Re: [Samba] Samba file sharing with AD authentication doesn't work on some boxes
- Date: Tue, 4 Apr 2017 16:20:31 +0200
- From: "L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Samba file sharing with AD authentication doesn't work on some boxes
I suggest you start reading here:
and if you want to use winbind and not sssd.
read : https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
Now i dont use sssd and there is an other mailing list for sssd, ( sssd is not related to samba (yet) but my guesses are..
- your keytab is expiring and not refreshed.
- Time out of sync between the servers.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens amit kumar via
> Verzonden: dinsdag 4 april 2017 15:38
> Aan: me@xxxxxxxxxxxxxxxxx
> CC: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Samba file sharing with AD authentication doesn't
> work on some boxes
> Try configure samba-servers with kerberos authentication from AD.
> On 04/04/2017 05:01 PM, Vitaly Karasik via samba wrote:
> > I have a few RHEL7 boxes, all of them are members in MS Win domain using
> > SSSD. All of these linuxes run Samba for file sharing with the same
> > Usually it works nice, but from time to time users cannot map Samba
> > folders, with the following message in the log:
> > [2017/03/07 14:58:27.050493, 0]
> > ../source3/auth/auth_domain.c:121(connect_to_domain_password_server)
> > connect_to_domain_password_server: unable to open the domain client
> > session to machine DC03.example.LOCAL. Error was :
> > [2017/03/07 14:58:27.050756, 0]
> > ../source3/auth/auth_domain.c:184(domain_client_validate)
> > domain_client_validate: Domain password server not available.
> > "From time to time" - i.e., sometimes certain Samba box is broken for a
> > long time, sometime some box is stopping to work for some time.
> > Unfortunately, I cannot blame MS Win admins because in the same time
> > Samba boxes are OK when others are broken. Any ideas?
> > My Samba is samba-4.4.4-12.el7_3.x86_64, config is
> > security = ADS
> > passdb backend = tdbsam
> > realm = EXAMPLE.LOCAL
> > password server = x.x.x.x y.y.y.y
> > Any ideas?
> > Thank you,
> > Vitaly
> Amit Kumar
> There are three ways to get something done:
> (1) Do it yourself.
> (2) Hire someone to do it for you.
> (3) Forbid your kids to do it.
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the