Authenticate Centos box into WS 2003 Active Director
Posted: 2010/09/24 13:04:00
I'm trying to configure my CentOS server to log into my work AD, everything seems to be ok, because I see my server from the AD administration console.
But what I really need is that the users from AD can log in into my CentOS box with their username en password.
I've already configured /etc/krb5.conf /etc/nsswitch.conf /etc/samba/smb.conf like this:
[quote][root@monitorlinux ~]# cat /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = HPTU.ORG.CO dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes [realms] HPTU.ORG.CO = { kdc = SVR-CAIRO.HPTU.ORG.CO admin_server = SVR-CAIRO.HPTU.ORG.CO default_domain = HPTU.ORG.CO kpasswd_server = SVR-SERVER.HPTU.ORG.CO } [domain_realm] .hptu.org.co = HPTU.ORG.CO hptu.org.co = HPTU.ORG.CO [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = true } [root@monitorlinux ~]#[/quote]
[quote][root@monitorlinux ~]# cat /etc/nsswitch.conf passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis[/quote]
[quote][root@monitorlinux ~]# cat /etc/samba/smb.conf GLOBAL PARAMETERS [global] workgroup = HPTU password server = 172.20.21.34 realm = HPTU.ORG.CO # preferred master = no # server string = MONITORLINUX security = ADS encrypt passwords = true log level = 3 log file = /var/log/samba/%m max log size = 50 # printcap name = cups # printing = cups winbind enum users = yes winbind enum groups = yes winbind use default domain = yes winbind nested groups = yes ; winbind separator = + idmap uid = 500-20000 idmap gid = 500-20000 ;template primary group = "Domain Users" template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes template homedir = /home/%D/%U client schannel = no #[homes] # comment = Home Direcotries # valid users = %S # read only = No # browseable = No # #[printers] # comment = All Printers # path = /var/spool/cups # browseable = no # printable = yes # guest ok = yes [root@monitorlinux ~]#[/quote]
I exec: [root@monitorlinux ~]# kinit jmartinez
Password for jmartinez@HPTU.ORG.CO:
[root@monitorlinux ~]#
But it prints no message, user is already registered in AD.
When I exec: wbinfo -u it prints the list of the users in the AD:
[root@monitorlinux ~]# wbinfo -u
jvega
csoto
vgomez
ncardonad
egallo
emarinv
agranda
[root@monitorlinux ~]# getent passwd administrator
administrator:*:1010:602:Administrator:/home/HPTU/administrator:/bin/bash
[root@monitorlinux ~]# wbinfo -a "jmartinez"%"PASSWORD"
plaintext password authentication succeeded
challenge/response password authentication succeeded
but when i type net ads join -U jmartinez this happends:
[root@monitorlinux ~]# net ads join -U jmartinez
jmartinez's password:
Failed to set password for machine account (NT_STATUS_ACCESS_DENIED)
Failed to join domain: Access denied
[root@monitorlinux ~]# net ads join -d10 -U jmartinez
params.c:Parameter() - Ignoring badly formed line in configuration file: GLOBAL PARAMETERS
[2010/09/24 08:00:04, 3] param/loadparm.c:do_section(3808)
Processing section "[global]"
doing parameter workgroup = HPTU
doing parameter password server = 172.20.21.34
doing parameter realm = HPTU.ORG.CO
doing parameter security = ADS
doing parameter encrypt passwords = true
doing parameter log level = 3
doing parameter log file = /var/log/samba/%m
doing parameter max log size = 50
doing parameter winbind enum users = yes
doing parameter winbind enum groups = yes
doing parameter winbind use default domain = yes
doing parameter winbind nested groups = yes
doing parameter idmap uid = 500-20000
doing parameter idmap gid = 500-20000
doing parameter template shell = /bin/bash
doing parameter client use spnego = yes
doing parameter client ntlmv2 auth = yes
doing parameter template homedir = /home/%D/%U
doing parameter client schannel = no
[2010/09/24 08:00:04, 4] param/loadparm.c:lp_load(5100)
pm_process() returned Yes
[2010/09/24 08:00:04, 7] param/loadparm.c:lp_servicenumber(5238)
lp_servicenumber: couldn't find homes
[2010/09/24 08:00:04, 10] param/loadparm.c:set_server_role(4344)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ASCII
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ASCII
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset 646
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset 646
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ISO-8859-1
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ISO-8859-1
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS2-HEX
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS2-HEX
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/util.c:init_names(309)
Netbios name list:-
my_netbios_names[0]="MONITORLINUX"
[2010/09/24 08:00:04, 2] lib/interface.c:add_interface(81)
added interface ip=172.20.28.115 bcast=172.20.255.255 nmask=255.255.0.0
[2010/09/24 08:00:04, 5] lib/gencache.c:gencache_init(61)
Opening cache file at /var/cache/samba/gencache.tdb
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 4] libsmb/namequery_dc.c:ads_dc_name(73)
ads_dc_name: domain=HPTU
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 6] libads/ldap.c:ads_find_dc(294)
ads_find_dc: looking for realm 'HPTU.ORG.CO'
[2010/09/24 08:00:04, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name HPTU.ORG.CO (sitename Hospital) using [ads]
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 5] libads/ldap.c:ads_try_connect(180)
ads_try_connect: sending CLDAP request to 172.20.21.34 (realm: HPTU.ORG.CO)
[2010/09/24 08:00:04, 10] libads/dns.c:sitename_store(670)
sitename_store: realm = [HPTU.ORG.CO], sitename = [Hospital], expire = [4294967295]
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_set(140)
Adding cache entry with key = AD_SITENAME/DOMAIN/HPTU.ORG.CO; value = Hospital and timeout = (null) (-1285333205 seconds ahead)
[2010/09/24 08:00:04, 3] libads/ldap.c:ads_connect(394)
Connected to LDAP server 172.20.21.34
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libads/ldap.c:ads_closest_dc(149)
ads_closest_dc: ADS_CLOSEST flag set
[2010/09/24 08:00:04, 10] libads/kerberos.c:create_local_private_krb5_conf_for_domain(673)
create_local_private_krb5_conf_for_domain: fname = /var/cache/samba/smb_krb5/krb5.conf.HPTU, realm = HPTU.ORG.CO, domain = HPTU
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 10] libads/kerberos.c:get_kdc_ip_string(624)
get_kdc_ip_string: Returning kdc = 172.20.21.34
[2010/09/24 08:00:04, 5] libads/kerberos.c:create_local_private_krb5_conf_for_domain(746)
create_local_private_krb5_conf_for_domain: wrote file /var/cache/samba/smb_krb5/krb5.conf.HPTU with realm HPTU.ORG.CO KDC = 172.20.21.34
[2010/09/24 08:00:04, 4] libsmb/namequery_dc.c:ads_dc_name(139)
ads_dc_name: using server='SVR-CAIRO.HPTU.ORG.CO' IP=172.20.21.34
jmartinez's password:
[020] 02 00 00 00 00 25 00 00 00 00 00 C7 CF 23 68 9D .....%.. .....#h.
[030] 67 2D 4E 9C 28 DC B5 D2 44 2F 63 19 00 19 00 00 g-N.(... D/c.....
[040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0E0] 00 00 00 00 00 00 00 80 02 00 00 00 00 10 03 00 ........ ........
[0F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[100] 00 00 00 FC 19 9F F4 34 7B 9B CE 36 D3 01 26 94 .......4 {..6..&.
[110] 70 29 B7 D2 AA C8 0A 84 77 FD DF 93 65 4A 11 FE p)...... w...eJ..
[120] CA ED F2 14 F2 5E 46 E5 C0 22 66 0C 29 94 6B 88 .....^F. ."f.).k.
[130] 64 65 8E AA 11 DB 01 3C 06 A1 D2 08 B4 50 07 FC de.....< .....P..
[140] F6 92 63 58 FB EB EB A4 C7 08 51 86 28 2B 7B 98 ..cX.... ..Q.(+{.
[150] 6B CB 79 CF 9A 97 DE F8 C4 06 C3 EE B1 46 FF 2C k.y..... .....F.,
[160] 90 58 7A 79 44 01 B2 18 57 06 DC 70 4E 3B 0F F4 .XzyD... W..pN;..
[170] 3B 53 D0 15 23 54 4C C8 7B BE 9D 7F DC 69 01 3F ;S..#TL. {....i.?
[180] 0B 77 5C BA C2 FC B4 96 D8 07 37 5C 10 BF AF 87 .w\..... ..7\....
[190] 96 D3 DE 04 EB AF 71 2F 8F CB 3C BF 69 E8 15 A7 ......q/ ..<.i...
[1A0] 28 5F 55 C3 BE 13 67 DB F9 9E 15 1F C4 38 55 64 (_U...g. .....8Ud
[1B0] 35 E5 94 D1 64 95 59 25 D2 BB 30 F3 BB 90 D0 DA 5...d.Y% ..0.....
[1C0] 75 D0 06 5F 41 80 5B 9E 20 77 C2 E8 B5 66 8B 36 u.._A.[. w...f.6
[1D0] C6 5A 5A BD 27 F1 57 B7 0E B2 88 49 7D E7 69 1A .ZZ.'.W. ...I}.i.
[1E0] D4 B8 28 EE 88 56 0D 84 05 C7 A3 EA B2 55 05 06 ..(..V.. .....U..
[1F0] 16 AB 90 0D 4C 2D 71 D6 2D 92 2E C0 AA 1A 03 50 ....L-q. -......P
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 30
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 2B 5B 41 8F A7 02 D7 F1 +[A.....
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 31 mid = 17
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,862)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,862) wrote 862
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 84
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=84
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=17
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 28 (0x1C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 28 (0x1C)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=29
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 00 05 00 02 03 10 00 00 00 1C 00 00 00 0B 00 00 ........ ........
[010] 00 04 00 00 00 00 00 00 00 22 00 00 C0 ........ ."...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 31 mid = 17
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 31
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 31: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] F5 9D 9A F1 D5 94 80 72 .......r
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=84
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=17
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 28 (0x1C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 28 (0x1C)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=29
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 00 05 00 02 03 10 00 00 00 1C 00 00 00 0B 00 00 ........ ........
[010] 00 04 00 00 00 00 00 00 00 22 00 00 C0 ........ ."...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 31 mid = 17
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0000 major : 05
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0001 minor : 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0002 pkt_type : 02
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0003 flags : 03
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0004 pack_type0: 10
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0005 pack_type1: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0006 pack_type2: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0007 pack_type3: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
0008 frag_len : 001c
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
000a auth_len : 0000
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint32(710)
000c call_id : 0000000b
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint32(710)
0010 alloc_hint: 00000004
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
0014 context_id: 0000
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0016 cancel_ct : 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0017 reserved : 00
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 28, data_len 4, ss_len 0
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 28 at offset 0
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine SVR-CAIRO.hptu.org.co pipe \samr fnum 0x4008 returned 8 bytes.
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_set_userinfo2
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
0000 status: NT_STATUS_ACCESS_DENIED
[2010/09/24 08:00:23, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/lib64/samba/en_US.UTF-8.msg: No such file or directory
Failed to set password for machine account (NT_STATUS_ACCESS_DENIED)
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 32
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 02 49 42 20 EA EC A4 A3 .IB ....
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 33 mid = 18
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,45)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,45) wrote 45
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 35
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=18
smt_wct=0
smb_bcc=0
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 33 mid = 18
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 33
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 33: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] EC A9 7F 17 E9 5D CA 3D .....].=
[2010/09/24 08:00:23, 10] libsmb/clientgen.c:cli_rpc_pipe_close(394)
cli_rpc_pipe_close: closed pipe \samr to machine SVR-CAIRO.hptu.org.co
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 34
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 97 4F CC 96 7E F9 CA 8C .O..~...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 35 mid = 19
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,39)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,39) wrote 39
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 35
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=19
smt_wct=0
smb_bcc=0
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 35 mid = 19
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 35
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 35: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 0F 12 CB DF DE 44 F6 A0 .....D..
[2010/09/24 08:00:23, 1] utils/net_ads.c:net_ads_join(1556)
call of net_join_domain failed: Access denied
Failed to join domain: Access denied
[2010/09/24 08:00:23, 2] utils/net.c:main(1075)
return code = -1
[root@monitorlinux ~]#
So i cannot log into that box with my AD username and password
I also tried from another machine through ssh and obviusly had no luck...
Can anyone tell what am I missing
But what I really need is that the users from AD can log in into my CentOS box with their username en password.
I've already configured /etc/krb5.conf /etc/nsswitch.conf /etc/samba/smb.conf like this:
[quote][root@monitorlinux ~]# cat /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = HPTU.ORG.CO dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes [realms] HPTU.ORG.CO = { kdc = SVR-CAIRO.HPTU.ORG.CO admin_server = SVR-CAIRO.HPTU.ORG.CO default_domain = HPTU.ORG.CO kpasswd_server = SVR-SERVER.HPTU.ORG.CO } [domain_realm] .hptu.org.co = HPTU.ORG.CO hptu.org.co = HPTU.ORG.CO [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = true } [root@monitorlinux ~]#[/quote]
[quote][root@monitorlinux ~]# cat /etc/nsswitch.conf passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis[/quote]
[quote][root@monitorlinux ~]# cat /etc/samba/smb.conf GLOBAL PARAMETERS [global] workgroup = HPTU password server = 172.20.21.34 realm = HPTU.ORG.CO # preferred master = no # server string = MONITORLINUX security = ADS encrypt passwords = true log level = 3 log file = /var/log/samba/%m max log size = 50 # printcap name = cups # printing = cups winbind enum users = yes winbind enum groups = yes winbind use default domain = yes winbind nested groups = yes ; winbind separator = + idmap uid = 500-20000 idmap gid = 500-20000 ;template primary group = "Domain Users" template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes template homedir = /home/%D/%U client schannel = no #[homes] # comment = Home Direcotries # valid users = %S # read only = No # browseable = No # #[printers] # comment = All Printers # path = /var/spool/cups # browseable = no # printable = yes # guest ok = yes [root@monitorlinux ~]#[/quote]
I exec: [root@monitorlinux ~]# kinit jmartinez
Password for jmartinez@HPTU.ORG.CO:
[root@monitorlinux ~]#
But it prints no message, user is already registered in AD.
