NT_STATUS_LOGON_FAILURE
Dejma
dejma na volny.cz
Čtvrtek Duben 28 11:42:13 CEST 2005
Tak ještě přihoď:
testparm -v >testparm.txt
ať víme co je "uvnitř" onlajn
> Dobrý den,
> uspesne jsem z WinNT PDC vampiroval ucty do samby.
>
> Stanice se bez problemu prihlasi na Sambu PDC.
>
> Problem je, ze prihlaseny uzivatel se nedostane do zadneho
> sdileneho adresare, ani do sveho domovskeho.
>
> #smbclient -L localhost -U pepa
> Password:
> Domain=[HKEL] OS=[Unix] Server=[Samba 3.0.10-1.4E]
>
> Sharename Type Comment
> --------- ---- -------
> IPC$ IPC IPC Service (Samba Server 3.0.10-1.4E)
> ADMIN$ IPC IPC Service (Samba Server 3.0.10-1.4E)
> pepa Disk Home directory of pepa
> Domain=[HKEL] OS=[Unix] Server=[Samba 3.0.10-1.4E]
>
>
> #smbclient //127.0.0.1/pepa -U pepa
> spletu heslo
> session setup failed: NT_STATUS_LOGON_FAILURE
>
> dam spravne heslo
> tree connect failed: NT_STATUS_BAD_NETWORK_NAME
>
> v logu vidim:
> [2005/04/28 06:21:56, 0] smbd/service.c:make_connection_snum(620)
> '/home/pepa' does not exist or is not a directory, when connecting to
> [pepa]
>
> Adresar /home/pepa existuje, a ma spravna prava.
>
> ls -l /home/ | grep pepa
> drwxrwx--- 2 pepa pepa 4096 dub 27 15:41 pepa
>
>
> Takto na tom jsou vsichni uzivatele, krome administratora.
>
> [root na linux log]# smbclient //127.0.0.1/administrator -U administrator
> Password:
> Domain=[HKEL] OS=[Unix] Server=[Samba 3.0.10-1.4E]
> smb: \> dir
> . D 0 Tue Apr 26 17:49:08 2005
> .. D 0 Wed Apr 27 17:36:24 2005
> .emacs AH 383 Mon Apr 25 18:31:18 2005
> .zshrc AH 658 Mon Apr 25 18:31:18 2005
> profile D 0 Tue Apr 26 17:53:47 2005
> .bashrc AH 124 Mon Apr 25 18:31:18 2005
> .bash_profile AH 191 Mon Apr 25 18:31:18 2005
> .bash_logout AH 304 Mon Apr 25 18:31:18 2005
>
> 54140 blocks of size 1048576. 48200 blocks available
> smb: \>
>
>
> Toto se mi zacalo dit, kdyz jsem zmenil "passdb backend = tdbsam" z
> smbpasswd a provedl vampirovani.
>
> #pdbedit -Lw pepa
> pepa:516:D1A9....
>
> #cat /etc/passwd | grep pepa
> pepa:x:516:516::/home/pepa:/sbin/nologin
>
> #net groupmap list
> smazal jsem duplicitní "Domain Admins", "Domain Users"
> a podle SID nechal ty spravne.
>
> #net groupmap modify ntgroup="Domain Admins" unixgroup=root
> #net groupmap modify ntgroup="Domain Users" unixgroup=dusers
>
> V /etc/group mam skupinu dusers obsahujici vsechny uzivatele,
> a do skupiny root jsem pridal uzivatele administrator
>
> Vyzkousel jsem nasdilet adresar, kteremu jsem na stavil chmod 777,
> ale stejne se do nej uzivatel pepa nedostane.
>
> Jeste pridam smb.conf
>
> [global]
> workgroup = HKEL
> netbios name = LINUX
> server string = Samba Server %v
> passdb backend = tdbsam
> log file = /var/log/samba.%m
> max log size = 50
> encrypt passwords = yes
> domain master = yes
> local master = yes
> preferred master = yes
> os level = 65
> security = user
> domain logons = yes
> # Home directories
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
>
>
>
> Netusite kde by mohl byt zakopany pes?
> Diky,
>
> Honza Novacek
Další informace o konferenci Linux