S-a bulit discul pe care facusem winbind-ul acum vreun an. Acum trebuie
sa refac chestia, dar se pare ca nu-mi iese.
1. nmb smb windbind ruleaza
2. in /etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
3. in /etc/pam.d/samba
#%PAM-1.0
auth required pam_winbind.so
account required pam_winbind.so
Userii trebuie sa acceseze acest server numai prin samba.
4. in /etc/samba/smb.conf
security = domain
encrypt passwords = yes
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /home/%U
5. computerul a fost "join"-at la domeniu
smbpasswd -j WIN -U silviu
Cand incerc sa accesez un share care este "public = no", adica trebuie
sa fii user autentificat la domeniu se intampla asa:
Cu parola CORECTA:
smbclient //silviu/public -U deleteme%a
added interface ip=192.168.1.87 bcast=192.168.1.255 nmask=255.255.255.0
Domain=[WIN] OS=[Unix] Server=[Samba 2.2.8a-SuSE]
tree connect failed: NT_STATUS_WRONG_PASSWORD
Cu parola GRESITA
smbclient //silviu/public -U deleteme%ad
added interface ip=192.168.1.87 bcast=192.168.1.255 nmask=255.255.255.0
session setup failed: NT_STATUS_LOGON_FAILURE
Se observa erorile diferite NT_STATUS
Din loguri reiese ca userul este mapat la nobody. De ce? Ca doar
exista in domeniul de windoze (w2k DC), ma pot loga cu el.
De asemenea, wbinfo -u sau -g sau -t merg toate, deci problema este la
autentificare, cumva.
samba 2.2.8a
Imi scapa ceva la configurare? Macar merge chestia asta la cineva cu
samba 2.2.8a?
Logurile serverului, cand incerc sa accesez cu parola corecta.
cat /var/log/samba/log.smbd
[2003/09/10 14:38:42, 3] smbd/oplock.c:init_oplocks(1214)
open_oplock_ipc: opening loopback UDP socket.
[2003/09/10 14:38:42, 3] lib/util_sock.c:open_socket_in(813)
bind succeeded on port 0
[2003/09/10 14:38:42, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(298)
Linux kernel oplocks enabled
[2003/09/10 14:38:42, 3] smbd/oplock.c:init_oplocks(1245)
open_oplock ipc: pid = 31751, global_oplock_port = 33978
[2003/09/10 14:38:43, 3] smbd/process.c:process_smb(846)
Transaction 0 of length 72
[2003/09/10 14:38:43, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=SILVIU name2=SILVIU
[2003/09/10 14:38:43, 2] smbd/reply.c:reply_special(111)
netbios connect: local=silviu remote=silviu
[2003/09/10 14:38:43, 3] smbd/process.c:process_smb(846)
Transaction 1 of length 168
[2003/09/10 14:38:43, 3] smbd/process.c:switch_message(685)
switch message SMBnegprot (pid 31751)
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:set_sec_ctx(329)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [LANMAN1.0]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [LM1.2X002]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [Samba]
[2003/09/10 14:38:43, 3] smbd/negprot.c:reply_negprot(426)
Selected protocol NT LANMAN 1.0
[2003/09/10 14:38:43, 3] smbd/process.c:process_smb(846)
Transaction 2 of length 137
[2003/09/10 14:38:43, 3] smbd/process.c:switch_message(685)
switch message SMBsesssetupX (pid 31751)
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:set_sec_ctx(329)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 3] smbd/reply.c:reply_sesssetup_and_X(880)
Domain=[WIN] NativeOS=[Unix] NativeLanMan=[Samba]
[2003/09/10 14:38:43, 3] smbd/reply.c:reply_sesssetup_and_X(890)
sesssetupX:name=[DELETEME]
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_lmhosts(769)
resolve_lmhosts: Attempting lmhosts lookup for name WIN<0x1b>
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_wins(710)
resolve_wins: Attempting wins lookup for name WIN<0x1b>
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_wins(728)
resolve_wins: WINS server == <192.168.1.61>
[2003/09/10 14:38:43, 3] lib/util_sock.c:open_socket_in(813)
bind succeeded on port 0
[2003/09/10 14:38:43, 2] libsmb/namequery.c:name_query(421)
Got a positive name query response from 192.168.1.61 ( 192.168.1.61 )
[2003/09/10 14:38:43, 3] lib/util_sock.c:open_socket_in(813)
bind succeeded on port 0
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_lmhosts(769)
resolve_lmhosts: Attempting lmhosts lookup for name GENESYSDC<0x20>
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_hosts(809)
resolve_hosts: Attempting host lookup for name GENESYSDC<0x20>
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_wins(710)
resolve_wins: Attempting wins lookup for name GENESYSDC<0x20>
[2003/09/10 14:38:43, 3] libsmb/namequery.c:resolve_wins(728)
resolve_wins: WINS server == <192.168.1.61>
[2003/09/10 14:38:43, 3] lib/util_sock.c:open_socket_in(813)
bind succeeded on port 0
[2003/09/10 14:38:43, 2] libsmb/namequery.c:name_query(421)
Got a positive name query response from 192.168.1.61 ( 192.168.1.61 )
[2003/09/10 14:38:43, 3] lib/util_sock.c:open_socket_out(845)
Connecting to 192.168.1.61 at port 445
[2003/09/10 14:38:43, 3] smbd/reply.c:smb_create_user(543)
smb_create_user: Running the command `echo deleteme >>
/root/whatuser' gave 0
[2003/09/10 14:38:43, 3] smbd/reply.c:reply_sesssetup_and_X(1070)
No such user deleteme [WIN] - using guest account
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:push_sec_ctx(297)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/09/10 14:38:43, 3] smbd/uid.c:push_conn_ctx(286)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:set_sec_ctx(329)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:get_current_groups(172)
get_current_groups: user is in 2 groups: 65533, 65534
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:pop_sec_ctx(436)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:get_current_groups(172)
get_current_groups: user is in 2 groups: 65533, 65534
[2003/09/10 14:38:43, 3] smbd/uid.c:fetch_sid_from_gid_cache(670)
fetch sid from gid cache 10000 ->
S-1-5-21-1078081533-1343024091-839522115-513
[2003/09/10 14:38:43, 3] smbd/password.c:register_vuid(336)
uid 65534 registered to name nobody
[2003/09/10 14:38:43, 3] smbd/password.c:register_vuid(338)
Clearing default real name
[2003/09/10 14:38:43, 3] smbd/password.c:register_vuid(340)
User name: nobody Real name: nobody
[2003/09/10 14:38:43, 3] smbd/process.c:process_smb(846)
Transaction 3 of length 70
[2003/09/10 14:38:43, 3] smbd/process.c:switch_message(685)
switch message SMBtconX (pid 31751)
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:set_sec_ctx(329)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 2] smbd/service.c:make_connection(331)
Invalid username/password for public [nobody]
[2003/09/10 14:38:43, 3] smbd/error.c:error_packet(113)
error packet at smbd/reply.c(166) cmd=117 (SMBtconX)
NT_STATUS_WRONG_PASSWORD
[2003/09/10 14:38:43, 3] smbd/process.c:timeout_processing(1066)
end of file from client
[2003/09/10 14:38:43, 3] smbd/sec_ctx.c:set_sec_ctx(329)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/09/10 14:38:43, 2] smbd/server.c:exit_server(511)
Closing connections
[2003/09/10 14:38:43, 3] smbd/connection.c:yield_connection(48)
Yielding connection to
[2003/09/10 14:38:43, 3] smbd/server.c:exit_server(545)
Server exit (normal exit)
--
Linux/Unix Systems Engineer Genesys [ http://www.genesys.ro ]
Mobile +40723-267961
---
Detalii despre listele noastre de mail: http://www.lug.ro/
