
>> >
>> >   SO_SNDBUF = 87040
>> >
>> >   SO_RCVBUF = 369280
>> >
>> >   SO_SNDLOWAT = 1
>> >
>> >   SO_RCVLOWAT = 1
>> >
>> >   SO_SNDTIMEO = 0
>> >
>> >   SO_RCVTIMEO = 0
>> >
>> >   TCP_QUICKACK = 1
>> >
>> >   TCP_DEFER_ACCEPT = 0
>> >
>> >   TCP_USER_TIMEOUT = 0
>> >
>> > [2022/04/27 14:14:00.896557,  3, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/util/access.c:372(allow_access)
>> >
>> >   Allowed connection from 132.250.114.93 (132.250.114.93)
>> >
>> > [2022/04/27 14:14:00.896564, 10, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/process.c:3919(smbd_add_connection)
>> >
>> >   Connection allowed from ipv4:132.250.114.93:50258 to ipv4:
>> > 132.250.115.34:445
>> >
>> > [2022/04/27 14:14:00.896599,  5, pid=17084, effective(0, 0), real(0, 0)]
>> > ../../lib/util/debug.c:811(debug_dump_status)
>> >
>> >   INFO: Current debug levels:
>> >
>> >     all: 10
>> >
>> >     tdb: 10
>> >
>> >     printdrivers: 10
>> >
>> >     lanman: 10
>> >
>> >     smb: 10
>> >
>> >     rpc_parse: 10
>> >
>> >     rpc_srv: 10
>> >
>> >     rpc_cli: 10
>> >
>> >     passdb: 10
>> >
>> >     sam: 10
>> >
>> >     auth: 10
>> >
>> >     winbind: 10
>> >
>> >     vfs: 10
>> >
>> >     idmap: 10
>> >
>> >     quota: 10
>> >
>> >     acls: 10
>> >
>> >     locking: 10
>> >
>> >     msdfs: 10
>> >
>> >     dmapi: 10
>> >
>> >     registry: 10
>> >
>> >     scavenger: 10
>> >
>> >     dns: 10
>> >
>> >     ldb: 10
>> >
>> >     tevent: 10
>> >
>> >     auth_audit: 10
>> >
>> >     auth_json_audit: 10
>> >
>> >     kerberos: 10
>> >
>> >     drs_repl: 10
>> >
>> >     smb2: 10
>> >
>> >     smb2_credits: 10
>> >
>> >     dsdb_audit: 10
>> >
>> >     dsdb_json_audit: 10
>> >
>> >     dsdb_password_audit: 10
>> >
>> >     dsdb_password_json_audit: 10
>> >
>> >     dsdb_transaction_audit: 10
>> >
>> >     dsdb_transaction_json_audit: 10
>> >
>> >     dsdb_group_audit: 10
>> >
>> >     dsdb_group_json_audit: 10
>> >
>> > [2022/04/27 14:14:01.049640, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)
>> >
>> >   msg_dgm_ref_destructor: refs=(nil)
>> >
>> > [2022/04/27 14:14:01.049743, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)
>> >
>> >   messaging_dgm_ref: messaging_dgm_init returned Success
>> >
>> > [2022/04/27 14:14:01.049763, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)
>> >
>> >   messaging_dgm_ref: unique = 16628607021123654522
>> >
>> > [2022/04/27 14:14:01.049773,  2, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
>> >
>> >   Registered MSG_REQ_POOL_USAGE
>> >
>> > [2022/04/27 14:14:01.049784,  5, pid=17085, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)
>> >
>> >   Attempting to find a passdb backend to match tdbsam (tdbsam)
>> >
>> > [2022/04/27 14:14:01.049791,  5, pid=17085, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
>> >
>> >   Found pdb backend tdbsam
>> >
>> > [2022/04/27 14:14:01.049806,  5, pid=17085, effective(0, 0), real(0, 0),
>> > class=passdb]
>> ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)
>> >
>> >   pdb backend tdbsam has a valid init
>> >
>> > [2022/04/27 14:14:01.049818, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)
>> >
>> > [2022/04/27 14:14:01.049825, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)
>> >
>> >   smbXsrv_client_create:
>> > client_guid[00000000-0000-0000-0000-000000000000] created
>> >
>> > [2022/04/27 14:14:01.049841,  1, pid=17085, effective(0, 0), real(0, 0),
>> > class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)
>> >
>> >        &client_blob: struct smbXsrv_clientB
>> >
>> >           version                  : SMBXSRV_VERSION_0 (0)
>> >
>> >           reserved                 : 0x00000000 (0)
>> >
>> >           info                     : union smbXsrv_clientU(case 0)
>> >
>> >           info0                    : *
>> >
>> >               info0: struct smbXsrv_client
>> >
>> >                   table                    : *
>> >
>> >                   raw_ev_ctx               : *
>> >
>> >                   msg_ctx                  : *
>> >
>> >                   global                   : *
>> >
>> >                       global: struct smbXsrv_client_global0
>> >
>> >                           db_rec                   : NULL
>> >
>> >                           server_id: struct server_id
>> >
>> >                               pid                      :
>> > 0x00000000000042bd (17085)
>> >
>> >                               task_id                  : 0x00000000 (0)
>> >
>> >                               vnn                      : 0xffffffff
>> > (4294967295)
>> >
>> >                               unique_id                :
>> > 0xe6c4adfbcba4537a (-1818137052585897094)
>> >
>> >                           local_address            : NULL
>> >
>> >                           remote_address           : NULL
>> >
>> >                           remote_name              : NULL
>> >
>> >                           initial_connect_time     : Wed Apr 27 02:14:01
>> > PM 2022 EDT
>> >
>> >                           client_guid              :
>> > 00000000-0000-0000-0000-000000000000
>> >
>> >                           stored                   : 0x00 (0)
>> >
>> >                   sconn                    : NULL
>> >
>> >                   session_table            : NULL
>> >
>> >                   tcon_table               : NULL
>> >
>> >                   open_table               : NULL
>> >
>> >                   connections              : NULL
>> >
>> >                   server_multi_channel_enabled: 0x00 (0)
>> >
>> >                   next_channel_id          : 0x0000000000000000 (0)
>> >
>> >                   connection_pass_subreq   : NULL
>> >
>> >                   pending_breaks           : NULL
>> >
>> > [2022/04/27 14:14:01.049956,  5, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/util/util_net.c:990(print_socket_options)
>> >
>> >   Socket options:
>> >
>> >   SO_KEEPALIVE = 1
>> >
>> >   SO_REUSEADDR = 1
>> >
>> >   SO_BROADCAST = 0
>> >
>> >   TCP_NODELAY = 1
>> >
>> >   TCP_KEEPCNT = 9
>> >
>> >   TCP_KEEPIDLE = 7200
>> >
>> >   TCP_KEEPINTVL = 75
>> >
>> >   IPTOS_LOWDELAY = 0
>> >
>> >   IPTOS_THROUGHPUT = 0
>> >
>> >   SO_REUSEPORT = 1
>> >
>> >   SO_SNDBUF = 87040
>> >
>> >   SO_RCVBUF = 369280
>> >
>> >   SO_SNDLOWAT = 1
>> >
>> >   SO_RCVLOWAT = 1
>> >
>> >   SO_SNDTIMEO = 0
>> >
>> >   SO_RCVTIMEO = 0
>> >
>> >   TCP_QUICKACK = 1
>> >
>> >   TCP_DEFER_ACCEPT = 0
>> >
>> >   TCP_USER_TIMEOUT = 0
>> >
