openSUSE Forums > Network/Internet » Suse 11 AD authenication using samba\winbind

Go Back   openSUSE Forums > Network/Internet
Reload this Page Suse 11 AD authenication using samba\winbind
Forums FAQ Members List Search Today's Posts Mark Forums Read


Network/Internet Questions about internet applications, network configuration, usage (SAMBA, network printing, NFS)

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 31-Oct-2009, 20:58
Puzzled Penguin
  
Join Date: Aug 2008
Posts: 12
bladstriker hasn't been rated much yet
Default Suse 11 AD authenication using samba\winbind
I have been trying to find an answer in forums/google to my problem. Hopefully someone can help me.

Have a Suse 11 server configured with samba/winbind v.3.2.4-4.5-2154-SUSE-SL11.0

trying to get AD authentication working correctly

my krb5.conf file looks like this:
[libdefaults]
default_realm = MYDOMAIN.LOCAL
dns_lookup_kdc = false
dns_lookup_realm = false

[domain_realm]
.mydomain.local = MYDOMAIN.LOCAL
mydomain.local = MYDOMAIN.LOCAL

[realms]
MYDOMAIN.LOCAL = {
kdc = dcname.mydomain.local
admin_server = xx.xx.xx.xx:749
default_domain = mydomain.local
}

[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICEAEMON

[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
minimum_uid = 1
clockskew = 300
external = sshd
use_shmem = sshd
}


I have successfully joined my AD domain using the net ads join command

wbinfo -D domainname returns correct info
wbinfo -u and -g return domain users and groups
wbinfo -a username%password returns:
plaintext password authentication failed
Could not authenticate user jordan with plaintext password
wbinfo -K username%password returns:
plaintext kerberos password authentication for [jordan] failed (requesting cctype: FILE)
Could not authenticate user [jordan] with Kerberos (ccache: FILE)

getent passwd or group only lists the local suse user/groups ie. doesn't include the domain users/groups which I believe it should

I cannot access any of the samba shares from my windows clients
smb.conf:
[global]
realm = MYDOMAIN.LOCAL
workgroup = MYDOMAIN
netbios name = theoracle
preferred master = no
security = ADS
idmap gid = 10000-50000
idmap uid = 10000-50000
encrypt passwords = yes
enhanced browsing = no
winbind trusted domains only = yes
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
log file = /var/log/samba/%m.log
log level = 10

again if anyone can provide some assistance it will be greatly appreciated
Reply With Quote
Reply

Bookmarks


« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Contact Us - openSUSE Forums - Archive - Privacy Statement - Top
© 2007 Novell, Inc. All Rights Reserved. This site uses the YAML CSS framework. All times are GMT -6. The time now is 08:32.
About openSUSE | Disclaimers | Feedback

Founded by Novell
 

Search Engine Friendly URLs by vBSEO 3.3.0 RC2