[Pkg-samba-maint] Debian 9, Samba, AD and SSSD
Martin Scott
martin.scott at anaeko.com
Thu Mar 23 13:40:41 UTC 2017
Hi,
I hope someone can help answer a few questions I have regarding Debian 9,
Samba, AD and SSSD.
My goal is to manage permissions (ACL's) on samba shares from windows. I
have verified that my configuration works with Centos7, samba and sssd by
using the sssd libwbclient.
However I am restricted to using Debian OS and need to get the same
functionality.
I am attempting to configure Samba on debian 9 to use libwbclient-sssd as
follows
ln -s /usr/lib/x86_64-linux-gnu/sssd/modules/libwbclient.so.0
/usr/lib/x86_64-linux-gnu/libwbclient.so.0
*Q. Is this valid? Is it possible to configure samba with the sssd
libwbclient on debian 9?*
When I do this I get logon failures even when forcing kerberos as
authentication with smbclient -k, I am using the correct password.
SPNEGO login failed: Logon failure
session setup failed: NT_STATUS_LOGON_FAILURE
and see these errors in samba logs
Failed to generate session_info (user and group token) for session setup:
NT_STATUS_LOGON_FAILURE
NT error packet at ../source3/smbd/sesssetup.c(293) cmd=115
(SMBsesssetupX) NT_STATUS_LOGON_FAILURE
Logon is successful when not using the sssd libwbclient, however ACL's
cannot be written from windows to the samba backend.
I need to validate that what I am trying to achieve is possible, it
certainly is on centos 7. Should it currently work with the default
packages or does it require additional dependencies? Does it require a
build from source with different configuration options?
Also if it is possible I would greatly appreciate some assistance. Knowing
whether or not it is currently possible would be a good start.
Martin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20170323/5b600671/attachment-0001.html>
More information about the Pkg-samba-maint
mailing list