From: "Maks Re" <admaks@gmail.com>
To: "ALT Linux sysadmin discuss" <sysadmins@lists.altlinux.org>
Subject: Re: [Sysadmins] Контролер домена
Date: Wed, 13 Aug 2008 22:02:33 +0400
Message-ID: <f041fbd00808131102n5accd07cr2773d81265a412b5@mail.gmail.com> (raw)
In-Reply-To: <6c7be88d0808130704r59b30e3ahf0f6f95389d430dd@mail.gmail.com>
> Команду добавления и ругань в студию...
те ссылки статей, которые приводили тут в треде - были прочитаны до
начала экспериментов, впрочем как и во время...
про проверку, по шагам (на freesource.info) - все отрабатывается, все корректно.
но, ввести машину-сервер в свой домен - не получается...
# net rpc join -W Perfect -Usysop%sysop_pw
Could not connect to server SRV-GW-1
Connection failed: NT_STATUS_UNSUCCESSFUL
в логах видно. что пользователь sysop корректно вытянулся из БД,но
[2008/08/13 15:34:00, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2008/08/13 15:34:00, 4] auth/auth_sam.c:sam_account_ok(138)
sam_account_ok: Checking SMB password for user sysop
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2008/08/13 15:34:00, 3] smbd/uid.c:push_conn_ctx(358)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2008/08/13 15:34:00, 3] smbd/uid.c:push_conn_ctx(358)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2008/08/13 15:34:00, 3] passdb/pdb_ldap.c:ldapsam_enum_group_memberships(2719)
primary group of [sysop] not found
[2008/08/13 15:34:00, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2008/08/13 15:34:00, 0] auth/auth_sam.c:check_sam_security(352)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[2008/08/13 15:34:00, 3] auth/auth_winbind.c:check_winbind_security(80)
check_winbind_security: Not using winbind, requested domain
[Perfect] was for this SAM.
[2008/08/13 15:34:00, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [sysop] -> [sysop]
FAILED with error NT_STATUS_UNSUCCESSFUL
[2008/08/13 15:34:00, 3] smbd/error.c:error_packet_set(106)
error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX)
NT_STATUS_UNSUCCESSFUL
[2008/08/13 15:34:00, 3] smbd/process.c:timeout_processing(1329)
timeout_processing: End of file from client (client has disconnected).
как видно, что не найдена примари групп (primary group of [sysop] not
found ), и какая итоговая ошибка (check_ntlm_password: Authentication
for user [sysop] -> [sysop]
FAILED with error NT_STATUS_UNSUCCESSFUL)
хотя
# id sysop
uid=0(root) gid=0(root) groups=0(root),512(Domain Admins)
пользователя root.root в каталоге БД нету, он хранится в shadow/tcb
--
С уважением,
Макс.
next prev parent reply other threads:[~2008-08-13 18:02 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-13 8:50 ` Maks Re
2008-08-13 9:20 ` Maks Re
2008-08-13 9:30 ` Maks Re
2008-08-13 9:39 ` Maks Re
2008-08-13 10:25 ` Vyacheslav Brunev
2008-08-13 12:14 ` Maks Re
2008-08-14 2:01 ` Vyacheslav Brunev
2008-08-14 3:12 ` Vyacheslav Brunev
2008-08-14 5:12 ` Maks Re
2008-08-14 7:10 ` Vyacheslav Brunev
2008-08-14 7:40 ` Vyacheslav Brunev
2008-08-14 8:20 ` Vyacheslav Brunev
2008-08-15 8:10 ` Maks Re
2008-08-13 9:51 ` Yuri Bushmelev
2008-08-13 10:25 ` Yuri Bushmelev
2008-08-13 13:21 ` Led
2008-08-16 7:32 ` Вадим Илларионов
2008-08-16 20:25 ` Maxim Tyurin
2008-08-13 9:38 ` Vyacheslav Brunev
2008-08-13 9:39 ` Maks Re
2008-08-13 10:06 ` Vyacheslav Brunev
2008-08-13 12:14 ` Maks Re
2008-08-13 13:52 ` Владимир
2008-08-13 13:55 ` Maks Re
2008-08-13 18:02 ` Maks Re [this message]
2008-08-13 18:12 ` Eugene Ostapets
2008-08-13 18:38 ` Maks Re
2008-08-13 19:56 ` Eugene Ostapets
2008-08-13 20:02 ` Maks Re
2008-08-15 11:07 ` Maks Re
2008-08-15 11:37 ` Maks Re
2008-08-15 13:32 ` Maks Re
2008-08-15 14:47 ` Alexey Shabalin
2008-08-15 14:55 ` Maks Re
2008-08-16 8:27 ` Вадим Илларионов
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f041fbd00808131102n5accd07cr2773d81265a412b5@mail.gmail.com \
--to=admaks@gmail.com \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git