Hi List,
I found some threads here in the list with similar problems, but
nothing helped to solve my problem.
We have a very much to old Samba DC (Version 4.1.x) and a new Samba
4.5.6 which should act as a member server.
smbclient -L 127.0.0.1 -U administrator@baettenhausen.local
Enter administrator@baettenhausen.local's password:
session setup failed: NT_STATUS_LOGON_FAILURE
Here the krb5.conf
On Sat, 18 Mar 2017 07:48:27 +0100I know, I have to....
Stefan Schäfer via samba <samba@lists.samba.org> wrote:
Hi List,Don't suppose you can update the DC to a newer Samba version ?
I found some threads here in the list with similar problems, but
nothing helped to solve my problem.
We have a very much to old Samba DC (Version 4.1.x) and a new Samba
4.5.6 which should act as a member server.
This works for the Administrator account, but I have this Problem withsmbclient -L 127.0.0.1 -U administrator@baettenhausen.localYou should be able to fix this by adding this line to smb.conf:
Enter administrator@baettenhausen.local's password:
session setup failed: NT_STATUS_LOGON_FAILURE
username map = /etc/samba/user.map
Then create the user.map:
nano /etc/samba/user.map
!root = BAETTENHAUSEN\Administrator BAETTENHAUSEN\administrator
Administrator administrator
I tested this before, makes no difference.Here the krb5.confYou only need:
[libdefaults]
default_realm = BAETTENHAUSEN.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
If your TLD really is '.local' turn off Avahi on the domain memberAvahi isn't running.
Rowland
This works for the Administrator account, but I have this Problem
with all users.
It's a user mapping problem?
On Sat, 18 Mar 2017 13:23:29 +0100
Stefan Schäfer via samba <samba@lists.samba.org> wrote:
This works for the Administrator account, but I have this ProblemYou are using the winbind 'ad' backend, Have you given Domain Users a gidNumber attribute containing a number inside the '500-30000' range?
with all users.
It's a user mapping problem?
(by the way, this range isn't a good idea, no space for ANY local Unix users).
Have you also given your users a uidNumber attribute containing a
unique number inside the same range ?
Rowland
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 285 |
Nodes: | 16 (2 / 14) |
Uptime: | 73:36:20 |
Calls: | 6,489 |
Calls today: | 2 |
Files: | 12,096 |
Messages: | 5,275,840 |