Web lists-archives.com

Re: [Samba] Samba ADS-member-server: FQDNs in /etc/hosts




On Tue, 11 Jul 2017 16:47:14 +0200
"Stefan G. Weichinger" <lists@xxxxxxxx> wrote:

> Am 2017-07-11 um 14:57 schrieb Rowland Penny:
> > On Tue, 11 Jul 2017 14:47:50 +0200
> > "Stefan G. Weichinger" <lists@xxxxxxxx> wrote:
> > 
> >> Am 2017-07-11 um 14:40 schrieb Rowland Penny:
> >>
> >>>> Restarted winbind, did "killall -HUP" on smbd and nmbd.
> >>>>
> >>>> still can't login to DM via smbclient and that mentioned user.
> >>>>
> >>>> I assume I need to restart all the smbd daemons ... ?
> >>>
> >>> Well, you wouldn't be able to, would you, what with having this in
> >>> smb.conf:
> >>>
> >>> template shell = /usr/sbin/nologin
> >>>
> >>> The bit on the end sort of gives it away ;-)
> >>>
> >>> Try changing it to this:
> >>>
> >>> template shell = /bin/bash
> >>
> >> oh my, ok (that was from samba.wiki or so!)
> > 
> > OK, I will look into that.
> > 
> >>
> >> Doesn't change a thing, after restart winbind, and HUP s|nmbd
> >>
> >> ->
> >>
> >>
> >> # smbclient \\\\server\\daten -Usgw%PW
> >> session setup failed: NT_STATUS_UNSUCCESSFUL
> >>
> >>
> >>
> > 
> > Restart all the Samba binaries on the DM
> > 
> > Then check that the OS knows your user with:
> > 
> > getent passwd sgw
> 
> DM restarted, no change.
> 
> 
> [global]
> 	netbios name = SERVER
> 	realm = SECRET.AT
> 	workgroup = BUERO
> 	logon home = ""
> 	logon path = ""
> 	load printers = No
> 	printcap name = /dev/null
> 	dedicated keytab file = /etc/krb5.keytab
> 	kerberos method = secrets and keytab
> 	map to guest = Bad User
> 	map untrusted to domain = Yes
> 	security = ADS
> 	username map = /etc/samba/smbusers
> 	template homedir = /mnt/samba/Daten/%U
> 	template shell = /bin/bash
> 	winbind enum groups = Yes
> 	winbind enum users = Yes
> 	winbind refresh tickets = Yes
> 	winbind use default domain = Yes
> 	idmap config buero:range = 10000-99999
> 	idmap config buero:backend = rid
> 	idmap config *:range = 2000-9999
> 	idmap config * : backend = tdb
> 	printing = bsd
> 
> 
> # smbclient \\\\server\\daten -Usgw%pw
> session setup failed: NT_STATUS_UNSUCCESSFUL
> 
> root@pre01svdeb01:~# getent passwd sgw
> sgw:x:1000:1000:Stefan G. Weichinger,,,:/home/sgw:/bin/bash
> 
> root@pre01svdeb01:~# wbinfo -i sgw
> sgw:*:11041:10513::/mnt/samba/Daten/sgw:/bin/bash

Do you by any chance have a user in /etc/passwd on the DM called 'sgw' ?

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba