Web lists-archives.com

Re: [Samba] Samba ADS-member-server: FQDNs in /etc/hosts




On Tue, 11 Jul 2017 17:33:51 +0200
"Stefan G. Weichinger" <lists@xxxxxxxx> wrote:

> Am 2017-07-11 um 14:57 schrieb Rowland Penny:
> 
> >> # smbclient \\\\server\\daten -Usgw%PW
> >> session setup failed: NT_STATUS_UNSUCCESSFUL
> > 
> > Restart all the Samba binaries on the DM
> > 
> > Then check that the OS knows your user with:
> > 
> > getent passwd sgw
> 
> libnss_winbind was missing!
> 
> Now both results are the same
> 
> user-names in /etc/passwd ... rmed now
> 
> I was 100% sure to have had that fixed. My fault. I AM SORRY.
> 
> -
> 
> After several restarts of winbind/smbd/nmbd I now have a better
> overall picture, but not fully happy.
> 
> One user gets displayed as "administrator" in smbstatus although he is
> named differently. Other users on other PCs are mapped correctly and
> files are created correctly (= get correct owner and group in linux
> fs).
> 
> For the PC with the problematic issue I see on the DC:
> 
> Jul 11 17:16:25 pre01svdeb02 samba[4657]: [2017/07/11 17:16:25.913628,
> 0]
> ../source4/rpc_server/drsuapi/writespn.c:235(dcesrv_drsuapi_DsWriteAccountSpn)
> Jul 11 17:16:25 pre01svdeb02 samba[4657]:   Failed to modify SPNs on
> CN=PC-2016-03,OU=secret-Computer,DC=secret,DC=at: acl: spn validation
> failed for spn[TERMSRV/PC-2016-03.secret.at] uac[0x1000]
> account[PC-2016-03$] hostname[PC-2016-03.BUERO] nbname[BUERO]
> ntds[(null)] forest[secret.at] domain[secret.at]
> 
> Could that be related?
> 
> On another PC that user works correctly.
> 
> We try a rejoin now ...
> 
> Everything else *seems* to look good now ...

Try running 'net cache flush'

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba