Ubuntu Servers :: Samba BDC Not Authenticating Users
Jul 18, 2010
I have two ubuntu 10.04 64-bit servers running samba (3.4.7) and openLDAP (2.4.21). The LDAP directory is successfully replicating between the two servers. These servers also serve as LDAP servers for sudo, pam, nss, and other services for a dozen servers without issues. The BDC samba is configured to use itself for LDAP. I connected to the BDC using the samba ldap credentials and verified I could a) see the Computer object b) read NTPassword and LMPassword. The workstations can authenticate to the domain successfully against the PDC. If a workstation boots and connects to the BDC, they login fails with:
Code:
[2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:336(get_md4pw)
get_md4pw: Workstation MACHINENAME$: no account in domain
[2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:584(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: failed to get machine password for account MACHINENAME$: NT_STATUS_ACCESS_DENIED
Successful authentication against the PDC shows:
Code:
[2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum)
MACHINENAME (192.168.2.145) connect to service netlogon initially as user username (uid=30000, gid=512) (pid 1727)
[2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum)
MACHINENAME (192.168.2.145) connect to service data initially as user nobody (uid=65534, gid=65534) (pid 1727) .....
View 1 Replies
ADVERTISEMENT
Jun 14, 2011
All of sudden a working SAMBA server not allowing to login and deny permission for users to access it shares. When I check I checked the server directory rights are same, find no changes. and smb.conf is also same. when I checked closely I found the following error.
1. smbd.log show the following messages
[2011/06/14 16:07:15, 0] lib/util_sock.c:get_peer_addr(1232)
getpeername failed. Error was Transport endpoint is not connected
[2011/06/14 16:07:15, 0] lib/util_sock.c:read_data(540)
read_data: read failure for 4 bytes to client 0.0.0.0. Error = Connection reset by peer
[2011/06/14 16:07:36, 0] lib/util_sock.c:get_peer_addr(1232)
getpeername failed. Error was Transport endpoint is not connected
[2011/06/14 16:07:36, 0] lib/util_sock.c:get_peer_addr(1232)
[Code]...
View 2 Replies
View Related
Nov 23, 2010
If I want to add Windows & Mac users as Samba users, must I first add them all as Ubuntu users? If so, since none of the other users will actually be working on the Ubuntu Server, how do I disable the other non-admin users on the Ubuntu Server login screen. I am using Webmin to administer some server settings, and command line for others.
View 3 Replies
View Related
Jan 24, 2011
Can connect to our mail server using telnet onto port 25 and this works correctly, 'ehlo whatever' shows output as expected.
However using a mail client to connect it gives an authentication error and the following appears in the maillog file;
did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
what to look for in the config, this works correctly on our development box but not on our production server. Could it be another program is interfering with the connection?
Sendmail is running in standalone mode not through the xinetd daemon.
I am using the PLAIN AUTH method as to try and avoid getting more errors.
View 1 Replies
View Related
Feb 2, 2010
I have a problem with sendmail. I am using the zen.spamhaus.org dnsbl, and it is doing a wonderful job of blocking incoming spam from open relays. But it is blocking my users who are on a dynamic ip range from any isp remotely. They should be able to authenticate and send messages no matter where they are as long as they authenticate right? I just want to use the blacklist to block incoming mail to my server that is being distributed to our email addresses.
I want to block people that are hosting mail servers and sending mail to my domain from isp sub-nets. But I don't want to block my users that are sitting on isp subnets using their mail client to authenticate over smtp and send an email from my mail servers.
View 2 Replies
View Related
Apr 22, 2009
First, I'm extremely green with linux. I'm trying to configure my CentOS 5.2 box to authenticate my SSH users with my Active Directory. What would be the best way to go about doing that? I've configured Winbind and joined it the the domain but I'm not able to login locally or SSH with an AD account. I'm not sure where to go from here. Also my users will not be accessing any file shares on this box, SSH only.
