Web lists-archives.com

Re: [Samba] Fwd: Having problem with RID backend - must be missing something




On Sun, 16 Sep 2018 10:07:39 +0100
Rowland Penny via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On Sat, 15 Sep 2018 19:00:10 +0100
> Rowland Penny via samba <samba@xxxxxxxxxxxxxxx> wrote:
> 
> > On Sat, 15 Sep 2018 13:08:20 -0400 (EDT)
> > Rich Webb via samba <samba@xxxxxxxxxxxxxxx> wrote:
> > 
> > > ----- On Sep 15, 2018, at 4:32 AM, Rowland Penny via samba
> > > samba@xxxxxxxxxxxxxxx wrote:
> > > 
> > > > 
> > > > Including modifying /etc/nsswitch.conf ?
> > > > 
> > > 
> > > Yep.
> > > 
> > > >> 
> > > >> Yes, that is how I did it - I compiled from source.
> > > > 
> > > > Exactly as per the Samba wiki using Heimdal instead of MIT ?
> > > > 
> > > 
> > > Yes - I followed this article:
> > > https://wiki.samba.org/index.php/Build_Samba_from_Source
> > >
> > 
> > Okay, I was checking if you are using MIT, you aren't, good.
> >  
> > > I really would prefer to use an RPM build but there doesn't seem
> > > to be any well maintained ones other than SerNet which has
> > > decided to charge for their RPMs now.  I had thought about seeing
> > > if someone wanted to help create an RPM build for CentOS 7 so it
> > > would eliminate the need to compile from source to get an AD DC.
> > > I have never taken on such an endeavor but the experience would
> > > probably be well worthwhile and final product rewarding :)
> > 
> > This would indeed be a good idea, even if red-hat get their act
> > together, mainly because it seems that no distro can keep up with
> > Samba ;-)
> > 
> > > 
> > > If you're wondering why I don't use a Debian based build such as
> > > Ubuntu the reason is that I have been burned by their update
> > > system too many times.  Yum (on CentOS) just always works no
> > > matter how old your server gets.  It seems like whenever I used
> > > Ubuntu if it got sufficiently out of date apt failed to bring it
> > > up to date listing all kinds of dependency problems - yeah yeah I
> > > know keep your system up to date but sometimes things fall
> > > behind.  A package manager should always be able to update
> > > without issue to whatever is current no matter how old the
> > > system.  I have just had much better luck with CentOS in that
> > > regard.
> > > 
> > 
> > What distro you choose is up you and you alone. I personally use
> > Devuan because I find it easy to maintain, but mainly because it
> > doesn't use systemd. I wouldn't force my distro choice on anybody,
> > advise its use, yes, force, no.
> > 
> > OK, I will set up latest Centos in a VM and compile & configure
> > Samba and lets see if I can make it work ;-)
> > 
> > Rowland
> >    
> > 
> > 
> 
> OK, I now have Samba running on a Centos 7 VM and I am having the same
> problem as the OP, I get asked for a password, whilst if I connect to
> a Devuan Samba server, I get connected without the password. I have
> setup Centos exactly as the Devuan except for PAM, which is totally
> different from Devuan.
> 
> Devuan uses pam-auth-update, which works with Samba being
> in /usr/local/samba and only changes files in /etc/pam.d.
> 
> Centos uses authconfig, which seems not to work with Samba being
> in /usr/local/samba and wants to change multiple files.
> 
> Lets see if I can sort out Centos PAM ;-)
> 
> Rowland
> 

Okay, after I, ahem, turned off the firewall, I could see the centos
computer, but still couldn't connect without a password :-(

Ran this:
authconfig --enablekrb5 --enablewinbind --enablewinbindauth
--enablewinbindkrb5 --disablesssd --disablesssdauth --enableforcelegacy
--enablemkhomedir --update

Still no different.

Started win7 in a VM, logged in and navigated to the share in network
and connected straight away without a password ??????

After a short think, I tried this:
Ran kinit as the user and then tried to connect, it went straight to
the share and logged me in without asking for a password.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba