Douglas G. Oechsler
2020-Jul-14 13:08 UTC
[Samba] net rpc rights grant fail to connect 127.0.0.1
Hello Friends! I start from zero again to configure ad-dc and ad member file server. In ad-dc way seems all working well In *ad member file server *maybe I did wrong configuration. Checking now, I add symbolic link of *libnss_winbind*. But, symbolic link it is only for Samba compiled. I did not compile samba, I use the samba package from distro. Can be this affecting the command: *net rpc right?* Or, Is this stupid Thincking We use Pfsense here, but, checking until now, it does not block some services ad-dc ports. Thanks attention and help Douglas Em seg., 13 de jul. de 2020 ?s 12:17, Rowland penny via samba < samba at lists.samba.org> escreveu:> On 13/07/2020 15:55, L.P.H. van Belle via samba wrote: > > Ok, im bit confused, sorry,. > > Ehen i look that the below output, then i see there are multiple things > suspecting to go wrong here. > > > > For example this is a mismatch.. especialy hostname -i & -I these > should be the same or -I should show both. > > > > Now, if this is the member i would have expected something like this. > > > > /etc/hosts > > > > 127.0.0.1 localhost > > 10.1.1.16 E-PLANO.ad.mydomain.br e-plano > Yep, that is where the IP error is coming from. > > Rowland > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Rowland penny
2020-Jul-14 13:38 UTC
[Samba] net rpc rights grant fail to connect 127.0.0.1
On 14/07/2020 14:08, Douglas G. Oechsler wrote:> Hello Friends! > > I start from zero again to configure ad-dc and ad member file server. > In ad-dc way seems all working well > > In *ad member file server *maybe I did wrong configuration. Checking > now, I add symbolic link of *libnss_winbind*. But, symbolic link it is > only for Samba compiled. I did not compile samba, I use the samba > package from distro. > Can be this affecting the command: *net rpc right?*Ah, the old 'problem between keyboard and chair' bug ;-) Or to put it another way, yes Rowland
Douglas G. Oechsler
2020-Jul-15 13:27 UTC
[Samba] Fwd: net rpc rights grant fail to connect 127.0.0.1
Hello! I really do not know what to do. Still in error. I did step by step ad-dc and AD Member file server. Any other idea please? username map - check Command from AD Member: Error: net rpc rights grant "MYDOMAIN\Unix Admins" SeDiskOperatorPrivilege -U "MYDOMAIN\Administrator" Enter MYDOMAIN\Administrator's password: Could not connect to server 127.0.0.1 testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Member AD smb.conf # Global parameters [global] dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab log file = /var/log/samba/%m.log realm = AD.MYDOMAIN.BR security = ADS template homedir = /home/%U template shell = /bin/bash username map = /etc/samba/etc/user.map winbind refresh tickets = Yes winbind use default domain = Yes workgroup = MYDOMAIN idmap config mydomain:unix_primary_group = yes idmap config mydomain:unix_nss_info = yes idmap config mydomain:range = 10000-999999 idmap config mydomain:schema_mode = rfc2307 idmap config mydomain:backend = ad idmap config * : range = 3000-7999 idmap config * : backend = tdb map acl inherit = Yes vfs objects = acl_xattr Thanks attention Em ter., 14 de jul. de 2020 ?s 10:39, Rowland penny via samba < samba at lists.samba.org> escreveu:> On 14/07/2020 14:08, Douglas G. Oechsler wrote: > > Hello Friends! > > > > I start from zero again to configure ad-dc and ad member file server. > > In ad-dc way seems all working well > > > > In *ad member file server *maybe I did wrong configuration. Checking > > now, I add symbolic link of *libnss_winbind*. But, symbolic link it is > > only for Samba compiled. I did not compile samba, I use the samba > > package from distro. > > Can be this affecting the command: *net rpc right?* > > Ah, the old 'problem between keyboard and chair' bug ;-) > > Or to put it another way, yes > > Rowland > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *Douglas Giovani Oechsler* e-mail: doguibnu at gmail.com <douglasgiovani at oechsler.com.br> *Prudent?polis - PR* -- *Douglas Giovani Oechsler* e-mail: doguibnu at gmail.com <douglasgiovani at oechsler.com.br> *Prudent?polis - PR*
Rowland penny
2020-Jul-15 13:53 UTC
[Samba] Fwd: net rpc rights grant fail to connect 127.0.0.1
On 15/07/2020 14:27, Douglas G. Oechsler via samba wrote:> Hello! > > I really do not know what to do. Still in error. I did step by step ad-dc > and AD Member file server. > Any other idea please? > > Error: > net rpc rights grant "MYDOMAIN\Unix Admins" SeDiskOperatorPrivilege -U > "MYDOMAIN\Administrator" > Enter MYDOMAIN\Administrator's password: > Could not connect to server 127.0.0.1 >Not sure where to go from here, if I run the command I get this: pi at raspberrypi:~/tests $ net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U"SAMDOM\Administrator" Enter SAMDOM\Administrator's password: Successfully granted rights. There isn't anything wrong with your smb.conf, so can we confirm a few things, perhaps there is something we missed ;-) can you post the contents of the following files: /etc/hostname /etc/hosts /etc/resolv.conf /etc/krb5.conf The output from the following commands: hostname -s hostname -d hostname -f hostname -i hostname -I What OS is this ? What version of Samba (if unsure, 'smbd -V' will tell you) Is Apparmor or Selinux enabled ? Rowland
L.P.H. van Belle
2020-Jul-15 14:53 UTC
[Samba] Fwd: net rpc rights grant fail to connect 127.0.0.1
What Rowland asked and try this. kinit administrator net rpc rights list -k -S $(hostname -f) Then remove the -S part again try again. What do you seen then.> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: woensdag 15 juli 2020 15:54 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Fwd: net rpc rights grant fail to > connect 127.0.0.1 > > On 15/07/2020 14:27, Douglas G. Oechsler via samba wrote: > > Hello! > > > > I really do not know what to do. Still in error. I did step > by step ad-dc > > and AD Member file server. > > Any other idea please? > > > > Error: > > net rpc rights grant "MYDOMAIN\Unix Admins" > SeDiskOperatorPrivilege -U > > "MYDOMAIN\Administrator" > > Enter MYDOMAIN\Administrator's password: > > Could not connect to server 127.0.0.1 > > > Not sure where to go from here, if I run the command I get this: > > pi at raspberrypi:~/tests $ net rpc rights grant "SAMDOM\Unix Admins" > SeDiskOperatorPrivilege -U"SAMDOM\Administrator" > Enter SAMDOM\Administrator's password: > Successfully granted rights. > > There isn't anything wrong with your smb.conf, so can we > confirm a few > things, perhaps there is something we missed ;-) > > can you post the contents of the following files: > > /etc/hostname > > /etc/hosts > > /etc/resolv.conf > > /etc/krb5.conf > > The output from the following commands: > > hostname -s > > hostname -d > > hostname -f > > hostname -i > > hostname -I > > What OS is this ? > > What version of Samba (if unsure, 'smbd -V' will tell you) > > Is Apparmor or Selinux enabled ? > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >