LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-23-2008, 07:04 AM   #1
cliffsur
LQ Newbie
 
Registered: Sep 2008
Posts: 10

Rep: Reputation: 0
Question Ubuntu 8.04 to SBS 2003 Active Directory authentication problems


I have been following the ActiveDirectoryHowto and have installed all the modules, but when I try to specify the LDAP server I get the following error

ldapsearch -h ubunserve1.zoeftigco.local
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
> ldapsearch -h zoeftserve.zoeftigco.local
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)

My ubuntu machine is called ubunserve1 and I thought this would be the ldap server but when that didn't work I tried zoeftserve which is the name of my SBS 2003 server.

I have not installed any Windows services for Unix in zoeftserve as the Howto suggests that this may not be necessary. Could this be the problem?
 
Old 09-23-2008, 08:47 AM   #2
arckane
Member
 
Registered: Sep 2005
Location: UK
Distribution: Gentoo/Debian/Ubuntu
Posts: 307

Rep: Reputation: 38
Do you have both the smbd and nmbd services running on the Linux box? Samba/Windows nearly always requires netbios name lookups working which requires nmbd.
 
Old 09-23-2008, 11:47 AM   #3
cliffsur
LQ Newbie
 
Registered: Sep 2008
Posts: 10

Original Poster
Rep: Reputation: 0
I've looked through all the packages installed and searched for both smbd and nmbd but I can find neither. Do these have to be installed separately from Samba or are they part of the samba installation which I have failed to install correctly?
 
Old 09-23-2008, 12:12 PM   #4
cliffsur
LQ Newbie
 
Registered: Sep 2008
Posts: 10

Original Poster
Rep: Reputation: 0
I've done a bit more digging. Sorry, but a real noob.

Here is the /etc/init.d/samba file, which looks as though it has the two services starting.
#!/bin/sh

### BEGIN INIT INFO
# Provides: samba
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start Samba daemons (nmbd and smbd)
### END INIT INFO


# Defaults
RUN_MODE="daemons"

# Reads config file (will override defaults above)
[ -r /etc/default/samba ] && . /etc/default/samba

DAEMON=/usr/sbin/smbd
PIDDIR=/var/run/samba
NMBDPID=$PIDDIR/nmbd.pid
SMBDPID=$PIDDIR/smbd.pid

# clear conflicting settings from the environment
unset TMPDIR

# See if the daemons are there
test -x /usr/sbin/nmbd -a -x /usr/sbin/smbd || exit 0

. /lib/lsb/init-functions

case "$1" in
start)
log_daemon_msg "Starting Samba daemons"
# Make sure we have our PIDDIR, even if it's on a tmpfs
install -o root -g root -m 755 -d $PIDDIR

NMBD_DISABLED=`testparm -s --parameter-name='disable netbios' 2>/dev/null`
if [ "$NMBD_DISABLED" != 'Yes' ]; then
log_progress_msg "nmbd"
if ! start-stop-daemon --start --quiet --oknodo --exec /usr/sbin/nmbd -- -D
then
log_end_msg 1
exit 1
fi
fi

if [ "$RUN_MODE" != "inetd" ]; then
log_progress_msg "smbd"
if ! start-stop-daemon --start --quiet --oknodo --exec /usr/sbin/smbd -- -D; then
log_end_msg 1
exit 1
fi
fi

log_end_msg 0
;;
stop)
log_daemon_msg "Stopping Samba daemons"
log_progress_msg "nmbd"

start-stop-daemon --stop --quiet --pidfile $NMBDPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $NMBDPID ] && ! ps h `cat $NMBDPID` > /dev/null
then
# Stale PID file (nmbd was succesfully stopped),
# remove it (should be removed by nmbd itself IMHO.)
rm -f $NMBDPID
fi

if [ "$RUN_MODE" != "inetd" ]; then
log_progress_msg "smbd"
start-stop-daemon --stop --quiet --pidfile $SMBDPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $SMBDPID ] && ! ps h `cat $SMBDPID` > /dev/null
then
# Stale PID file (nmbd was succesfully stopped),
# remove it (should be removed by smbd itself IMHO.)
rm -f $SMBDPID
fi
fi

log_end_msg 0

;;
reload)
log_daemon_msg "Reloading /etc/samba/smb.conf" "smbd only"

start-stop-daemon --stop --signal HUP --pidfile $SMBDPID

log_end_msg 0
;;
restart|force-reload)
$0 stop
sleep 1
$0 start
;;
status)
pidofproc -p $SMBDPID $DAEMON >/dev/null
status=$?
if [ $status -eq 0 ]; then
log_success_msg "SMBD is running"
else
log_failure_msg "SMBD is not running"
fi
exit $status
;;
*)
echo "Usage: /etc/init.d/samba {start|stop|reload|restart|force-reload|status}"
exit 1
;;
esac

exit 0
 
Old 09-24-2008, 11:35 AM   #5
cliffsur
LQ Newbie
 
Registered: Sep 2008
Posts: 10

Original Poster
Rep: Reputation: 0
Hi Arckane,

Please see below logs from sign-on today. It looks like both services are running; nmbd looks to have successfully completed its task but smbd failed to create administrators or users. I don't need CUPS on my server, so I'm not concerned about those lines. These logs came from /var/log/samba.



[2008/09/24 12:13:12, 0] smbd/server.c:main(944)
smbd version 3.0.28a started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/09/24 12:13:12, 0] param/loadparm.c:map_parameter(2794)
Unknown parameter encountered: "revalidate"
[2008/09/24 12:13:12, 0] param/loadparm.c:lp_do_parameter(3535)
Ignoring unknown parameter "revalidate"
[2008/09/24 12:13:12, 1] param/loadparm.c:lp_do_parameter(3541)
WARNING: The "only user" option is deprecated
[2008/09/24 12:13:12, 0] printing/print_cups.c:cups_connect(69)
Unable to connect to CUPS server localhost:631 - Connection refused
[2008/09/24 12:13:12, 0] printing/print_cups.c:cups_connect(69)
Unable to connect to CUPS server localhost:631 - Connection refused
[2008/09/24 12:14:06, 0] auth/auth_util.c:create_builtin_administrators(792)
create_builtin_administrators: Failed to create Administrators
[2008/09/24 12:14:06, 0] auth/auth_util.c:create_builtin_users(758)
create_builtin_users: Failed to create Users


[2008/09/24 12:13:12, 0] nmbd/nmbd.c:main(711)
Netbios nameserver version 3.0.28a started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/09/24 12:18:53, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
*****

Samba name server UBUNSERVE1 is now a local master browser for workgroup WORKGROUP on subnet 192.168.0.105

In addition I looked at the /var/log/likewise-open and found these entries for the ubuntu server
[2008/09/24 12:18:11, 0] winbindd/winbindd_dual.c:async_request_timeout_handler(183)
async_request_timeout_handler: child pid 4883 is not responding. Closing connection to it.
[2008/09/24 12:18:11, 1] winbindd/winbindd_util.c:trustdom_recv(258)
Could not receive trustdoms

And these for the Domain Controller which may be the most significant except that I don't know what to do to set up a KDC in my SBS2003 server if that is where it should be.
[2008/09/24 12:13:30, 0] libsmb/cliconnect.c:cli_session_setup_spnego(856)
Kinit failed: Cannot contact any KDC for requested realm
 
Old 09-25-2008, 11:05 AM   #6
cliffsur
LQ Newbie
 
Registered: Sep 2008
Posts: 10

Original Poster
Rep: Reputation: 0
Hi Again,
I'm still very much the newbie but I guess I'm learning!
After studying loads of stuff on the forums, I got the ubuntu community docs for Samba/Kerberos and ActiveDirectoryWinbindHowto and worked very carefully through them. They are excellent, well they must be because I have now successfully joined my ubuntu sever box to my local domain and I can see all the AD users from the Ubuntu server.
So I guess this thread can now be closed.
However, for any other struggling ubuntu newbies out there who want to join their samba server to a Win2k3 server AD domain, the links are:-

https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto and
https://help.ubuntu.com/community/Samba/Kerberos


Make sure you complete the Kerberos bits first.

To all those forum users who looked at this thread Thank You even if you didn't add to it, at least you took the time. And to any newbie who reads this and goes on to make a successful union between Active Directory and Ubuntu, I hope this was useful.

Cliffsur

Progress is only made outside your comfort zone.
 
Old 10-07-2008, 09:01 PM   #7
likeWiseGuy
LQ Newbie
 
Registered: Oct 2008
Posts: 4

Rep: Reputation: 0
Quote:
Originally Posted by cliffsur View Post
Hi Again,
I'm still very much the newbie but I guess I'm learning!
After studying loads of stuff on the forums, I got the ubuntu community docs for Samba/Kerberos and ActiveDirectoryWinbindHowto and worked very carefully through them. They are excellent, well they must be because I have now successfully joined my ubuntu sever box to my local domain and I can see all the AD users from the Ubuntu server.
So I guess this thread can now be closed.
However, for any other struggling ubuntu newbies out there who want to join their samba server to a Win2k3 server AD domain, the links are:-

https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto and
https://help.ubuntu.com/community/Samba/Kerberos


Make sure you complete the Kerberos bits first.

To all those forum users who looked at this thread Thank You even if you didn't add to it, at least you took the time. And to any newbie who reads this and goes on to make a successful union between Active Directory and Ubuntu, I hope this was useful.

Cliffsur

Progress is only made outside your comfort zone.
Hey Cliffsur,

This is great stuff.

Sorry I didn't see this thread sooner so that I could've helped you out but there is great pride in independently solving problems. :-)

Let me know if you have any other questions that I can answer for you.

Again, thumbs up for the great job!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Authentication error: Apache 2 and Active Directory 2003 kenneho Linux - Software 0 09-09-2008 04:19 AM
Yet another Samba authentication problem with Windows 2003 Active Directory StAlphonzo Linux - Security 1 05-23-2008 03:16 PM
Yet another Samba authentication problem with Windows 2003 Active Directory StAlphonzo Linux - Server 0 05-23-2008 01:36 PM
RHEL4 authentication to Windows 2003 Active Directory rtkaczyk Linux - Enterprise 40 10-29-2007 08:27 PM
HOW TO: SUSE Linux Enterprise Desktop SLED10 LDAP / Kerberos Authentication to Active Directory / Windows Server 2003 R2 Shannon_VanWagner LinuxAnswers Discussion 2 06-13-2007 10:29 AM


All times are GMT -5. The time now is 06:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration