On 09/01/2011 06:32 PM, Dale Schroeder wrote: > On 09/01/2011 5:27 AM, Bruno Martins wrote: >> On 09/01/2011 11:11 AM, David Roid wrote: >>> Check out what does /var/log/samba/log say about logon failure? Also >>> do you >>> enable "ntlm auth"? >>> >>> -David >>> >>> 2011/9/1 Bruno Martins<[email protected]> >>> >>>> On 08/31/2011 06:57 PM, Dale Schroeder wrote: >>>>> Bruno, >>>>> >>>>> This is not a valid option: >>>>> >>>>> idmap backend = 192.168.0.2 >>>>> >>>>> The default is tdb, but there is also rid, ad, and ldap. >>>>> >>>>> Dale >>>>> >>>>> >>>>> On 08/31/2011 5:57 AM, Bruno Martins wrote: >>>>>> Hello everyone. >>>>>> >>>>>> I am setting up a Debian-based file and print server and I am not >>>>>> being able >>>>>> to authenticate with AD credentials. I think the error message is >>>>>> this >>>>>> one: >>>>>> joe@sputnik:~$ tail /var/log/samba/log.__ffff_192.168.0.101 >>>>>> [2011/08/31 11:19:54.415130, 1] >>>>>> smbd/sesssetup.c:454(reply_spnego_kerberos) >>>>>> Username GALILEU-F\bmartins is invalid on this system >>>>>> >>>>>> More information about the system: >>>>>> joe@sputnik:~$ uname -r >>>>>> 2.6.32-5-686 >>>>>> >>>>>> joe@sputnik:~$ wbinfo -g >>>>>> domain guests >>>>>> domain users >>>>>> domain computers >>>>>> group policy creator owners >>>>>> cert publishers >>>>>> domain controllers >>>>>> exchange domain servers >>>>>> domain admins >>>>>> (...) >>>>>> >>>>>> joe@sputnik:~$ wbinfo -u >>>>>> SPUTNIK\nobody >>>>>> SPUTNIK\root >>>>>> a230w >>>>>> sqlexecutivecmdexec >>>>>> ghelpdesk >>>>>> pbernardo >>>>>> (...) >>>>>> >>>>>> My smb.conf: >>>>>> http://pastebin.com/5vMg5X82 >>>>>> >>>>>> ... and my krb5.conf: >>>>>> http://pastebin.com/SE9Pmt0Y >>>>>> >>>>>> ... also my nsswitch.conf: >>>>>> http://pastebin.com/psL9SksW >>>>>> >>>>>> Can anyone please help me? >>>>>> >>>>>> Best regards, >>>>>> >>>>>> Bruno Martins >>>> Good morning, >>>> >>>> I have changed that parameter to 'idmap backend = tdb' and even 'idmap >>>> backend = ad' but didn't work. >>>> >>>> I keep getting this error: >>>> root@sputnik:/home/joe# smbclient -L //localhost -U bmartins >>>> Enter bmartins's password: >>>> session setup failed: NT_STATUS_LOGON_FAILURE >>>> >>>> Also, 'testparm' doesn't show me that line, but that may be normal. >>>> >>>> And, by the way, when I do a 'getent passwd', the output just show me >>>> local users, not domain ones. >>>> >>>> Best regards, >>>> >>>> Bruno Martins >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >> Hello David, >> >> Thanks for your help. >> >> Let me show you the output of some commands that may ask your second >> question: >> http://pastebin.com/Rj3Shbeu >> >> Regarding to logs, I have noticed a strange thing: >> http://pastebin.com/yMaQek0h >> >> Is this a normal behaviour? > Apparently so because I have seen those messages on working winbind > systems. > > Compare your setup to the following to see if you might have missed > anything. > > http://www.enterprisenetworkingplanet.com/netos/article.php/3487081/Join-Samba-3-to-Your--Active-Directory-Domain.htm > > > http://www.enterprisenetworkingplanet.com/netsysm/article.php/3502441/Join-Linux-to-Active-Directory-With-Winbind.htm > > > Dale >> >> Best regards, >> >> Bruno Martins >> . >>
Hello, I can't believe the problem is related to the fact that I didn't have add my KDC to /etc/hosts. :-) It's done now! I'll continue the setup. Thanks a lot, Dale, and everyone. Best regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
