Web lists-archives.com

Re: [Samba] Key table name malformed




Yes, post the complete smb.conf.. when what os your running. 
Then we can have a look better whats going on.

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens mj via samba
> Verzonden: dinsdag 4 april 2017 20:17
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Key table name malformed
> 
> Hi all,
> 
> On 04/04/2017 04:55 PM, lists via samba wrote:
> >
> > However: "getent passwd" does NOT work correctly:
> >
> >> user1:*:22185:513::/home/WRKGRP/user1:/bin/false
> >> user2:*:29969:513::/home/WRKGRP/user2:/bin/false
> >
> > The uid/gid IS taken from AD, but homedirectory and shell are NOT the
> > ones defined in AD. (making it look like the old samba 4.1 situation,
> > where winbind took uid/gid from AD, but shell / homedirectory were from
> > a template)
> 
> Reading the release notes for samba 4.6 on the member server, I have
> solved the "getent passwd" issue.
> 
> It seems we need to specify in smb.conf:
> 
> idmap config WRKGRP:unix_nss_info = yes
> 
> And yes, after adding this, the home directory and shell are correctly
> imported from AD.
> 
> However, the rest of the question remains: why does the domain join not
> generate a krb5.keytab? The computer account IS created/visible in AD,
> just the keytab is not generated.
> 
> And (probably as a result of that?) I cannot logon (ssh or console) as
> an AD domain user:
> 
> > Apr  4 19:57:01 processing sshd[1159]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=54f.fth.concepts.com  user=username
> > Apr  4 19:57:01 processing sshd[1159]: pam_winbind(sshd:auth): getting
> password (0x00000388)
> > Apr  4 19:57:01 processing sshd[1159]: pam_winbind(sshd:auth):
> pam_get_item returned a password
> > Apr  4 19:57:02 processing sshd[1159]: pam_winbind(sshd:auth): request
> wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_SYSTEM_ERR (4),
> NTSTATUS: NT_STATUS_CONNECTION_DISCONNECTED, Error message was: The
> transport connection is now disconnected.
> > Apr  4 19:57:02 processing sshd[1159]: pam_winbind(sshd:auth): internal
> module error (retval = PAM_SYSTEM_ERR(4), user = 'username')
> > Apr  4 19:57:04 processing sshd[1159]: Failed password for username from
> 84.3.2.25 port 36396 ssh2
> > Apr  4 19:57:17 processing sshd[1159]: Connection closed by 84.3.2.25
> [preauth]
> 
> Any suggestions?
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba