Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.samba > #59682

Re: [Samba] Regular users can't log in to Samba AD DC from Windows

From Alnis Morics via samba <samba@lists.samba.org>
Newsgroups linux.samba
Subject Re: [Samba] Regular users can't log in to Samba AD DC from Windows
Date 2017-02-06 18:10 +0100
Message-ID <t7UXE-7LS-35@gated-at.bofh.it> (permalink)
References (7 earlier) <t7RQ7-5AW-51@gated-at.bofh.it> <t7Sj7-61m-9@gated-at.bofh.it> <t7SCv-68H-53@gated-at.bofh.it> <t7Tfc-6CJ-25@gated-at.bofh.it> <t7Ubh-7e3-41@gated-at.bofh.it>
Organization linux.* mail to news gateway

Show all headers | View raw


On 02/06/2017 18:07, Rowland Penny via samba wrote:
> On Mon, 6 Feb 2017 17:09:27 +0200
> Alnis Morics via samba <samba@lists.samba.org> wrote:
>
>>
>> On 02/06/2017 16:36, Rowland Penny via samba wrote:
>>> On Mon, 6 Feb 2017 16:16:28 +0200
>>> Alnis Morics via samba <samba@lists.samba.org> wrote:
>>>
>>>>
>>>>
>>>> On 02/06/2017 15:43, Rowland Penny via samba wrote:
>>>>> On Mon, 6 Feb 2017 14:47:21 +0200
>>>>> Alnis Morics via samba <samba@lists.samba.org> wrote:
>>>>>
>>>>>> I see. But I don't necessarily need homedirs and hence PAM
>>>>>> configured just to log in from Windows and access a file share
>>>>>> from there, do I? Or even just to log in on Windows to the
>>>>>> domain.
>>>>>>
>>>>>> Alnis
>>>>>>
>>>>>
>>>>> If you only have windows users and they will never actually log
>>>>> into the Samba AD DC, then you don't need user homedirs on the DC.
>>>>>
>>>>> Rowland
>>>>>
>>>>>
>>>>
>>>> That's my main problem for now: single sign-on doesn't work. The
>>>> Windows machine is joined the domain. Domain Administrator can log
>>>> in with this Windows machine, and other users that I created with
>>>> samba-tool, can not. Can you suggest a way of how to trace what's
>>>> going on?
>>>>
>>>> Alnis
>>>>
>>>
>>> Not sure I understand what you are saying, do you want your users to
>>> connect to shares on the DC, or are you saying that your users
>>> cannot log into a windows PC joined to the domain ?
>>>
>>> Rowland
>>>
>> My (domain) users cannot log into a Windows PC joined to the domain.
>>
>> I created those users with samba-tool. Only the domain Administrator
>> can log into this Windows PC.
>>
>> Alnis
>>
>
> I seem to remember something about freebsd, what filesystem are you
> using and what were your ./config optiond when you built Samba ?
>
> Rowland
>

My filesystem is UFS (v.2), I enabled ACLs with:
tunefs -a enable <filesystem-device>

and placed the "rw,acls" options into fstab, although the "mount" showed 
they are enabled even without that option in fstab.

Extended File Attributes are supported.

./configure options were "--without-systemd --man-dir=/usr/local/man"

Rowland, we were probably writing simultaneously, and you didn't notice 
I wrote that I finally managed to log in with that user1. Either 
passwords were messed up while I experimented with them (samba-tool user 
password/setpassword) or firewall was in the way, or both.

Thanks for helping,
Alnis


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Back to linux.samba | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

[Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 09:10 +0100
  Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 09:50 +0100
    Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 10:20 +0100
      Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 11:00 +0100
        Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 12:10 +0100
          Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 12:40 +0100
            Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 13:50 +0100
              Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 14:50 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 15:20 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 15:40 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 16:20 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Rowland Penny via samba <samba@lists.samba.org> - 2017-02-06 17:20 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 18:10 +0100
                Re: [Samba] Regular users can't log in to Samba AD DC from Windows Alnis Morics via samba <samba@lists.samba.org> - 2017-02-06 17:10 +0100

csiph-web