[PLUG] Ongoing saga with Samba and AD

Mike Leone on 27 Mar 2010 19:02:38 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Ongoing saga with Samba and AD

From: Mike Leone <turgon@mike-leone.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: [PLUG] Ongoing saga with Samba and AD

Date: Sat, 27 Mar 2010 22:02:38 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.24 (Windows/20100228)

So I decided there was nothing on my Samba server I really needed. :-) All of the files it was sharing out are on a separate internal drive. So I saved my smb.conf, and wiped it clean, and installed Ubuntu 9.10. Anyway, I have made great strides - I joined the server to AD, and I can see all the domain users and groups when I do a "getent passwd" and "getent group". And no need for LDAP at all. The trick? I removed "idmap backend = ad" and went with the default (which is "idmap backend = tdb"). So *not* specifying a backend allowed it all to work. So, onto the problem (you knew there had to be one, right?). I have my smb.conf set up so that I need to logon domain members as "DACRIB+logonname". And when I go to do that, this happens: I tried to log on as "DACRIB+administrator" at the physical console. I was prompted twice for my password (dunno if that's because my password has a "!" in it or not). Then it starts to login. I see the motd. I see it say that it was trying to create a home directory for administrator in "/home/DACRIB/administrator" - which is exactly what it should do. Then I am immediately logged out, and returned to a new login prompt. No other messages on the console, nothing. auth.log says: Mar 27 21:04:15 workhorse login[4213]: pam_unix(login:auth): authentication failure; logname=turgon uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=DACRIB+administrator Mar 27 21:04:15 workhorse login[4213]: pam_winbind(login:auth): getting password (0x00000180) Mar 27 21:04:21 workhorse login[4213]: pam_winbind(login:auth): user 'DACRIB+administrator' granted access Mar 27 21:04:21 workhorse login[4213]: pam_unix(login:session): session opened for user DACRIB+administrator by turgon(uid=0) Mar 27 21:04:21 workhorse login[4213]: pam_unix(login:session): session closed for user DACRIB+administrator Nothing in syslog or messages. The home directory was created, as it should: ls -la /home/DACRIB/ drwx------ 2 DACRIB+administrator DACRIB+domain users 4096 2010-03-27 21:04 administrator root@workhorse:/home/DACRIB# ls -la /home/DACRIB/administrator/ total 24 drwx------ 2 DACRIB+administrator DACRIB+domain users 4096 2010-03-27 21:04 . dr-xr-xr-x 4 root root 4096 2010-03-27 21:04 .. -rw------- 1 DACRIB+administrator DACRIB+domain users 220 2010-03-27 21:04 .bash_logout -rw------- 1 DACRIB+administrator DACRIB+domain users 3180 2010-03-27 21:04 .bashrc -rw------- 1 DACRIB+administrator DACRIB+domain users 167 2010-03-27 21:04 examples.desktop -rw------- 1 DACRIB+administrator DACRIB+domain users 675 2010-03-27 21:04 .profile So I am confused as to why the domain accounts are immediately logged out. NOTE: local users log in just fine. Where to go next? ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Ongoing saga with Samba and AD
From: Ben Love <blove+plug@kylimar.com>

Prev by Date: Re: [PLUG] slightly OT: finding SQL injection in M$ logs with grep

Next by Date: Re: [PLUG] Ongoing saga with Samba and AD

Previous by thread: Re: [PLUG] slightly OT: finding SQL injection in M$ logs with grep

Next by thread: Re: [PLUG] Ongoing saga with Samba and AD

Index(es):

Date

Thread