>> > [2022/04/27 14:14:01.049994,  5, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/util/util_net.c:990(print_socket_options)
>> >
>> >   Socket options:
>> >
>> >   SO_KEEPALIVE = 1
>> >
>> >   SO_REUSEADDR = 1
>> >
>> >   SO_BROADCAST = 0
>> >
>> >   TCP_NODELAY = 1
>> >
>> >   TCP_KEEPCNT = 9
>> >
>> >   TCP_KEEPIDLE = 7200
>> >
>> >   TCP_KEEPINTVL = 75
>> >
>> >   IPTOS_LOWDELAY = 0
>> >
>> >   IPTOS_THROUGHPUT = 0
>> >
>> >   SO_REUSEPORT = 1
>> >
>> >   SO_SNDBUF = 87040
>> >
>> >   SO_RCVBUF = 369280
>> >
>> >   SO_SNDLOWAT = 1
>> >
>> >   SO_RCVLOWAT = 1
>> >
>> >   SO_SNDTIMEO = 0
>> >
>> >   SO_RCVTIMEO = 0
>> >
>> >   TCP_QUICKACK = 1
>> >
>> >   TCP_DEFER_ACCEPT = 0
>> >
>> >   TCP_USER_TIMEOUT = 0
>> >
>> > [2022/04/27 14:14:01.050034,  3, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/util/access.c:372(allow_access)
>> >
>> >   Allowed connection from 132.250.114.93 (132.250.114.93)
>> >
>> > [2022/04/27 14:14:01.050041, 10, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/process.c:3919(smbd_add_connection)
>> >
>> >   Connection allowed from ipv4:132.250.114.93:50260 to ipv4:
>> > 132.250.115.34:445
>> >
>> > [2022/04/27 14:14:01.050064,  5, pid=17085, effective(0, 0), real(0, 0)]
>> > ../../lib/util/debug.c:811(debug_dump_status)
>> >
>> >   INFO: Current debug levels:
>> >
>> >     all: 10
>> >
>> >     tdb: 10
>> >
>> > [2022/04/27 14:14:01.050579, 10, pid=17031, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)
>> >
>> >   messaging_dgm_send: Sending message to 17034
>> >
>> > [2022/04/27 14:14:01.050691, 10, pid=17034, effective(0, 0), real(0, 0)]
>> > ../../source3/lib/messages.c:428(messaging_recv_cb)
>> >
>> >   messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031
>> >
>> > [2022/04/27 14:14:01.050954, 10, pid=17034, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)
>> >
>> >   smbd_cleanupd_process_exited: cleaned up pid 17084
>> >
>> > [2022/04/27 14:15:01.091584, 10, pid=17031, effective(0, 0), real(0, 0)]
>> > ../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)
>> >
>> >   messaging_dgm_send: Sending message to 17034
>> >
>> > [2022/04/27 14:15:01.091685, 10, pid=17034, effective(0, 0), real(0, 0)]
>> > ../../source3/lib/messages.c:428(messaging_recv_cb)
>> >
>> >   messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031
>> >
>> > [2022/04/27 14:15:01.091873, 10, pid=17034, effective(0, 0), real(0, 0)]
>> > ../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)
>> >
>> >   smbd_cleanupd_process_exited: cleaned up pid 17085
>> >
>> > On Wed, Apr 27, 2022 at 2:06 PM Jeremy Allison <jra at samba.org> wrote:
>> >
>> >> On Wed, Apr 27, 2022 at 02:02:39PM -0400, Mark Cogan via samba wrote:
>> >> >Output from command line trying to connect:
>> >> >
>> >> >thig% smbclient -k -L //thig.<redacted>/
>> >> >
>> >> >session setup failed: NT_STATUS_ACCESS_DENIED
>> >> >
>> >> >
>> >> >So it looks like it's just rejecting the Kerberos authentication,
>> which
>> >> is
>> >> >why it would drop back down to asking for password (which doesn't
>> work).
>> >>
>> >> Use a debug level 10 to get more details.
>> >>
>> >
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>


More information about the samba mailing list