How do I configure samba such that AD authentication still works when a DC is down? Do I need multiple kdc, admin_server, and kpasswd_server entries in krb5.conf?
View 3 Repliesi need to allow window domain controller user to use file share of linux.windows DC user can see the share file and directories of linux file server but not able to access.
below is brief--
I have a Linux machine which is on my network but not on my domain. I have configured SAMBA FILESERVER for file sharing purpose. I have a Windows XP PC which is on the domain(windows server) that I am trying to connect to a share on the Linux box. I supply my credentials but regardless of which login I use I always get Logon Failure. I have created an account on the Linux machine with the same user name and password as my domain account but so far no luck. Can I connect from a domain PC to a non-domain Linux box? Is there something else I should be checking?
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
I have to rename a group of machines in my little samba domain (tbd backend) but there is an ugly bug that makes this impossible. have set 'rename user script' variable corectly, also checked all configurations.When i change computer name in my windows box, it shows an error saying something like "Error calling remote procedure"Looking on server side, username for the machine gets correctly changed in /usr/passwd, and also in samba database.But samba log says:
===============================================================
[2009/10/08 11:10:32, 0] lib/fault.c:fault_report(42)
INTERNAL ERROR: Signal 11 in pid 11052 (3.0.33-3.7.el5_3.1)
[code]....
I want to configure a single mail server to send and receive mail from multiple sub domains of my domain. I've already installed Postfix/Dovecot and it is perfectly working for mydomain.com. And also installed roundcube for Web Mail. Can I further customize this setup to process mail to sub domains? ex- someone@subdomain1.mydomain.com, someone@subdomain2.mydomain.com, someone2@subdomain1.mydomain.com (someone@subdomain1.mydomain.com and someone@subdomain2.mydomain.com are 2 separate users. they should be able to log on to web interface separately)
Currently i use system account names as email user names. (ex - systemusername@mydomain.com). The only MX record in my domain DNS pointed to current server (mailhost.mydomain.com). I read about postfix virtual domains. but couldnt figure out how to use it to achive my target. I do not need configuration details. Just explain me the way to do it. I can do the rest my self.
I am trying to configure grub to be able to boot from any of the four hard-drives that I have, three of which are plugged into an nVidia RAID controller and the other is plugged into a JMicron controller. Grub seems to only see the loan one and not the other three.Is there a way to get Grub to see the disks attached to another controller?
View 4 Replies View Relatedi have two domains(eg. my example.com and my domian.com) in my server for single static ip.i have also configured ftp server for those two domains.And also seperate ftp users for my domain.com and my example.com.
e.g. my domain.com----- ftp user----big
my example.com---- ftp user----small
i can able to access the ftp server from client pcs. my problem is when i tried to access ftp server by
ftp www.my domain.com
user small
passwd xxx
i.e the domain i want to access is my domain.com.
the username and password which i given is for my example.com
but i can able to login through that ftp user and the location is myexample.com location.
but i don't want this to happen .
i want mydomain.com to be accessed only through my domain ftp users and my example.com to be accessed only through my example.com ftp users,what to do.
I have a Slackware 12.1 box with mail server running on Postfix and Dovecot. My domain name is,say, [URL].. I have another domain, mail.xyz.net. I want to use both the domain for incoming. Like, someone sends mail to [URL]... otherone sends mail to user@xyz.net. Both the mail should be received.
View 2 Replies View RelatedI've been fighting with the Samba server for a while and I'm a bit frustrated at this point. When I try to add machines to my domain I get the "The username could not be found error" here is my smb.conf...
Code:
[global]
workgroup = INMANONE
netbios name = PDC
server string = Inman Domain Controller
os level = 64
security = user
passdb backend = tdbsam
domain logons = yes
domain master = yes
local master = yes .....
I have centOS 5 server & have configure web server. I want to this webserver share on my network. How to configure domain.
View 8 Replies View RelatedThis is my example domain name
loc1.test.com --> 10.8.5.5
loc2.test.com --> 10.8.5.6
con1.test.com --> 10.8.5.7
mail.test.com --> con1.test.com
mk.test.com --> loc1.test.com,loc2.test.com
per1.test.com --> mk.test.com
per2.test.com --> mk.test.com
per3.test.com --> mk.test.com
per4.test.com --> mk.test.com
We have configured DNS Zone like this .....
How to configure CNAME for
mk.test.com --> loc2.test.com
and
per1.test.com --> mk.test.com
per2.test.com --> mk.test.com
per3.test.com --> mk.test.com
per4.test.com --> mk.test.com
Need configuring CNAME for mk.test.com,per1.test.com,per2.test.com,per3.test.com and per4.test.com
I want to set a log off script for samba domain users. Actually I am facing a huge temp files related problem. So I want to set a batch file which will run when domain user log off. When user logout then batch file run and delete all temp files.I have already set batch file local group policy and it works for me, but I wants to set it from server side.
View 1 Replies View RelatedI have a samba server for company file shares but we do not use domain services or active directory service. Each workstation is its own standalone system. (And we want to keep it this way.) I would like to have some centralized authentication though, and it looks like Kerberos will provide that. After a lot of searching though, I can't find any instructions for setting up samba to authenticate users using kerberos without an ADS (active directory service) or domain. Is this possible?
View 1 Replies View RelatedI'm configuring a classroom based on Linux (just Linux, without Windows) with user mobility. What I want is that any student will use its own 'username/password' on whatever computer getting its own data and without having to define every user on every computer. As far as Samba is very useful, even when I don't need Windows support I decided to base the solution on Samba. Right now I still have some problems and the solution doesn't work in my test environment. I defined a PDC (Samba 3.5 Domain Controller) on a Fedora 13 with 'homes', starting nmb and smb and it seems to work. On a Ubuntu 10.10 Workstation I built a Samba 'Domain Member Server' starting nmb, smb and winbind.
First question: should I define 'homes' on this server or not? I assumed 'not' as the 'homes' you have to use are the ones defined on the PDC, not on the DMS.
Second question: does winbind run just on DMS? Not on the PDC too?
I defined the DMS 'machine' and some domain users on the PDC and I could 'join' the DMS to the PDC without any problem (join rpc ...) From the workstation I can use smbclient seeing a domain with two servers, one of which is the controller. I can connect to the home shares using the domain users which are authorized by the PDC. On the DMS I paid attention on nsswitch.conf and pam file running 'pam-auth-update'. So 'webinfo -u' provides a list of users on the domain, local users and domain users. The problem arrives when I try to connect from the session login screen on the workstation to 'mydomainmyuser'. PDC validates the user, if the password is right, and I get connected but not to my PDC homes.
Instead I get some errors starting with:
'could not update ICEAuthoriy file /home/mydomain/myuser/.ICEAuthority'
It seems I'm in an empty space in an open but useless session which I can close later on.
Hereafter you will see the short smb.conf reported by testparm:
PDC
[global]
workgroup = TESO-DOM
server string = Samba Server Version %v
interfaces = lo, wlan0
bind interfaces only = Yes .....
i have configured samba as file server in fedora 11,it works fine for both windows and linux machines .but i want to configure ldap and samba as domain controller. Googled a lot on internet every thing is confusing me .
View 2 Replies View RelatedWe're still using an NT Domain Server, and Samba is already configured properly. But the problem is if the shared folder is configured in samba to be accessed by group and not the domain username, authentication fails even if the user is member of the group.
Example#1: (authentication successful)
[sharedfolder]
valid users = domain+username
Example#2:
[sharedfolder] (authentication fails)
valid users = @domaingroup
Samba version is samba-3.0.33
My Windows 2003 domain has three domain controllers. All of them are configured as global catalog servers, but my krb.conf and krb5.conf only contain a reference to one of them. What if the DC referenced is down? Should my files reference the other DCs? The contents of my files follow...
krb.conf
--------
MYDOMAIN.COM dc01.MYDOMAIN.COM:88
MYDOMAIN.COM dc01.MYDOMAIN.COM:749 admin server[code]...........
I don't know how configure or how explain what i want to do .... i have one server with dhcpd and dns name cache (also squid as a transparent proxy and iptables), this works fine but logs show this code...
View 1 Replies View RelatedI would like to configure DNS server in RHEL 5.3 to resolve domain name. Do you have step by step procedure or automated script to configure the dns server?
View 2 Replies View RelatedI am looking at setting up a multiple postfix SMTP servers for a single domain. Below is my requirement, I would appreciate if someone out there could guide me to achieve this using postfix..
1. Want to setup 2 postfix SMTP Server with 1 POP3 Server.
2. Server1 will host POP3 & SMTP services for domain "metallica.one".(IP: 1.1.1.1, MX: mx1.metallica.one)
3. Server2 will host only SMTP services for domain "metallica.one" (IP: 1.1.1.2, MX: mx2.metallica.one)
4. Server1 & Server2 will be used as load balancing for sending mails. (either manual settings in email client, or auto-loadbalancing is still preferred).
5. Mail received for domain metallica.one on Server2 should be pushed/forwarded/relayed to Server1 where POP3 services are running.
6. Outgoing mails for other domains from Server2 should be sent directly to the other-domain-recipients without relaying to Server1.
One of our servers crashed due to hard drive problems. We were able restore data from backups; however the only info on the samba PDC portion of the server we have are the local and domain SIDs. Armed with only this info; is there a way to recreate the previous domain so the users and machine accounts could recognize it?
View 1 Replies View RelatedI'm setting up a PDC Samba server on centos5.4. All tasks are well done but on adding new machine in my domain I have a this error message: Error occurred when attempt to join your machine in domain "invalid user name".
samba.log
Code:
[2010/07/05 12:34:55, 2] smbd/sesssetup.c:setup_new_vc_session(1212)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/07/05 12:34:55, 2] smbd/sesssetup.c:setup_new_vc_session(1212)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/07/05 12:34:55, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded
[2010/07/05 12:34:55, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2919)
Returning domain sid for domain RAPHAELLO -> S-1-5-21-3852106609-489253481-401883016
smb.conf .....
I think that the machine account is missed or miss matched.
CentoS 5.5
[root@osra ~]# rpm -q samba3x
samba3x-3.3.8-0.52.el5_5.2
[root@osra ~]# rpm -q krb5-workstation
krb5-workstation-1.6.1-36.el5_5.5
Domain controller windows 2k3 sp3
I follow those guides: [URL] and [URL]. I join the domain, I can test the user
[root@osra ~]# wbinfo -a mbottalico%
plaintext password authentication succeeded
challenge/response password authentication succeeded
[root@osra ~]# wbinfo -u
administrator
guest
krbtgt
[root@osra ~]# wbinfo -g
utenti wins
dhcp users
dhcp administrators
computer del dominio
controller di dominio
getent passwd and group ok without "DOMAIN+"
kinit e klist ok.
I can browser the samba server, but I can enter on "temp", but not in "test" (access denied)
[root@osra ~]# smbclient \\osra\test -U administrator
Enter administrator's password:
Domain=[DOMAINSHORT] OS=[Unix] Server=[Samba 3.3.8-0.52.el5_5.2]
smb: > ls
NT_STATUS_NETWORK_ACCESS_DENIED listing * (I noticed only writing this message)
[root@osra ~]# smbclient \\osra\tmp -U administrator
Enter administrator's password:
Domain=[DOMAINSHORT] OS=[Unix] Server=[Samba 3.3.8-0.52.el5_5.2]
smb: > dir .....
53488 blocks of size 2097152. 49908 blocks available
smb: > q
0 blocks of size 0. 511 blocks available .....
I use OpenSuse 11.3 and I successfully built a samba/openldap server. However the raoming profiles were not working so I removed the roaming profile part of the samba and the openldap using ldap account manager. I also rejoined a couple of the computers back to the domain successfully (it was not an instaneous join, it took a good minute or 2 to join each pc). Now I cannot cannot login to any of these computers with the domain credentials. I can share using the UNC path no problem and this was working find about 1 week ago.
On 1 of the computers Iw as able to finally get a log file saying this:
I have recently purchased a VPS, i want to make the VPS act as domain name server for few domain names which i have purchased in the past, so that i can update DNS records for those domain names from my VPS. I know bind9 can be used for domain name servers but i dont know how use it in mycase.
View 1 Replies View RelatedI've been working for hours with Samba on Ubuntu Server 9.10 (Samba version 3.4.0), trying to get it setup simply as a fileserver that performs authentication to an NT 4 server (yes, I know, old and out of date). After much struggling, I finally realized that my configuration *was* working when the clients connecting (from XP, and Win2k clients, mostly) were actually joined to the domain (where the PDC is the NT 4 Server) and logged into the domain.For various reasons, many of the Windows clients at this location don't actually log into the domain, even though they have login/passwords that are valid users on the domain and they'll typically have some drives mapped to the PDC.
By the way, I have this working on another Linux box running Samba 3.0.28, so I'm sure it's possible, I'm just lost as to how to do it.I can provide plenty more information if it would help diagnose the situation. Does anyone have an idea of how I can get this to work? I'm sure it's possible, since the exact scenario worked in a recent version of Samba.
I don't know if this is possible... I want that only some of a Windows Domain(Samba) users can to logging in a machine.For example: The user Peter of the domain WORKSPACE can connect to the PC1, but the user Charly of the domain WORKSPACE can not connect to the PC1. How I can implement this?
View 5 Replies View RelatedI have an OpenSuSe Server configured with DNS, Samba (PDC + WINS), LDAP, Squid All this is in a hybrid scenario with other OpenSuse acting as clients and some Windows 7 also as clients. Everything works perfect. Both systems are able to join and authenticate in the Samba server very smoothly.
My problem is that in my workspace I have several different subnets/VLANS. So I have another OpenSuSe client here that needs to join the domain and authenticate with the samba server, but he just cant find it via the Windows Domain Membership setup screen (where I usually configure the others).
The server can pe pinged, and it does resolv local domain names. It seems the problem is that I have no place to configure a PDC/WINS server in Linux Client. It only asks me for the domain to join, and then it doesnt find it (Im guessing this happens because it cant receive the broadcasts from the server network).
Is there any way to declare the Samba/PDC/WINS server on the client side?
I want to Migrate Win2003 Domain Controller to Samba with All Settings Current Setup: Working Win2003 Domain Controller (DC)with home directories, group policies, shared printer, disk quotas. how to migrate all these settings to Samba Domain Controller. I have tried to search but didn't get detailed information.
View 14 Replies View RelatedIm running a Samba server as a PDC
Every thing works fine When I log in it creates a folder on the server for the user. when the user logs out, it is copying the user data to the server, for example folders like Documents,Favorites and so on.
My problem is,Im using a Dutch version of Windows 7 but the folders sync are English