View 1 Replies
View Related
Jul 25, 2010
I am trying to setup my opensue 11.3 server as a pdc using openldap and samba
I am continuously getting a network path not found error message on my windows xp box. I already verified that the network settings are good.
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2010-07-05
[global]
[Code]....
View 5 Replies
View Related
Apr 24, 2010
When I try to add a user to samba (using the GNOME UI) in F12, after enter all the information and click OK.it will just hang for about 20 seconds, and then do nothing. Window is still there, I click OK again and same thing.heres the steps i followed:
1) click preferences, Samba Users...
2) click add user
3) select user "joe" (example) from drop down of users
4) enter "joe" windows user name
5) enter password for joe (same as user password)
6) click OK
7) hangs 20 seconds then nothing.window is still there.click OK again same thing no user added
View 1 Replies
View Related
Feb 11, 2011
I've set up smbd 3.4.7 on 10.04x64 LTS server. I've set up a couple shares and I'm having problems blocking access to certain directories using native file permissions. There is one directory that has folders for each sales rep to store their current list of quoted clients, I only want sales people to be able to browse the directories owned by themselves. Everything seems to be set up correctly in terms of user groups and permissions on the filesystem.
Below is marina, a sales rep, and brian, a super user of sorts.
id marina:
Code:
uid=1011(marina) gid=1006(office) groups=1006(office),1005(sales)
id nick:
Code:
uid=1000(brian) gid=1006(office) groups=1006(office),118(admin),1001(full),1002(processing),1003(management),1004(it),1005(sales)
Below is the directory with all the sales reps folders.
ls -la:
Code:
total 60
drwxrwxr-x 15 root it 4096 2011-02-10 20:06 .
drwxr-x--- 9 root office 4096 2010-11-19 12:40 ..
drwxrwx--- 13 katya full 4096 2010-12-07 12:36 Katya
drwxrwx--- 18 lana full 4096 2011-02-08 17:09 Lana
drwxrwx--- 23 marina full 4096 2011-02-10 18:09 Marina
drwxrwx--- 4 mike full 4096 2011-02-01 12:42 Mike
With this setup marina only be able to browse her folder, but she can browse all folders and has full write access to all folders. This leads me to believe something is up with the smbd.conf file, which is below.
Code:
[global]
workgroup = COMTREAD
null passwords = no
server string = Root Server
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0 .....
In this case the valid users directive would not work cause I am not making a share for each user. I had this on other shares like the db2 share. My windows box lagged heavily when I tried to access that share with an invalid user. How to deny users the ability to modify permissions I would also like to do that.
View 3 Replies
View Related
Aug 19, 2011
I want to use samba in ubuntu.For samba users i make a user in my linux box like
# useradd smith
# useradd jone
These users can also login into my ubuntu system if they want. For samba I want to know that, is there any way to create separate valid list of samba users so that they may access files from windows xp.
View 8 Replies
View Related
Sep 3, 2010
How can I set permissions for users within the share?
Example: I have a share called Programming and some user can create folders within it most others can not, can read the documents.
How do I set permissions?
View 2 Replies
View Related
Feb 19, 2010
I've installed Ubuntu Server 7.10 Gutsy and Webmin 1.500 on it. The thing that I want to do is: I want to share a folder an sub folders for windows users ( guest user) I should modify those folders from my ubuntu desktop 9.10 karmic they are all same folders. Is it possible? if yes how can i make it. you can tell from webmin or samba configuration file.
View 8 Replies
View Related
Sep 20, 2010
In my ongoing hunt for a Samba GUI that is feature packed, well supported, easy to use, yet doesn't suck, I found myself tinkering with eBox. I have it installed and fired up but I'm a little confused. I can add a Samba share - okay great. But I sorta need to add users. Where on earth can I add users? The users and group section of eBox doesn't appear to be related to what I need, and I also cannot get into the access control section of the very share I just created.
View 3 Replies
View Related
May 12, 2009
New fun from M$, we have started to test Win-7 on a few machines, and while it worked flawlessly in XP, Vista and Win-7 beta, logging on to the share (AD) from a Win-7 RC doesn't work.
View 1 Replies
View Related
May 20, 2010
I have Ubuntu server 10.04 joined to a domain using Likewise Open. I can login using my domain credentials and have added my domain account to the sudoers file. Now that I've got it joined to the domain I want to add some samba shares and have domain members use their accounts to access them. However, no matter what combination of my domain name and the domain user or group I use in the valid users field it won't let me in. What's the proper way of inputting a domain user or group in the valid user field?
This is the entry I'm using for the share:
Code:
[testshare]
path = /srv/testshare
valid users = @"Domain Name+Domain Group" (Have tried many things here)
public = no
writable = yes
printable = no
create mask = 0765
View 2 Replies
View Related
Apr 4, 2010
I don't know if the problem is the way I create my shares on the Domain member, but here is the way I've configured my systems. My systems are home based, and though the topology may be all wrong, it's set up this way only for test purposes. I love to get things up and running.I've already had a Domain Member running under Samba 3.02xx (Centos), but I'm having problems under Ubuntu and Samba 3.40
Server call Citadel is a VMware Server. I've got 3 virutal machines on this Server, 2 Ubunt 9.10 servers, and 1 Windows XP pro. One of my virtual servers is call Winserver, a Samba PDC server using TDBSAM as it's backend. Configured and working well. I have a share that I can access.On my Windows XP, I'm a domain member, able to access my WinserverServer share "Linux Doc", but when I try to access my domain member, it keeps asking me to login.
View 2 Replies
View Related
Mar 3, 2010
I need to set up ssh/sftp/network shares all authenticating with AD. I want to use likewise to do the auth, but to mount the network shares I need to use an older version of samba so it can connect with likewise.How can I go about installing an older version of samba onto this new distro of the OS? I've tried installing the lenny and etch versions but I always get an error during install just saying that samba errored.
View 4 Replies
View Related
Feb 4, 2010
I have configured samba server on fedora machine and i am trying to authenticate a winxp machine through samba server but the issue is winxp machine is not becoming the part of the domain. The error is A domain controller for the domain HOMEDOMAIN could not be contacted.Ensure that the domain name is typed correctly.
If the name is correct, click Details for troubleshooting information.
here is the configuration file text..
# Samba config file created using SWAT
# from UNKNOWN (8)
# Date: 2010/01/31 18:51:36
[global]
workgroup = HOMEDOMAIN
server string = Samba as Domain Controller.
[Code]...
View 2 Replies
View Related
May 13, 2010
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
View 9 Replies
View Related
Jul 11, 2009
I work as an system administrator for AIX and Linux servers. We have an FTP server running in Linux which has shared folders to Windows domain using Samba. The new requirement is to map users created to Linux machine to Windows users in such a way that, when a user logins into Windows machine with an ID say "X123" in domain "TEST", his access control to the samba shares should reflect based on the same user ID created in Linux machine.(FYI. Both the Windows and LINUX machines are in same network and domain). Please let me know the step by step procedure to configure Linux machine (smb.conf entries or any new file to be created for user mapping) to identify Windows user Login and provide access restrictions accordingly.
View 1 Replies
View Related
Oct 12, 2009
Is there any way to limit x number of samba users by samba ? Say if there are already 5 samba users using the share, I would like to restrict any futher samba requests.. How do i do that ?
View 1 Replies
View Related
Mar 18, 2010
I wish to prevent the samba messages (mainly nmbd and winbindd) from appearing in the system log (/var/log/messages). I want to allow samba logging to the standard samba logfiles, but prevent the syslog getting clogged up by samba. I added syslog = 0 to smb.conf and reloaded the config but the messages were still appearing. I also tried the following (and restarted the syslog via /sbin/service syslog restart) # Suppress messages from samba.
nmbd.* /dev/null
smbd.* /dev/null
winbindd.* /dev/null
For interests sake the messages I'm getting are below (I'm not concerned about the messages themselves, I can chase them up at my leisure via the samba logs) Mar 18 09:58:29 SERVER nmbd[3808]: query_name_response: Multiple (2) responses received for a query on subnet xx.yy.z.zz for name DOMAIN<1d>. Mar 18 09:58:29 SERVER nmbd[3808]: This response was from IP xx.yy.z.zz, reporting an IP address of xx.yy.z.zz.
