Hello all, I've recently posted here for help with a Samba domain member system which seems to lose it's domain membership. I want to discuss it a little more. I have more information. I'm after comments and suggestions for troubleshooting. Also, i say "loses membership" but i don't really know if it has lost it. Just doesn't work anymore until i re-join the Samba system to the domain.
I have noticed this behaviour with two sites (installations) now. Both are CentOS systems with Samba versions as follows: samba-*-3.5.10-125.el6.x86_64 samba-*-3.5.10-115.el6_2.x86_64 I successfully join these systems to Active Directory domains (2008 r2 DC's) using the following command. The system can then do as i need and "wbinfo" works: net join -U Administrator%MyPass After some time the Samba servers will stop functioning as expected and users will get 'access denied' errors. "wbinfo" stops working. Some error messages: LOG FILE: "/var/log/samba/log.wb-MYDOM" [2012/11/12 13:20:43.338947, 0] libsmb/cliconnect.c:1052(cli_session_setup_spnego) Kinit failed: Preauthentication failed [2012/11/12 13:20:43.459457, 2] winbindd/winbindd_pam.c:2121(winbindd_dual_pam_auth_crap) NTLM CRAP authentication for user [MYDOM]\[myuser] returned NT_STATUS_ACCESS_DENIED (PAM: 4) Notice Kinit in the above error. I have not configured Kerberos at this point. I have not identified consistent time intervals for these 'drop-outs'. I have not updated (YUM) these systems between the joining and dropping from the domains. What might cause this? -- -Andrew Galdes Managing Director RHCSA, LPI, CCENT AGIX Linux Ph: 08 7324 4429 Mb: 0422 927 598 Site: http://www.agix.com.au Twitter: http://twitter.com/agixlinux LinkedIn: http://au.linkedin.com/in/andrewgaldes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
