Linux no logon server

Contact US

*Tek-Tips’s functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

session setup failed: NT_STATUS_NO_LOGON_SERVERS

session setup failed: NT_STATUS_NO_LOGON_SERVERS

session setup failed: NT_STATUS_NO_LOGON_SERVERS

when i try: smbclient -L localhost

i get: session setup failed: NT_STATUS_NO_LOGON_SERVERS

# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2005-11-11

[global]
# domain name
workgroup = rockstarml

# name of computer
netbios name = esus

# server string is the equivalent of nt description field
server string = SUSE LINUX

# Create seperate log files for each machine that connects
log file = /var/log/samba/log.%m

# max log file size
max log size = 500

# How users are authenticated
security = domain
password server =*

encrypt passwords = yes
smbpasswd file = /etc/samba/smbpasswd

# printing = cups
# printcap name = cups
# printcap cache time = 750
# cups options = raw
# map to guest = Bad User
# include = /etc/samba/dhcp.conf
# logon path = \\%L\profiles\.msprofile
# logon home = \\%L\%U\.9xprofile
# logon drive = P:
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
# domain logons = yes
domain master = No

[homes]
comment = Home Directories
valid users = %S
browseable = No
read only = No
inherit acls = Yes
#[profiles]
# comment = Network Profiles Service
# path = %H
# read only = No
# store dos attributes = Yes
# create mask = 0600
# directory mask = 0700
#[users]
# comment = All users
# path = /home
# read only = No
# inherit acls = Yes
# veto files = /aquota.user/groups/shares/
#[groups]
# comment = All groups
# path = /home/groups
# read only = No
# inherit acls = Yes
#[printers]
# comment = All Printers
# path = /var/tmp
# printable = Yes
# create mask = 0600
# browseable = No
#[print$]
# comment = Printer Drivers
# path = /var/lib/samba/drivers
# write list = @ntadmin root
# force group = ntadmin
# create mask = 0664
# directory mask = 0775

# Public share for platinum and windows installation
[apps]
comment = PFW
path = /home/data/apps
public = yes
writeable = yes
only guest = yes

# General Share Directory
[share]
comment = PUBLIC SHARE
path = /home/share
public = yes
browseable = yes
writeable = yes
only guest = no
create mask = 0777

# share directory for peachtree
[peachw]
comment = peachtree
path = /home/peachw
public = yes
writeable = yes
only guest = no
create mask = 0777

Читайте также:  Linux find installed apps

when i run /usr/bin/testparm everything seems ok.
i can see the samba server on my netwrok places but i can’t access any of the shares anybody here good with samba who has time to help?

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

Can you ping the domain controller of the domain?
I was thinking maybe DNS is a problem.

"If you always do what you’ve always done, you will always be where you’ve always been."

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

BocaBurger
<===========================||////////////////|0
The pen is mightier than the sword, but the sword hurts more!

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

hold on but how do i solve the problem. i tried putting entries in the /etc/hosts file and now i can ping the domain controller by name or but the problem still persists

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

Adding the entrie(s) in /etc/hosts may not solve it.
Ideally, your DNS servers and domain suffix should be added to /etc/resolv.conf
eg.
#DNS Servers
nameserver x.x.x.x
nameserver x.x.x.x
search mydomain.co.za mydomain2.com

And /etc/nsswitch.conf should have something like:
hosts = local, bind, nis

I’ve seen this error before on a high debug level.
If the name of the PDC’s are not exactly as they are represented internally, the Windows PDC will disregard the request.

"If you always do what you’ve always done, you will always be where you’ve always been."

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

I get a star because of my signature

BocaBurger
<===========================||////////////////|0
The pen is mightier than the sword, but the sword hurts more!

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

ok i put the ip of my password server in my samba file and i am getting a login prompt how can i enable users the see the public share

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

Your config does not seem to have a user map file.
In the [global] section of your smb.conf add:

username map = /somepath/user.map

In there, add
unixusername = ntdomain\ntusername

"If you always do what you’ve always done, you will always be where you’ve always been."

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

RE: session setup failed: NT_STATUS_NO_LOGON_SERVERS

Also remember that adding users using smbpasswd creates users within the local Samba security database.
This is normally used when you have
security = user or share
Since you are using domain authentication, you don’t need to create Samba accounts.
Just a Unix user and the username mapping to the Windows account in the user map file.

"If you always do what you’ve always done, you will always be where you’ve always been."

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Читайте также:  Swap linux создание раздел

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Copyright © 1998-2023 engineering.com, Inc. All rights reserved.
Unauthorized reproduction or linking forbidden without expressed written permission. Registration on or use of this site constitutes acceptance of our Privacy Policy.

Источник

NT_STATUS_NO_LOGON_SERVERS : Samba with AD on CentOS 7.X

Bits and Dragons

Bits and Dragons

Samba is my black beast. It’s useful and it’s needed, but at the same time it’s complex and troublesome. I had multiple errors ( like this NT_STATUS_ACCESS_DENIED before) but once I manage to have a working configuration, it’s a matter of tuning it up to have a second instance.

The error occur in the context of some AD (Active Directory) actions. Some servers go out, some go in with samba features. At one point, the reliable and highly demanded (but not highly available) samba server stops working and it’s not possible anymore to connect to it using my user AD credentials (AD username and password). To debug I log in as root on the server in question, and I look for the samba log linked to the client I want to connect to the samba server. In this case, the samba server is called zeus, and the client has the IP 10.20.30.40. The log in question looks like this.

root@zeus /var/log/samba ## > tailf samba_log.10.20.30.40.log [YYYY/MM/DD HOUR.012707, 5] ../source3/auth/auth.c:437(load_auth_module) load_auth_module: auth method winbind has a valid init . a lot of log here. [YYYY/MM/DD HOUR.010838, 5] ../source3/auth/auth.c:251(auth_check_ntlm_password) auth_check_ntlm_password: winbind authentication for user [Pepito] FAILED with error NT_STATUS_NO_LOGON_SERVERS, authoritative=1

We have used tailf to monitor the end of the samba log while it’s happening. Pepito, as usual, is my aduser. In order to fix this, we are going to join again the machine to our AD domain domain.org. Like this:

root@zeus ~ ## > net ads join -S domain_controller -U domain_admin Enter domain_admin's password: Using short domain name -- DOMAIN Joined 'ZEUS' to dns domain 'domain.org' root@zeus ~ ## > net ads testjoin Join is OK

Note that to fix this we need to know the domain controller (domain_controller) and the domain_admin password. You can’t do it as a normal user. After this (and just in case a restart of the smb and nmb services) we try again to connect our client 10.20.30.40 with the AD user pepito and it works. Hurraw!

Источник

Samba 4x domain. No logon servers available

I’ve been migrating a server that was RHEL 5 32 bit to a Centos 7 64 bit server. This a file sharing / domain server, and I have experience setting up Windows Domains, but not samba domains. My issue right now is that I can add a client windows machine to the domain, but when i attempt to add a user, I get the Trust relationship has been broken with the domain controller. I looked into some peoples questions that had the same issue, and it seemed as though that just logging in would fix that, so i attempted to log in with a domain user, and I got there were no logon servers found. What I’ve done so far: I Have copied DNS, and SMB confs to new server Ran into issue where client couldn’t resolve hostname, was related to DNS Could not find user. Users password had not been set Client pc is now able to join domain except I cannot add a user (get trust has been broken) On attempted logon I get no logon servers available. Other than dns I cant seem to think what would be causing this issue, besides having the other domain /dns on. another note, I have edited the dns conf on the old server to have the new servers information, and its the only dns running, as having the second dns server running at the same time might be problematic. I am new to doing DNS and Samba as a domain controller, so pardon any ignorance.

Читайте также:  Linux touch permission denied

1 Answer 1

The samba4 packages that ship with both CentOS 6 and 7 do not have domain controller functionality. If you look inside, eg, samba-dc-4.2.3-10.el7.x86_64.rpm , you’ll find it contains exactly one file, /usr/share/doc/samba-dc-4.2.3/README.dc . This file reads as follows:

MIT Kerberos 5 Support

Fedora is using MIT Kerberos implementation as its Kerberos infrastructure of choice. The Samba build in Fedora is using MIT Kerberos implementation in order to allow system-wide interoperability between both desktop and server applications running on the same machine.

At the moment the Samba Active Directory Domain Controller implementation is not available with MIT Kereberos. FreeIPA and Samba Team members are currently working on Samba MIT Kerberos support as this is a requirement for a GNU/Linux distribution integration of Samba AD DC features.

We have just finished migrating the file server and all client utilities to MIT Kerberos. The result of this work is available in samba-* packages in Fedora. We’ll provide Samba AD DC functionality as soon as its support of MIT Kerberos KDC will be ready.

In case of further questions do not hesitate to send your inquiries to samba-owner@fedoraproject.org

If you want to run a SaMBa4 domain controller on CentOS, you will need to build SaMBa from source yourself. The samba project wiki contains excellent instructions for doing this, and there are doubtless other such guides around the ‘net.

Источник

Оцените статью
Adblock
detector