Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 12-24-2011, 12:17 PM   #1
Registered: Oct 2004
Location: India
Distribution: RH9,Fedora
Posts: 75

Rep: Reputation: 15
Samba Share + Active Directory

Hi Friends,

I'm supporting one of our customers who is using centrifydc samba with AD. Issue is that we are not able to access samba share from our windows machine. I tried using smbclient with AD username and it gives following error message:

check_ntlm_password: Authentication for user [xxx] -> [xxx] FAILED with error NT_STATUS_NO_SUCH_USER

However user do exist in AD and winbind gives the correct SID and info:

wbinfo -a DOMAIN\\xxx%password
plaintext password authentication succeeded
challenge/response password authentication succeeded

wbinfo -n DOMAIN\\xxx
S-1-5-21-141307505-1238419977-2639880222-26449 SID_USER (1)

getent doesn't list the AD accounts. Any idea? Forgot to mention that ntlm_auth is also giving the status OK..

Last edited by IwantLINUX; 12-25-2011 at 12:45 AM. Reason: Adding detail
Old 12-25-2011, 11:51 AM   #2
Registered: Sep 2011
Location: Pune,India
Distribution: RHEL ,CentOS, Fedora
Posts: 100

Rep: Reputation: 25

What about the Samba configuration ? Is AD users allowed in samba configuration file ?

Can you please paste the contents of samba configuration file here ?

Also paste the output of following command ( which needs to be run on Samba Server)

smbclient -L samba_server_name -U AD_User_name
Old 12-26-2011, 01:04 AM   #3
Registered: Oct 2004
Location: India
Distribution: RH9,Fedora
Posts: 75

Original Poster
Rep: Reputation: 15
Thanks Sandy...

Here you go :


# This file was generated by Centrify ADBindProxy Utility
security = ADS
realm = DOMAIN.COM
workgroup = DOMAIN
netbios name = server01

follow symlinks = yes
wide links = yes
unix extensions = no

auth methods = guest, sam, winbind, ntdomain
machine password timeout = 0
passdb backend = tdbsam:/etc/samba/private/passdb.tdb

# Using kerberos keytab may lead to a serious Samba crash.
# Centrify recommends against using it.
# Kerberos authentication is still supported without it.
use kerberos keytab = No
client use spnego principal = true

# If your Samba server only serves to Windows systems, try server signing = mandatory.
server signing = auto

template shell = /bin/bash

winbind use default domain = Yes

winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes

ignore syssetgroups error = No
idmap uid = 1000 - 200000000
idmap gid = 1000 - 200000000

enable core files = false
# Disable Logging to syslog, and only write log to Samba standard log files.
syslog = 0
log level = 10
log file = /var/log/samba.smb.log

path = /share/share1
read only = No
writeable = Yes
guest ok = Yes
create mask = 775

path = /share/share2
read only = No
guest ok = Yes

path = /share/share3
read only = No
guest ok = Yes
create mask = 775

path = /share/share4
read only = No
guest ok = Yes
directory mask = 755
create mask = 755

path = /share/share5
read only = No
writeable = Yes
guest ok = Yes
directory mask = 755
create mask = 755

path = /share/share6
read only = No

path = /share/share7
read only = No
read list = @DOMAIN\access_grp
guest ok = Yes


smbclient -U DOMAIN\\user -L \\server01
Enter DOMAIN\user's password:
session setup failed: NT_STATUS_LOGON_FAILURE

In the log file, i see the same error message: NT_STATUS_NO_SUCH_USER


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic Samba Server or Active Directory Central Login via LAM/LDAP/SAMBA metallica1973 Linux - Server 5 06-09-2010 11:27 AM
samba using active directory for authentication- samba caching details wato83 Linux - Server 5 10-06-2009 05:37 PM
Active Directory User Cannot Write to Samba Home Directory jonwatson Linux - Networking 2 12-19-2006 12:40 PM
Authenticating through Windows active directory to connect to a Linux share ganninu Linux - General 1 04-07-2005 05:39 PM
Authenticating to Samba share using "Active Directory Server" hlslaughter Linux - Software 36 07-23-2004 10:59 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:51 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration