I think there is one thing missing from pam configuration. It is this
line session required pam_mkhomedir.so
Which creates a home directory if it doesn't exist for the new user in
AD after authentication.
What do you think Olivier?
On 06/03/13 08:02, Dirk Werner wrote:
Sorry, my mails yesterday did got stuck, don't knwo why.
The WIn client has the sogo server as only DNS Server, I have stopped
and restarted Samba, the file log.samba is very big, here's an excerpt
from it when I try to join the domain and when the message 'Wrong
username or Password' on the Win7 client is shown:
cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3
user=AIRWERK-NB3$ version=22 guid=(null)
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=fe80::5054:ff:fece:108c%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=192.168.40.1 bcast=192.168.40.255
netmask=255.255.255.0
[2013/03/05 23:24:55, 5]
../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request)
cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3
user=AIRWERK-NB3$ version=22 guid=(null)
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=fe80::5054:ff:fece:108c%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=192.168.40.1 bcast=192.168.40.255
netmask=255.255.255.0
[2013/03/05 23:24:55, 5]
../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request)
cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3
user=(null) version=22 guid=(null)
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=fe80::5054:ff:fece:108c%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2013/03/05 23:24:55, 4]
../source4/lib/socket/interface.c:121(add_interface)
added interface eth0 ip=192.168.40.1 bcast=192.168.40.255
netmask=255.255.255.0
[2013/03/05 23:24:55, 4]
../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule)
dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:01 2013 CET
[2013/03/05 23:24:55, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ administra...@sogo.airwerk.net from
ipv4:192.168.40.167:49516 for
cifs/remote.sogo.airwerk....@sogo.airwerk.net [canonicalize,
renewable, forwardable]
[2013/03/05 23:24:55, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime:
2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till:
2013-03-12T23:24:54
[2013/03/05 23:24:55, 3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2013/03/05 23:24:55, 5]
../source4/lib/messaging/messaging.c:554(imessaging_cleanup)
imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34
[2013/03/05 23:24:55, 3]
../source4/smbd/process_single.c:104(single_terminate)
single_terminate: reason[kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2013/03/05 23:24:55, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ administra...@sogo.airwerk.net from
ipv4:192.168.40.167:49517 for krbtgt/sogo.airwerk....@sogo.airwerk.net
[renewable-ok, canonicalize, renewable, forwarded,
forwardable]
[2013/03/05 23:24:55, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime:
2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till:
2013-03-12T23:24:54
[2013/03/05 23:24:55, 3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2013/03/05 23:24:55, 5]
../source4/lib/messaging/messaging.c:554(imessaging_cleanup)
imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34
[2013/03/05 23:24:55, 3]
../source4/smbd/process_single.c:104(single_terminate)
single_terminate: reason[kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2013/03/05 23:25:00, 4]
../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule)
dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:06 2013 CET
[2013/03/05 23:25:05, 4]
../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule)
dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:11 2013 CET
On 03/05/2013 11:08 PM, Olivier Bitsch wrote:
Are you sure that your Windows box is using the IP address of your
server as main DNS server?
If still not, please try :
* Stop Samba4 services, check there is no smbd or samba process
working (killall smbd && killall samba).
* Start Samba4 again.
* Check /var/log/samba/log.samba (smbd is used by samba3 process).
Also, can you give me your /var/log/samba/log.samba file?
Thanks
Olivier.
2013/3/5 Dirk Werner <werdi4...@googlemail.com
<mailto:werdi4...@googlemail.com>>
Thanks for replying! I have the same thing happening with the
user Administrator. kinit Administrator works fine!
On 03/05/2013 11:01 PM, Olivier Bitsch wrote:
It seems that you tried to join with rweissmann username? You
have to use the "Administrator" account in the windows
credential when joining the domain.
Additionally, the entry /var/lib/samba/passdb.tdb is probably
not used by Samba4 as this file is used when Samba4 uses the old
tdb has backend (now it uses an OpenLDAP fork).
Best regards.
Olivier
2013/3/5 Dirk Werner <werdi4...@googlemail.com
<mailto:werdi4...@googlemail.com>>
Hi Olivier,
I have had a new installation today following your tutorial
and that went fine through including igestis! However, when
I try to join the domain on a windows 7 client, the join
fails with 'username or password wrong' and I have the
following line in /var/log/samba/log.smbd
check_sam_security: Couldn't find user 'rweissmann' in passdb.
[2013/03/05 21:41:34.306661, 2]
auth/auth.c:319(check_ntlm_password)
check_ntlm_password: Authentication for user [rweissmann]
-> [rweissmann] FAILED with error NT_STATUS_NO_SUCH_USER
[2013/03/05 21:41:34.306735, 3]
smbd/error.c:81(error_packet_set)
error packet at smbd/sesssetup.c(124) cmd=115
(SMBsesssetupX) NT_STATUS_LOGON_FAILURE
samba-tool user list - lists user 'rweissmann' and getent
passwd also:
SOGO\rweissmann:*:3000022:100:Roland
Weissmann:/home/rweissmann:/usr/sbin/nologin
When I do tdbdump /var/lib/samba/passdb.tdb :
tdbdump /var/lib/samba/passdb.tdb
{
key(13) = "RID_000001f5\00"
data(7) = "nobody\00"
}
{
key(13) = "RID_00000bb8\00"
data(6) = "dirkw\00"
}
{
key(19) = "INFO/minor_version\00"
data(4) = "\00\00\00\00"
}
{
key(9) = "NEXT_RID\00"
data(4) = "\E8\03\00\00"
}
{
key(11) = "USER_dirkw\00"
data(174) =
"\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\06\00\00\00dirkw\00\07\00\00\00REMOTE\00\01\00\00\00\00\06\00\00\00dirkw\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\B8\0B\00\00\01\02\00\00\00\00\00\00\00\00\00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\EC\04\00\00"
}
{
key(13) = "INFO/version\00"
data(4) = "\04\00\00\00"
}
{
key(12) = "USER_nobody\00"
data(176) =
"\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\07\00\00\00nobody\00\07\00\00\00REMOTE\00\01\00\00\00\00\07\00\00\00nobody\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\F5\01\00\00\01\02\00\00\00\00\00\00\00\00\00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\EC\04\00\00"
}
The user rweissmann is indeed not in there, all users, I
have created with samba-tool are not contained. Any idea?
Best regards
Dirk
On 03/05/2013 07:39 PM, Olivier Bitsch wrote:
To all,
I've updated my SOGo tutorial and bring the following fixed
(still available at
http://iabsis.com/EN/article/35/Samba4-and-OpenChange-on-a-Debian-or-Ubuntu-server/)
* Add a temporarily and cleaner way to install Samba4
(Thanks to Davor Vusir).
* Some small other fixes.
Don't hesitate to let me a comment on the website if
something work or not.
Best regards.
2013/3/5 Ludovic Marcotte <lmarco...@inverse.ca
<mailto:lmarco...@inverse.ca>>
On 28/02/13 03:27, Olivier Bitsch wrote:
# Use PostGreSQL by default to avoid the bug
http://tracker.openchange.org/issues/413
We identified the bug. MySQL's TEXT data type is
limited to 2^16 - 1 = 65535 bytes, so truncation occurs
and thus, a crash (because the cache is corrupted).
We'll commit a fix shortly and provide an upgrade
script (2.0.4 to 2.0.5) to adjust the data type for all
tables accordingly.
Thanks,
--
Ludovic Marcotte
+1.514.755.3630 <tel:%2B1.514.755.3630> ::www.inverse.ca
<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>)
and PacketFence (www.packetfence.org <http://www.packetfence.org>)
--
users@sogo.nu
https://inverse.ca/sogo/lists