View 1 Replies
View Related
Apr 3, 2011
If I try to connect to my Samba server with one user ("alex"), everything works fine. If I try to connect with a different user, ("guest"), I receive the error:
Code:
Retrying with upper case share name
mount error(6): No such device or address
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
Both users have been added as samba users using `smbpasswd -a`
These are the settings I've added in my smb.conf file:
[Code].....
View 6 Replies
View Related
Apr 28, 2010
I have configure few folders access by 3 users, In common folder only users that create that document can do changes. The rest of the users can only read the file but can not do changes. Ownership of the folder is admin, group is sambashare which already have the access create and delete files. All the 3 users already in sambashare main group, and they only can edit the file that they copy or create to the common folder .........
View 5 Replies
View Related
Apr 19, 2011
All I want is a simple Samba installation that anonymous users/guests can access. I have modified the smb.conf file so much using 'tips' that should enable a simple folder share. Nothing works. If I share the folder using Nautilus share then the folder is accessible without any credentials from only Win7 and android ES File Explorer. XP can't see the folder, nor can any other linux device. I want to switch to linux as a main OS but without shares it's not practical. Does anyone have a stripped down smb.conf which provides guest access to a single folder?
Here's the latest testparm -s
Code:
$ testparm -s
Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_STANDALONE
[global]
workgroup = MSHOME
server string = %h server (Samba, LinuxMint)
security = SHARE
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Entersnews*spassword:* %n
*Retypesnews*spassword:* %n
*passwordsupdatedssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
path = /home/mint/Shared
read only = No
create mask = 0777
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
read only = Yes
create mask = 0700
guest ok = No
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
read only = Yes
guest ok = No
View 5 Replies
View Related
Nov 26, 2010
this is my output when I try to compile samba 4.0.0 alpha 7 in Ubuntu using the spec file provided in the samba packages:
bin/mergedobj/samba-util.o: In function `file_lines_parse':
(.text+0x595c): undefined reference to `_talloc_steal'
bin/mergedobj/samba-util.o: In function `data_blob_talloc_named':[code]....
View 1 Replies
View Related
Sep 13, 2010
I've done all this config [URL] This config for the "foo" folder:
("pruebas" its a user)
Code:
[foo]
path = /home/pruebas
ready only = no
guest ok = yes
[code]....
I have the [HOME] code too, its everything fine with it, and I cant connect with another user ("alfredo") from Red Hat to Windows XP with no problem... but as soon as I double click in "foo" directory, appears this:
[URL]
Already tried to disconnect from windows the directories with "net use" but it doesn't work
View 2 Replies
View Related
Mar 18, 2011
At my office we are having a samba sever, staff will access their respective folder from their Windows XP systems. I wish to track all user access activity like file creation, modification, deletion and etc. I tried smbstatus -v, from the output I am not able to guess what the user done. I am giving some of the results I get please help me or you can suggest best way to get access log.
Samba version 3.0.25b-0.el5.4
PID Username Group Machine
14721 govind govind tsl-019 (10.0.2.64)
4832 chandra chandra trivent-9b92c9c (10.0.2.106)
Service pid machine Connected at
[Code]...
View 2 Replies
View Related
Jan 12, 2010
I'm not sure if this is even possible and I've tired searching, but I can't seem to figure it out. I have a few shares setup in Samba. I want them to prompt for a username and password. If an invalid user/pass is entered I want the user to be authenticated as a guest.
View 6 Replies
View Related
Jan 25, 2011
i have 3 groups on a samba server with about 30 user per group.I would like to know how to delete all the user in a group before adding new users.
View 1 Replies
View Related
