O Samba parece não estar associado ao domínio do Active Directory [fechado]

2

Inicialmente posso juntar uma caixa linux ao domínio com estes comandos:

sudo kinit [email protected] sudo net ads join -k

Depois de algumas horas ou no dia seguinte, isso acontece:

user@host:~$ sudo wbinfo -a administrator Enter administrator's password: plaintext password authentication failed Could not authenticate user administrator with plaintext password Enter administrator's password: challenge/response password authentication failed error code was NT_STATUS_ACCESS_DENIED (0xc0000022) error message was: Access denied Could not authenticate user administrator with challenge/response

Esses comandos funcionam como esperado o tempo todo: sudo wbinfo -t sudo wbinfo -u sudo wbinfo -g sudo wbinfo -i administrator

Samba Versão 4.2.5-SerNet-Ubuntu-8.trusty, aqui está o meu smb.conf

[global] workgroup=WINDOWS security=ads realm=WINDOWS.x.x.COM domain master=no local master=no preferred master=no load printers=no printing=bsd printcap name=/dev/null disable spoolss=yes idmap backend=tdb idmap uid=10000-99999 idmap gid=10000-99999 idmap config WINDOWS:backend=rid idmap config WINDOWS:range=10000-9999 winbind enum users=yes winbind enum groups=yes winbind use default domain=yes winbind nested groups=yes winbind refresh tickets=yes winbind offline logon=yes template shell=/bin/false client use spnego=yes client ntlmv2 auth=yes encrypt passwords=yes restrict anonymous=2 log file=/var/log/samba/samba.log log level=2 dcerpc endpoint servers=remote

Nada útil nos logs: (

[2015/11/25 15:26:23.524927, 2] ../source3/libsmb/cliconnect.c:1306(cli_session_setup_kerberos_send) Doing kerberos session setup [2015/11/25 15:26:23.532756, 2] ../source3/winbindd/winbindd_pam.c:2016(winbind_dual_SamLogon) NTLM CRAP authentication for user [WINDOWS]\[administrator] returned NT_STATUS_ACCESS_DENIED

Qualquer ajuda apreciada

    
por Jonathan S. Fisher 25.11.2015 / 22:28

0 respostas