Eu criei um servidor CentOS7 que eu entrei em um domínio. Confirmei usando 'realm' que é parte do domínio e confirmei com 'id' que posso verificar a associação de grupos.
Agora estou tentando configurar um compartilhamento, mas ficando preso. Eu configurei um 'teste' de compartilhamento como mostrado abaixo. No Windows eu posso usar o navegador de arquivos para ver a raiz do servidor (mostrando apenas o compartilhamento 'teste'), mas quando eu clico duas vezes no nome do compartilhamento (teste) ele expira e pede credenciais. Eu tentei minhas credenciais e credenciais de administrador de domínio, ambos se recusaram.
smbclient lista corretamente os compartilhamentos neste host. E, estranhamente, eu copiei meu smb.conf de um servidor CentOS6 no meu domínio que funciona bem. Algumas coisas são diferentes no CentOS 7, eu assumo.
Existe uma configuração ausente?
# Global parameters
[global]
interfaces = 172.33.254.38 127.0.0.1
realm = mydomain.com
server string = Linux Server
workgroup = mydomain
log file = /var/log/samba/%m.log
max log size = 50
load printers = No
printcap name = /dev/null
unix extensions = No
security = ADS
winbind offline logon = Yes
dns proxy = No
wins server = 172.33.254.31
idmap config * : backend = tdb
wide links = Yes
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
print command = lpr -r -P'%p' %s
printing = bsd
guest ok = Yes
[test]
comment = mydomain Files
path = /data/test
force group = root
force user = root
read only = No
valid users = "@mydomain\domain admins" mydomain\myname root
browseable = yes
E o registro do samba deste host depois de falhar ao visualizar o conteúdo do compartilhamento:
[2017/01/22 01:08:13.259022, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259077, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2017/01/22 01:08:13.259090, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_TDIS] mid = 10
[2017/01/22 01:08:13.259115, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (1475001125, 1475000513) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259129, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (7):
SID[ 0]: S-1-22-1-1475001125
SID[ 1]: S-1-22-2-1475000513
SID[ 2]: S-1-22-2-1475001141
SID[ 3]: S-1-22-2-1475001140
SID[ 4]: S-1-1-0
SID[ 5]: S-1-5-2
SID[ 6]: S-1-5-11
Privileges (0x 0):
Rights (0x 0):
[2017/01/22 01:08:13.259162, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 1475001125
Primary group is 1475000513 and contains 3 supplementary groups
Group[ 0]: 1475000513
Group[ 1]: 1475001141
Group[ 2]: 1475001140
[2017/01/22 01:08:13.259206, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
Impersonated user: uid=(1475001125,1475001125), gid=(0,1475000513)
[2017/01/22 01:08:13.259222, 4, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259231, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259239, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259254, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 4
req->in.vector[4].iov_len = 0
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259320, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259333, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259341, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259353, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259363, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259372, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/lock/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259383, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 64C5DBD4
[2017/01/22 01:08:13.259399, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f0770a38850
[2017/01/22 01:08:13.259414, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 64C5DBD4
[2017/01/22 01:08:13.259423, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259432, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259448, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259457, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259465, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259476, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259485, 3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum)
172.31.254.73 (ipv4:172.31.254.73:50848) closed connection to service IPC$
[2017/01/22 01:08:13.259507, 4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir)
vfs_ChDir to /
[2017/01/22 01:08:13.259545, 4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir)
vfs_ChDir got /
[2017/01/22 01:08:13.259559, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259568, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259576, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259587, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259606, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_tcon.c:521
[2017/01/22 01:08:13.259620, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2017/01/22 01:08:13.259685, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259700, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2017/01/22 01:08:13.259709, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_LOGOFF] mid = 11
[2017/01/22 01:08:13.259719, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259764, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259774, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259787, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 4
req->in.vector[4].iov_len = 0
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259823, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259834, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259842, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259854, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259864, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259878, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/lock/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259889, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key D483AFB6
[2017/01/22 01:08:13.259902, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f0770a4c2c0
[2017/01/22 01:08:13.259919, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key D483AFB6
[2017/01/22 01:08:13.259929, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259937, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259952, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_sesssetup.c:1262
[2017/01/22 01:08:13.259966, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2017/01/22 01:08:13.261841, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1069(smbd_server_connection_terminate_ex)
smbd_server_connection_terminate_ex: conn[ipv4:172.31.254.73:50848] reason[NT_STATUS_CONNECTION_RESET] at ../source3/smbd/smb2_server.c:3901
[2017/01/22 01:08:13.261894, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261909, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261917, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261931, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261941, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261949, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261956, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261968, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261977, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261984, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261992, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262004, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262014, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.262029, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.262037, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262048, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262093, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor)
msg_dgm_ref_destructor: refs=(nil)
[2017/01/22 01:08:13.262245, 3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:246(exit_server_common)
Server exit (NT_STATUS_CONNECTION_RESET)
Tags samba shared-folders smb samba4 domain