Web lists-archives.com

Re: [Samba] smbclient v3 against samba server v4




Il giorno mer 19 dic 2018 11:46:56 CET, Rowland Penny via samba ha scritto:

On Wed, 19 Dec 2018 09:31:38 +0000
Andrea Zagli via samba <samba@xxxxxxxxxxxxxxx> wrote:

hi all

i'm trying to use smbclient v3 with a samba server v4 configured as ad

with anonymous login it works; but it doesn't using a user

i get NT_STATUS_LOGON_FAILURE

the pc isn't in the domain; but i tried from a non domain pc with
smbclient v4 and it works

I think you have answered yourself, it doesn't work with smbclient v3
(by which, I take it you mean from a Samba 3.x.x version), but it does
with smbclient v4. There have been a great many changes between Samba
3.x.x and now and it is probably at least one of these changes that is
stopping it working.

so the next questions are:
- winbind v3 could authenticate against samba v4 ad? or i could simply use nsswitch with ldap (as with a samba v3 server)?
- samba v3 can join a samba v4 ad?

The only versions that Samba supports are 4.7.x, 4.8.x and 4.9.x, all
others are supported by the OS's

Having said all that, we may be able to help you, if you give us more
info ;-)

What OS is smbclient v3 running on and what is in its smb.conf (not that
the latter should affect smbclient)
What OS is the Samba AD DC running on and what is in its smb.conf.


smbclient V3
 - debian 6.0.10
 - smbclient 3.5.6

smb.conf v3

[global]
workgroup = WORKGROUP (i tried to change it to the domain name as i found is suggested in some site)
   server string = %h server
   dns proxy = no
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   encrypt passwords = true
   passdb backend = tdbsam
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
[homes]
   comment = Home Directories
   browseable = no
   read only = yes
   create mask = 0700
   directory mask = 0700
   valid users = %S
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   guest ok = no
   read only = yes
   create mask = 0700
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no


samba server v4
 - debian 9.6
 - samba 4.5.12

smb.conf v4

[global]
        netbios name = SAMBA4
        realm = COMSCAND.NONATSAMBA4.IT
        workgroup = COMSCAND
        dns forwarder = 192.168.150.161
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
[netlogon]
        path = /var/lib/samba/sysvol/comscand.nonatsamba4.it/scripts
        read only = No
[sysvol]
        path = /var/lib/samba/sysvol
        read only = No
[samba1]
        path = /mnt/samba1
        read only = No


thanks

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba