No, it's not missing, it's only in the optional step igestis : http://iabsis.com/EN/article/35-7/Installation-d-iGestis-optionnel
You can add igestis repository and install pam-mkhomedir package, or download this file http://open.iabsis.com/subversion/pam-mkhomedir/trunk/mkhomedir at /usr/share/pam-configs/ and run again pam-auth-update. Best regards. Olivier. 2013/3/7 Netwodist <netwod...@gmail.com> > I think there is one thing missing from pam configuration. It is this > line session required pam_mkhomedir.so > > Which creates a home directory if it doesn't exist for the new user in AD > after authentication. > > What do you think Olivier? > > > On 06/03/13 08:02, Dirk Werner wrote: > > Sorry, my mails yesterday did got stuck, don't knwo why. > The WIn client has the sogo server as only DNS Server, I have stopped and > restarted Samba, the file log.samba is very big, here's an excerpt from it > when I try to join the domain and when the message 'Wrong username or > Password' on the Win7 client is shown: > > cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 > user=AIRWERK-NB3$ version=22 guid=(null) > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 > bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 > netmask=255.255.255.0 > [2013/03/05 23:24:55, 5] > ../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request) > cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 > user=AIRWERK-NB3$ version=22 guid=(null) > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 > bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 > netmask=255.255.255.0 > [2013/03/05 23:24:55, 5] > ../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request) > cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 > user=(null) version=22 guid=(null) > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 > bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > [2013/03/05 23:24:55, 4] > ../source4/lib/socket/interface.c:121(add_interface) > added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 > netmask=255.255.255.0 > [2013/03/05 23:24:55, 4] > ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) > dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:01 2013 CET > [2013/03/05 23:24:55, 3] > ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) > Kerberos: TGS-REQ administra...@sogo.airwerk.net from ipv4: > 192.168.40.167:49516 for > cifs/remote.sogo.airwerk....@sogo.airwerk.net[canonicalize, renewable, > forwardable] > [2013/03/05 23:24:55, 3] > ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) > Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime: > 2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till: > 2013-03-12T23:24:54 > [2013/03/05 23:24:55, 3] > ../source4/smbd/service_stream.c:63(stream_terminate_connection) > Terminating connection - 'kdc_tcp_call_loop: > tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' > [2013/03/05 23:24:55, 5] > ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) > imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34 > [2013/03/05 23:24:55, 3] > ../source4/smbd/process_single.c:104(single_terminate) > single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() > - NT_STATUS_CONNECTION_DISCONNECTED] > [2013/03/05 23:24:55, 3] > ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) > Kerberos: TGS-REQ administra...@sogo.airwerk.net from ipv4: > 192.168.40.167:49517 for > krbtgt/sogo.airwerk....@sogo.airwerk.net[renewable-ok, canonicalize, > renewable, forwarded, > forwardable] > [2013/03/05 23:24:55, 3] > ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) > Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime: > 2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till: > 2013-03-12T23:24:54 > [2013/03/05 23:24:55, 3] > ../source4/smbd/service_stream.c:63(stream_terminate_connection) > Terminating connection - 'kdc_tcp_call_loop: > tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' > [2013/03/05 23:24:55, 5] > ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) > imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34 > [2013/03/05 23:24:55, 3] > ../source4/smbd/process_single.c:104(single_terminate) > single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() > - NT_STATUS_CONNECTION_DISCONNECTED] > [2013/03/05 23:25:00, 4] > ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) > dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:06 2013 CET > [2013/03/05 23:25:05, 4] > ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) > dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:11 2013 CET > > On 03/05/2013 11:08 PM, Olivier Bitsch wrote: > > Are you sure that your Windows box is using the IP address of your server > as main DNS server? > > If still not, please try : > > - Stop Samba4 services, check there is no smbd or samba process > working (killall smbd && killall samba). > - Start Samba4 again. > - Check /var/log/samba/log.samba (smbd is used by samba3 process). > > Also, can you give me your /var/log/samba/log.samba file? > > Thanks > > Olivier. > > > 2013/3/5 Dirk Werner <werdi4...