LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-24-2011, 01:17 PM   #1
IwantLINUX
Member
 
Registered: Oct 2004
Location: India
Distribution: RH9,Fedora
Posts: 75

Rep: Reputation: 15
Samba Share + Active Directory


Hi Friends,

I'm supporting one of our customers who is using centrifydc samba with AD. Issue is that we are not able to access samba share from our windows machine. I tried using smbclient with AD username and it gives following error message:

check_ntlm_password: Authentication for user [xxx] -> [xxx] FAILED with error NT_STATUS_NO_SUCH_USER

However user do exist in AD and winbind gives the correct SID and info:

wbinfo -a DOMAIN\\xxx%password
plaintext password authentication succeeded
challenge/response password authentication succeeded

wbinfo -n DOMAIN\\xxx
S-1-5-21-141307505-1238419977-2639880222-26449 SID_USER (1)

getent doesn't list the AD accounts. Any idea? Forgot to mention that ntlm_auth is also giving the status OK..

Last edited by IwantLINUX; 12-25-2011 at 01:45 AM. Reason: Adding detail
 
Old 12-25-2011, 12:51 PM   #2
coolsg5636
Member
 
Registered: Sep 2011
Location: Pune,India
Distribution: RHEL ,CentOS, Fedora
Posts: 100

Rep: Reputation: 25
Hello,

What about the Samba configuration ? Is AD users allowed in samba configuration file ?

Can you please paste the contents of samba configuration file here ?

Also paste the output of following command ( which needs to be run on Samba Server)

Code:
smbclient -L samba_server_name -U AD_User_name
 
Old 12-26-2011, 02:04 AM   #3
IwantLINUX
Member
 
Registered: Oct 2004
Location: India
Distribution: RH9,Fedora
Posts: 75

Original Poster
Rep: Reputation: 15
Thanks Sandy...

Here you go :

=====

#
# This file was generated by Centrify ADBindProxy Utility
#
[global]
security = ADS
realm = DOMAIN.COM
workgroup = DOMAIN
netbios name = server01

follow symlinks = yes
wide links = yes
unix extensions = no

auth methods = guest, sam, winbind, ntdomain
machine password timeout = 0
passdb backend = tdbsam:/etc/samba/private/passdb.tdb

#
# Using kerberos keytab may lead to a serious Samba crash.
# Centrify recommends against using it.
# Kerberos authentication is still supported without it.
#
use kerberos keytab = No
client use spnego principal = true

# If your Samba server only serves to Windows systems, try server signing = mandatory.
server signing = auto

template shell = /bin/bash

winbind use default domain = Yes

winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes

ignore syssetgroups error = No
idmap uid = 1000 - 200000000
idmap gid = 1000 - 200000000

enable core files = false
# Disable Logging to syslog, and only write log to Samba standard log files.
syslog = 0
log level = 10
log file = /var/log/samba.smb.log

[share1]
path = /share/share1
read only = No
writeable = Yes
guest ok = Yes
create mask = 775

[share2]
path = /share/share2
read only = No
guest ok = Yes

[share3]
path = /share/share3
read only = No
guest ok = Yes
create mask = 775

[share4]
path = /share/share4
read only = No
guest ok = Yes
directory mask = 755
create mask = 755

[share5]
path = /share/share5
read only = No
writeable = Yes
guest ok = Yes
directory mask = 755
create mask = 755

[share6]
path = /share/share6
read only = No

[share7]
path = /share/share7
read only = No
read list = @DOMAIN\access_grp
guest ok = Yes


=====


smbclient -U DOMAIN\\user -L \\server01
Enter DOMAIN\user's password:
session setup failed: NT_STATUS_LOGON_FAILURE

In the log file, i see the same error message: NT_STATUS_NO_SUCH_USER
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic Samba Server or Active Directory Central Login via LAM/LDAP/SAMBA metallica1973 Linux - Server 5 06-09-2010 12:27 PM
samba using active directory for authentication- samba caching details wato83 Linux - Server 5 10-06-2009 06:37 PM
Active Directory User Cannot Write to Samba Home Directory jonwatson Linux - Networking 2 12-19-2006 01:40 PM
Authenticating through Windows active directory to connect to a Linux share ganninu Linux - General 1 04-07-2005 06:39 PM
Authenticating to Samba share using "Active Directory Server" hlslaughter Linux - Software 36 07-23-2004 11:59 AM


All times are GMT -5. The time now is 01:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration