from:"shaista.bano"

[Samba] cannot login as with domain userid's on AIX

2005-02-17 Thread shaista.bano

Hi 

I am trying to configure Samba with ADS integration on AIX 5.2.

 

I am unable to login to the Aix server using credentials of Domain user.

 

I am able to join to windows Domain and able to fetch list of windows
domain users with the command

/usr/local/samba/bin/wbinfo -u and also the groups with
usr/local/samba/bin/wbinfo -g .

 

I have added the below line methods.cfg

WINBIND

program = /usr/lib/security/WINBIND

options = authonly

 

Also included 

Default:

SYSTEM = WINBIND or compat in /etc/security/user file.

 

/usr/local/samba/bin/smbclient -k -U administrator -L
mailsrvr.restore.com  - works fine too

 

Kinit works fine.

Output of klist is : 

Ticket cache: FILE:/tmp/krb5cc_0

Default principal: [EMAIL PROTECTED]

 

Valid starting ExpiresService principal

02/17/05 15:37:01  02/18/05 01:37:04  krbtgt/[EMAIL PROTECTED]

renew until 02/18/05 15:37:01

02/17/05 16:07:14  02/18/05 01:37:04  [EMAIL PROTECTED]

renew until 02/18/05 15:37:01

 

Kerberos 4 ticket cache: /tmp/tkt0

klist: You have no tickets cached

 

The /var/log/samba/winbindd.log has the following: 

 

[2005/02/17 16:30:50, 3] nsswitch/winbindd_ads.c:trusted_domains(832)

  ads: trusted_domains

[2005/02/17 16:30:50, 3] libads/ldap.c:ads_connect(247)

  Connected to LDAP server 10.80.0.120

[2005/02/17 16:30:50, 3] libads/ldap.c:ads_server_info(2432)

  got ldap server name [EMAIL PROTECTED], using bind path:
dc=RESTORE,dc=COM

[2005/02/17 16:30:50, 3] nsswitch/winbindd_cm.c:cm_get_ipc_userpass(109)

  IPC$ connections done anonymously

[2005/02/17 16:30:50, 3] libsmb/cliconnect.c:cli_start_connection(1382)

  Connecting to host=MAILSRVR

[2005/02/17 16:30:50, 3] lib/util_sock.c:open_socket_out(752)

  Connecting to 10.80.0.120 at port 445

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(713)

  Doing spnego session setup (blob length=109)

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 48018 1 2 2

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 113554 1 2 2

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 113554 1 2 2 3

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 3 6 1 4 1 311 2 2 10

[2005/02/17 16:30:50, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(745)

  got [EMAIL PROTECTED]

[2005/02/17 16:30:51, 2]
libsmb/cliconnect.c:cli_session_setup_kerberos(538)

  Doing kerberos session setup

[2005/02/17 16:30:51, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(319)

  Ticket in ccache[MEMORY:cliconnect] expiration Fri, 18 Feb 2005
02:31:08 PAKST

[2005/02/17 16:35:51, 3] nsswitch/winbindd_ads.c:trusted_domains(832)

  ads: trusted_domains

[2005/02/17 16:35:51, 3] libads/ldap.c:ads_connect(247)

  Connected to LDAP server 10.80.0.120

[2005/02/17 16:35:51, 3] libads/ldap.c:ads_server_info(2432)

  got ldap server name [EMAIL PROTECTED], using bind path:
dc=RESTORE,dc=COM

[2005/02/17 16:35:51, 3] nsswitch/winbindd_cm.c:cm_get_ipc_userpass(109)

  IPC$ connections done anonymously

[2005/02/17 16:35:51, 3] libsmb/cliconnect.c:cli_start_connection(1382)

  Connecting to host=MAILSRVR

[2005/02/17 16:35:51, 3] lib/util_sock.c:open_socket_out(752)

  Connecting to 10.80.0.120 at port 445

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(713)

  Doing spnego session setup (blob length=109)

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 48018 1 2 2

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 113554 1 2 2

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 2 840 113554 1 2 2 3

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(738)

  got OID=1 3 6 1 4 1 311 2 2 10

[2005/02/17 16:35:51, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(745)

  got [EMAIL PROTECTED]

[2005/02/17 16:35:51, 2]
libsmb/cliconnect.c:cli_session_setup_kerberos(538)

  Doing kerberos session setup

[2005/02/17 16:35:51, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(319)

Ticket in ccache[MEMORY:cliconnect] expiration Fri, 18 Feb 2005 02:41:08
PAKST

 

 

I am looking for the steps that need to be followed on the PAM / krb
side to be able to login to AIX

Server with the windows domain user credentials

 

Here are my smb.conf and krb5.

Any help on this would be great.

 

Smb.conf

 

[workgroup = restore

server string = Samba Server

log file = /var/log/samba/%m.log

log level = 3

max log size = 50

security =  ADS

realm = RESTORE.COM

use kerberos keytab = Yes

password server =  10.80.0.120

winbind separator = #

idmap uid = 1-2

idmap gid = 1-2

winbind cache time = 15

winbind

[Samba] Samba configuration on AIX 5.2

2005-02-15 Thread shaista.bano

Hi ,

 

 

I am trying to configure Samba with ADS integration on AIX 5.2.

 

I am able to join to windows Domain and able to fetch list of windows
domain users with the command

/usr/local/samba/bin/wbinfo -u and also the groups with
usr/local/samba/bin/wbinfo -u .

I have added the below line methods.cfg

 

WINBIND

program = /usr/lib/security/WINBIND

options = authonly

 

I am unable to login to the Aix server using credentials of Domain user.

 

This process does not give any significant error in  winbindd.log .

 

I am looking for the steps that need to be followed on the PAM / krb
side to be able to login to AIX

Server with the windows domain user credentials

 

Here are my smb.conf and krb5.

Any help on this would be great.

 

Smb.conf

 

[global]

 

workgroup = restore

server string = Samba Server

log file = /var/log/samba/%m.log

max log size = 50

security =  ADS

realm = restore.com

password server =  10.80.0.120

 

# Winbind config.###

winbind separator = #

idmap uid = 1-2

idmap gid = 1-2

winbind cache time = 15

winbind enum users = yes

winbind enum groups = yes

template homedir = /home/%D/%U

template shell = /bin/bash

winbind use default domain = yes

 

[homes]

comment = Home Directories

browseable = no

writeable = yes

create mask = 0640

 

krb5.conf

 

[libdefaults]

default_realm = RESTORE.COM

ticket_lifetime = 24000

dns_lookup_realm = true

dns_lookup_kdc = true

krb4_config = /usr/krb5-1.3.6/src/config-files/krb.conf

 

[realms]

RESTORE.COM  = {

admin_server = mailsrvr.restore.com

kdc = mailsrvr.restore.com

default_domain = RESTORE.COM

}

 

 

[kdc]

 profile = /usr/krb5-1.3.6/src/config-files/kdc.conf

 

[domain_realm]

.restore.com = RESTORE.COM

 restore.com = RESTORE.COM

 

[logging]

#   kdc = CONSOLE

 default = FILE:/var/log/krb5libs.log

 kdc = FILE:/var/log/krb5kdc.log

 admin_server = FILE:/var/log/kadmind.log

 

[appdefaults]

 pam = {

   debug = true

   ticket_lifetime = 36000

   renew_lifetime = 36000

   forwardable = true

   krb4_convert = false

 }

 

Regards,

Shaista 



DISCLAIMER:
This message contains privileged and confidential information and is intended 
only for the individual named.If you are not the intended recipient you should 
not disseminate,distribute,store,print, copy or deliver this message.Please 
notify the sender immediately by e-mail if you have received this e-mail by 
mistake and delete this e-mail from your system.E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be 
intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain 
viruses.The sender therefore does not accept liability for any errors or 
omissions in the contents of this message which arise as a result of e-mail 
transmission. If verification is required please request a hard-copy version.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] error duing executing make of samba on aix

2005-02-08 Thread shaista.bano

Hi ,

 

I am facing a problem while configuring Samba on AIX 5.2. The configure
completes without any issues , but getting an error while running

make . Any pointers to this problem will be helpfull.

 

Options used for Configure are - ./configure --with-winbind --with-ldap
--with-ads --with-pam 

Here is the Error - 

 

# make

Using FLAGS =  -O -I/usr/local/include -I./popt -Iinclude
-I/usr/samba-3.0.1/sou

rce/include -I/usr/samba-3.0.1/source/ubiqx
-I/usr/samba-3.0.1/source/smbwrapper

  -I. -I/usr/local/include -I/usr/samba-3.0.1/source

  LIBS =

  LDSHFLAGS = -Wl,-bexpall,-bM:SRE,-bnoentry,-berok

  LDFLAGS =

Compiling nsswitch/pam_winbind.c with -O2

nsswitch/pam_winbind.c: In function `converse':

nsswitch/pam_winbind.c:67: warning: passing arg 3 of `pam_get_item' from
incompa

tible pointer type

nsswitch/pam_winbind.c:70: warning: passing arg 2 of pointer to function
from in

compatible pointer type

nsswitch/pam_winbind.c: In function `_make_remark':

nsswitch/pam_winbind.c:85: warning: assignment discards qualifiers from
pointer

target type

nsswitch/pam_winbind.c: In function `_winbind_read_password':

nsswitch/pam_winbind.c:297: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

nsswitch/pam_winbind.c:309: error: `PAM_AUTHTOK_RECOVER_ERR' undeclared
(first u

se in this function)

nsswitch/pam_winbind.c:309: error: (Each undeclared identifier is
reported only

once

nsswitch/pam_winbind.c:309: error: for each function it appears in.)

nsswitch/pam_winbind.c:330: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:338: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:344: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:402: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:417: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_authenticate':

nsswitch/pam_winbind.c:428: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:461: error: syntax error before int

nsswitch/pam_winbind.c:472: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_acct_mgmt':

nsswitch/pam_winbind.c:482: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:518: error: syntax error before int

nsswitch/pam_winbind.c:528: error: syntax error before int

nsswitch/pam_winbind.c:540: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_chauthtok':

nsswitch/pam_winbind.c:559: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c:636: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

make: 1254-004 The error code from the last command is 1.

 

Stop.

 

Thanks

Shaista

 



DISCLAIMER:
This message contains privileged and confidential information and is intended 
only for the individual named.If you are not the intended recipient you should 
not disseminate,distribute,store,print, copy or deliver this message.Please 
notify the sender immediately by e-mail if you have received this e-mail by 
mistake and delete this e-mail from your system.E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be 
intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain 
viruses.The sender therefore does not accept liability for any errors or 
omissions in the contents of this message which arise as a result of e-mail 
transmission. If verification is required please request a hard-copy version.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problem while configuring Samba

2005-02-02 Thread shaista.bano

Hi ,

 

I am facing a problem while configuring Samba on AIX 5.2. The configure
completes without any issues , but getting an error while running

make . Any pointers to this problem will be helpfull.

 

Options used for Configure are - ./configure --with-winbind --with-ldap
--with-ads --with-pam 

Here is the Error - 

 

# make

Using FLAGS =  -O -I/usr/local/include -I./popt -Iinclude
-I/usr/samba-3.0.1/sou

rce/include -I/usr/samba-3.0.1/source/ubiqx
-I/usr/samba-3.0.1/source/smbwrapper

  -I. -I/usr/local/include -I/usr/samba-3.0.1/source

  LIBS =

  LDSHFLAGS = -Wl,-bexpall,-bM:SRE,-bnoentry,-berok

  LDFLAGS =

Compiling nsswitch/pam_winbind.c with -O2

nsswitch/pam_winbind.c: In function `converse':

nsswitch/pam_winbind.c:67: warning: passing arg 3 of `pam_get_item' from
incompa

tible pointer type

nsswitch/pam_winbind.c:70: warning: passing arg 2 of pointer to function
from in

compatible pointer type

nsswitch/pam_winbind.c: In function `_make_remark':

nsswitch/pam_winbind.c:85: warning: assignment discards qualifiers from
pointer

target type

nsswitch/pam_winbind.c: In function `_winbind_read_password':

nsswitch/pam_winbind.c:297: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

nsswitch/pam_winbind.c:309: error: `PAM_AUTHTOK_RECOVER_ERR' undeclared
(first u

se in this function)

nsswitch/pam_winbind.c:309: error: (Each undeclared identifier is
reported only

once

nsswitch/pam_winbind.c:309: error: for each function it appears in.)

nsswitch/pam_winbind.c:330: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:338: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:344: warning: assignment discards qualifiers from
pointer

 target type

nsswitch/pam_winbind.c:402: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:417: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_authenticate':

nsswitch/pam_winbind.c:428: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:461: error: syntax error before int

nsswitch/pam_winbind.c:472: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_acct_mgmt':

nsswitch/pam_winbind.c:482: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c: At top level:

nsswitch/pam_winbind.c:518: error: syntax error before int

nsswitch/pam_winbind.c:528: error: syntax error before int

nsswitch/pam_winbind.c:540: error: syntax error before int

nsswitch/pam_winbind.c: In function `pam_sm_chauthtok':

nsswitch/pam_winbind.c:559: warning: passing arg 2 of `pam_get_user'
from incomp

atible pointer type

nsswitch/pam_winbind.c:636: warning: passing arg 3 of `pam_get_item'
from incomp

atible pointer type

make: 1254-004 The error code from the last command is 1.

 

Stop.

 

Thanks

 

 



DISCLAIMER:
This message contains privileged and confidential information and is intended 
only for the individual named.If you are not the intended recipient you should 
not disseminate,distribute,store,print, copy or deliver this message.Please 
notify the sender immediately by e-mail if you have received this e-mail by 
mistake and delete this e-mail from your system.E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be 
intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain 
viruses.The sender therefore does not accept liability for any errors or 
omissions in the contents of this message which arise as a result of e-mail 
transmission. If verification is required please request a hard-copy version.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] cannot login as with domain userid's on AIX

[Samba] Samba configuration on AIX 5.2

[Samba] error duing executing make of samba on aix

[Samba] Problem while configuring Samba

4 matches

Site Navigation

Mail list logo

Footer information