[samba] Samba - ADS membership

[Alex Murphy]

В сообщении от 10 Ноябрь 2004 19:13 Кравченко Олег написал(a):
> Приветствую.
>
> Не получается настроить самбу (3.0.8) как член контроллера Active
> Directory.
>
> Читаю документацию и делаю как там рекомендуется:
> Настраиваю smb.conf :
> [global]
>         domain master = No
>         preferred master = no
>         unix charset = KOI8-R
>         dos charset = 866
>         template shell = /bin/sh
>         os level = 20
>         security = ADS
а там разве не domain надо ставить ??? хотя не знаю...

>         encrypt passwords = yes
>         realm = TECHNOGRES.LOCAL
>         winbind uid = 10000-65000
>         winbind gid = 10000-65000
>         log file = /var/log/samba/smb.log.%m
>         dns proxy = No
>         local master = No
>         workgroup = TECHNOGRES0
>         message command = /usr/local/bin/linpopup "%f" "%m" %s; rm %s
>         netbios name = kravchenko
>         log level = 3
>
> krb5.conf
> [libdefaults]
> default_realm = TECHNOGRES.LOCAL
>
> [realms]
>     YOUR.KERBEROS.REALM = {
ТУТ ДОЛЖНО БЫТЬ TECHNOGRES.LOCAL


>         kdc = basic.technogres.local
>                             }
> [domain_realms]
>     .kerberos.server = TECHNOGRES.LOCAL
>
> Перегружаю smb, winbind,
> Делаю kinit oleg на TECHNOGRES.LOCAL
> net ADS join -U oleg
>
> Все проходит.
> Пытаюсь подключиться с виндовс и получаю в логах (фрагмент):
>
> [2004/11/10 17:02:29, 3] libsmb/cliconnect.c:cli_start_connection(1382)
>   Connecting to host=SECOND
> [2004/11/10 17:02:29, 3] lib/util_sock.c:open_socket_out(752)
>   Connecting to 192.168.1.200 at port 445
> [2004/11/10 17:02:29, 0] auth/auth_domain.c:domain_client_validate(199)
>   domain_client_validate: unable to validate password for user oleg in
> domain TECHNOGRES0 to Domain controller
>  \\SECOND. Error was NT_STATUS_WRONG_PASSWORD.
пишет что вообче-то пароль не подходит....может как не так набираешь пароля 
для олега ???


> [2004/11/10 17:02:29, 2] auth/auth.c:check_ntlm_password(312)
>   check_ntlm_password:  Authentication for user [oleg] -> [oleg] FAILED
> with error NT_STATUS_WRONG_PASSWORD
> [2004/11/10 17:03:29, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/11/10 17:04:29, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/11/10 17:04:29, 2] smbd/process.c:timeout_processing(1371)
>   Closing idle connection
> [2004/11/10 17:04:29, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/11/10 17:04:29, 2] smbd/server.c:exit_server(571)
>   Closing connections
> [2004/11/10 17:04:29, 3] smbd/connection.c:yield_connection(69)
>   Yielding connection to
> [2004/11/10 17:04:29, 3] smbd/connection.c:yield_connection(76)
>   yield_connection: tdb_delete for name  failed with error Record does not
> exist.
> [2004/11/10 17:04:29, 3] smbd/server.c:exit_server(614)
>   Server exit (normal exit)
>
>
> Помогите разобраться