LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (https://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   Samba4 AD not Authenticating (https://www.linuxquestions.org/questions/linux-enterprise-47/samba4-ad-not-authenticating-4175444846/)

varouj 01-09-2013 12:29 PM
Samba4 AD not Authenticating
 
I have already posted another issue here that may be related the current issue I am having.
I have Three Samba4 AD Domain Controllers, the first one installed that was
the primary domain controller is the one having problem, the other two seem
to be working OK. I discovered the problem when I tried to set "Group
Policy" from windows 7 machine. The Current issue and the previous issue
that I have posted all the issues started after I tried to add active directory Service to FreeNAS 8.0.3.

When i run the "Group Policy Management Console" (gpmc.msc) I get the error
message:

" The domain.company.com forest could not be loaded and will be removed.
The error message was: Unspecified Error".

I stopped Samba and run it in single mode:

[root@SAMBA-AD ~]# /usr/local/samba/sbin/samba -i -M single

and then run gpmc.msc and the got the following message:

Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp
:14c15c29-7c8e-4b7a-8e5a-639da645e970._msdcs.domain.company.com[1024,seal,krb5]
NT_STATUS_LOGON_FAILURE

Here are are a list of commands that I ran and the results that I got, I
hope they provide a clue of what might be going on:

[root@SAMBA-AD ~]# wbinfo -u
Error looking up domain users


[root@SAMBA-AD ~]# wbinfo -g
failed to call wbcListGroups: WBC_ERR_DOMAIN_NOT_FOUND
Error looking up domain groups

[root@SAMBA-AD var]# wbinfo -i vavanessians
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user vavanessians


[root@SAMBA-AD var]# smbtree -U Administrator -D
Enter Administrator's password:
WORKGROUP
SYS_OPS
SUNBELT
SHEETMETAL
SERVICE
SERIVCE
PURCHASING
PROJET_GROUP
PROJECT_GROUP
PROJECT
PRODUCTION
PIPING
PAYROLL
MSHOME
IT
HR
ENG
DISPATCH
CONST
BILLING
AESNB
ADMIN
ACCOUNTING
DOMAIN

[root@SAMBA-AD var]# wbinfo --domain=DOMAIN
[root@SAMBA-AD var]#


wbinfo -t
checking the trust secret for domain DOMAIN via RPC calls failed
error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret
[root@SAMBA-AD var]#

[root@SAMBA-AD ~]# smbclient -L SAMBA-AD -U Administrator
Enter Administrator's password:
Domain=[DOMAIN] OS=[Unix] Server=[Samba 4.1.0pre1-GIT-229d934]

Sharename Type Comment
--------- ---- -------
netlogon Disk
sysvol Disk
Data Disk
IT Disk
IPC$ IPC IPC Service (Samba 4.1.0pre1-GIT-229d934)
Domain=[DOMAIN] OS=[Unix] Server=[Samba 4.1.0pre1-GIT-229d934]

Server Comment
--------- -------

Workgroup Master
--------- -------

[root@SAMBA-AD ~]# samba-tool fsmo show
InfrastructureMasterRole owner: CN=NTDS
Settings,CN=SAMBA-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COMPANY,DC=com
RidAllocationMasterRole owner: CN=NTDS
Settings,CN=SAMBA-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COMPANY,DC=com
PdcEmulationMasterRole owner: CN=NTDS
Settings,CN=SAMBA-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COMPANY,DC=com
DomainNamingMasterRole owner: CN=NTDS
Settings,CN=SAMBA-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COMPANY,DC=com
SchemaMasterRole owner: CN=NTDS
Settings,CN=SAMBA-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COMPANY,DC=com
[root@SAMBA-AD ~]#

Thanks in advance for any help that you can provide.

Varouj


All times are GMT -5. The time now is 06:40 PM.