Não é possível criar o compartilhamento do samba 4 que aceita credenciais de domínio

1

Eu criei um servidor CentOS7 que eu entrei em um domínio. Confirmei usando 'realm' que é parte do domínio e confirmei com 'id' que posso verificar a associação de grupos.

Agora estou tentando configurar um compartilhamento, mas ficando preso. Eu configurei um 'teste' de compartilhamento como mostrado abaixo. No Windows eu posso usar o navegador de arquivos para ver a raiz do servidor (mostrando apenas o compartilhamento 'teste'), mas quando eu clico duas vezes no nome do compartilhamento (teste) ele expira e pede credenciais. Eu tentei minhas credenciais e credenciais de administrador de domínio, ambos se recusaram.

smbclient lista corretamente os compartilhamentos neste host. E, estranhamente, eu copiei meu smb.conf de um servidor CentOS6 no meu domínio que funciona bem. Algumas coisas são diferentes no CentOS 7, eu assumo.

Existe uma configuração ausente?

# Global parameters
[global]
        interfaces = 172.33.254.38 127.0.0.1
        realm = mydomain.com
        server string = Linux Server
        workgroup = mydomain
        log file = /var/log/samba/%m.log
        max log size = 50
        load printers = No
        printcap name = /dev/null
        unix extensions = No
        security = ADS
        winbind offline logon = Yes
        dns proxy = No
        wins server = 172.33.254.31
        idmap config * : backend = tdb
        wide links = Yes
        lpq command = lpq -P'%p'
        lprm command = lprm -P'%p' %j
        print command = lpr -r -P'%p' %s
        printing = bsd
        guest ok = Yes


[test]
        comment = mydomain Files
        path = /data/test
        force group = root
        force user = root
        read only = No
        valid users = "@mydomain\domain admins" mydomain\myname root
        browseable = yes

E o registro do samba deste host depois de falhar ao visualizar o conteúdo do compartilhamento:

[2017/01/22 01:08:13.259022, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259077, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2017/01/22 01:08:13.259090, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_TDIS] mid = 10
[2017/01/22 01:08:13.259115,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1475001125, 1475000513) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259129,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
  Security token SIDs (7):
    SID[  0]: S-1-22-1-1475001125
    SID[  1]: S-1-22-2-1475000513
    SID[  2]: S-1-22-2-1475001141
    SID[  3]: S-1-22-2-1475001140
    SID[  4]: S-1-1-0
    SID[  5]: S-1-5-2
    SID[  6]: S-1-5-11
   Privileges (0x               0):
   Rights (0x               0):
[2017/01/22 01:08:13.259162,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 1475001125
  Primary group is 1475000513 and contains 3 supplementary groups
  Group[  0]: 1475000513
  Group[  1]: 1475001141
  Group[  2]: 1475001140
[2017/01/22 01:08:13.259206,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
  Impersonated user: uid=(1475001125,1475001125), gid=(0,1475000513)
[2017/01/22 01:08:13.259222,  4, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259231,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259239,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259254,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259320,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259333,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259341,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259353,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259363,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259372, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259383, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key 64C5DBD4
[2017/01/22 01:08:13.259399, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a38850
[2017/01/22 01:08:13.259414, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key 64C5DBD4
[2017/01/22 01:08:13.259423,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259432, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259448,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259457,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259465,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259476,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259485,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum)
  172.31.254.73 (ipv4:172.31.254.73:50848) closed connection to service IPC$
[2017/01/22 01:08:13.259507,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir)
  vfs_ChDir to /
[2017/01/22 01:08:13.259545,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir)
  vfs_ChDir got /
[2017/01/22 01:08:13.259559,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259568,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259576,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259587,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259606, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_tcon.c:521
[2017/01/22 01:08:13.259620, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2017/01/22 01:08:13.259685, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259700, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2017/01/22 01:08:13.259709, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_LOGOFF] mid = 11
[2017/01/22 01:08:13.259719,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259764,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259774,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259787,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259823,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259834,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259842,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259854,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259864,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259878, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259889, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key D483AFB6
[2017/01/22 01:08:13.259902, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a4c2c0
[2017/01/22 01:08:13.259919, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key D483AFB6
[2017/01/22 01:08:13.259929,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259937, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259952, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_sesssetup.c:1262
[2017/01/22 01:08:13.259966, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2017/01/22 01:08:13.261841, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1069(smbd_server_connection_terminate_ex)
  smbd_server_connection_terminate_ex: conn[ipv4:172.31.254.73:50848] reason[NT_STATUS_CONNECTION_RESET] at ../source3/smbd/smb2_server.c:3901
[2017/01/22 01:08:13.261894,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261909,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261917,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261931,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261941,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261949,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261956,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261968,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261977,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261984,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261992,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262004,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262014,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.262029,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.262037,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262048,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262093, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor)
  msg_dgm_ref_destructor: refs=(nil)
[2017/01/22 01:08:13.262245,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:246(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
    
por TSG 22.01.2017 / 06:03

0 respostas