@googlemail.com> > >> Thanks for replying! I have the same thing happening with the user >> Administrator. kinit Administrator works fine! >> >> >> On 03/05/2013 11:01 PM, Olivier Bitsch wrote: >> >> It seems that you tried to join with rweissmann username? You have to >> use the "Administrator" account in the windows credential when joining the >> domain. >> >> Additionally, the entry /var/lib/samba/passdb.tdb is probably not used >> by Samba4 as this file is used when Samba4 uses the old tdb has backend >> (now it uses an OpenLDAP fork). >> >> Best regards. >> >> Olivier >> >> >> 2013/3/5 Dirk Werner <werdi4...@googlemail.com> >> >>> Hi Olivier, >>> >>> I have had a new installation today following your tutorial and that >>> went fine through including igestis! However, when I try to join the domain >>> on a windows 7 client, the join fails with 'username or password wrong' and >>> I have the following line in /var/log/samba/log.smbd >>> >>> check_sam_security: Couldn't find user 'rweissmann' in passdb. >>> [2013/03/05 21:41:34.306661, 2] auth/auth.c:319(check_ntlm_password) >>> check_ntlm_password: Authentication for user [rweissmann] -> >>> [rweissmann] FAILED with error NT_STATUS_NO_SUCH_USER >>> [2013/03/05 21:41:34.306735, 3] smbd/error.c:81(error_packet_set) >>> error packet at smbd/sesssetup.c(124) cmd=115 (SMBsesssetupX) >>> NT_STATUS_LOGON_FAILURE >>> >>> >>> samba-tool user list - lists user 'rweissmann' and getent passwd also: >>> >>> SOGO\rweissmann:*:3000022:100:Roland >>> Weissmann:/home/rweissmann:/usr/sbin/nologin >>> >>> When I do tdbdump /var/lib/samba/passdb.tdb : >>> >>> tdbdump /var/lib/samba/passdb.tdb >>> >>> { >>> key(13) = "RID_000001f5\00" >>> data(7) = "nobody\00" >>> } >>> { >>> key(13) = "RID_00000bb8\00" >>> data(6) = "dirkw\00" >>> } >>> { >>> key(19) = "INFO/minor_version\00" >>> data(4) = "\00\00\00\00" >>> } >>> { >>> key(9) = "NEXT_RID\00" >>> data(4) = "\E8\03\00\00" >>> } >>> { >>> key(11) = "USER_dirkw\00" >>> data(174) = >>> "\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\06\00\00\00dirkw\00\07\00\00\00REMOTE\00\01\00\00\00\00\06\00\00\00dirkw\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\B8\0B\00\00\01\02\00\00\00\00\00\00\00\00\00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\EC\04\00\00" >>> } >>> { >>> key(13) = "INFO/version\00" >>> data(4) = "\04\00\00\00" >>> } >>> { >>> key(12) = "USER_nobody\00" >>> data(176) = >>> "\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\07\00\00\00nobody\00\07\00\00\00REMOTE\00\01\00\00\00\00\07\00\00\00nobody\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\01\00\00\00\00\F5\01\00\00\01\02\00\00\00\00\00\00\00\00\00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\EC\04\00\00" >>> } >>> >>> The user rweissmann is indeed not in there, all users, I have created >>> with samba-tool are not contained. Any idea? >>> >>> Best regards >>> Dirk >>> >>> >>> On 03/05/2013 07:39 PM, Olivier Bitsch wrote: >>> >>> To all, >>> >>> I've updated my SOGo tutorial and bring the following fixed (still >>> available at >>> http://iabsis.com/EN/article/35/Samba4-and-OpenChange-on-a-Debian-or-Ubuntu-server/ >>> ) >>> >>> - Add a temporarily and cleaner way to install Samba4 (Thanks >>> to Davor Vusir). >>> - Some small other fixes. >>> >>> Don't hesitate to let me a comment on the website if something work or >>> not. >>> >>> Best regards. >>> >>> >>> 2013/3/5 Ludovic Marcotte <lmarco...@inverse.ca> >>> >>>> On 28/02/13 03:27, Olivier Bitsch wrote: >>>> >>>> Use PostGreSQL by default to avoid the bug >>>> http://tracker.openchange.org/issues/413 >>>> >>>> We identified the bug. MySQL's TEXT data type is limited to 2^16 - 1 = >>>> 65535 bytes, so truncation occurs and thus, a crash (because the cache is >>>> corrupted). >>>> >>>> We'll commit a fix shortly and provide an upgrade script (2.0.4 to >>>> 2.0.5) to adjust the data type for all tables accordingly. >>>> >>>> Thanks, >>>> >>>> -- >>>> Ludovic Marcotte+1.514.755.3630 :: www.inverse.ca >>>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence >>>> (www.packetfence.org) >>>> >>>> >>> >> > > -- users@sogo.nu https://inverse.ca/sogo/lists