When I exec: wbinfo -u it prints the list of the users in the AD:
[root@monitorlinux ~]# wbinfo -u
jvega
csoto
vgomez
ncardonad
egallo
emarinv
agranda
[root@monitorlinux ~]# getent passwd administrator
administrator:*:1010:602:Administrator:/home/HPTU/administrator:/bin/bash
[root@monitorlinux ~]# wbinfo -a "jmartinez"%"PASSWORD"
plaintext password authentication succeeded
challenge/response password authentication succeeded
but when i type net ads join -U jmartinez this happends:
[root@monitorlinux ~]# net ads join -U jmartinez
jmartinez's password:
Failed to set password for machine account (NT_STATUS_ACCESS_DENIED)
Failed to join domain: Access denied
[root@monitorlinux ~]# net ads join -d10 -U jmartinez
params.c:Parameter() - Ignoring badly formed line in configuration file: GLOBAL PARAMETERS
[2010/09/24 08:00:04, 3] param/loadparm.c:do_section(3808)
Processing section "[global]"
doing parameter workgroup = HPTU
doing parameter password server = 172.20.21.34
doing parameter realm = HPTU.ORG.CO
doing parameter security = ADS
doing parameter encrypt passwords = true
doing parameter log level = 3
doing parameter log file = /var/log/samba/%m
doing parameter max log size = 50
doing parameter winbind enum users = yes
doing parameter winbind enum groups = yes
doing parameter winbind use default domain = yes
doing parameter winbind nested groups = yes
doing parameter idmap uid = 500-20000
doing parameter idmap gid = 500-20000
doing parameter template shell = /bin/bash
doing parameter client use spnego = yes
doing parameter client ntlmv2 auth = yes
doing parameter template homedir = /home/%D/%U
doing parameter client schannel = no
[2010/09/24 08:00:04, 4] param/loadparm.c:lp_load(5100)
pm_process() returned Yes
[2010/09/24 08:00:04, 7] param/loadparm.c:lp_servicenumber(5238)
lp_servicenumber: couldn't find homes
[2010/09/24 08:00:04, 10] param/loadparm.c:set_server_role(4344)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16LE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16BE
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-8
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ASCII
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ASCII
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset 646
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset 646
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ISO-8859-1
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ISO-8859-1
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS2-HEX
[2010/09/24 08:00:04, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS2-HEX
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/charcnv.c:charset_name(82)
Substituting charset 'UTF-8' for LOCALE
[2010/09/24 08:00:04, 5] lib/util.c:init_names(309)
Netbios name list:-
my_netbios_names[0]="MONITORLINUX"
[2010/09/24 08:00:04, 2] lib/interface.c:add_interface(81)
added interface ip=172.20.28.115 bcast=172.20.255.255 nmask=255.255.0.0
[2010/09/24 08:00:04, 5] lib/gencache.c:gencache_init(61)
Opening cache file at /var/cache/samba/gencache.tdb
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 4] libsmb/namequery_dc.c:ads_dc_name(73)
ads_dc_name: domain=HPTU
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 6] libads/ldap.c:ads_find_dc(294)
ads_find_dc: looking for realm 'HPTU.ORG.CO'
[2010/09/24 08:00:04, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name HPTU.ORG.CO (sitename Hospital) using [ads]
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 5] libads/ldap.c:ads_try_connect(180)
ads_try_connect: sending CLDAP request to 172.20.21.34 (realm: HPTU.ORG.CO)
[2010/09/24 08:00:04, 10] libads/dns.c:sitename_store(670)
sitename_store: realm = [HPTU.ORG.CO], sitename = [Hospital], expire = [4294967295]
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_set(140)
Adding cache entry with key = AD_SITENAME/DOMAIN/HPTU.ORG.CO; value = Hospital and timeout = (null) (-1285333205 seconds ahead)
[2010/09/24 08:00:04, 3] libads/ldap.c:ads_connect(394)
Connected to LDAP server 172.20.21.34
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libads/ldap.c:ads_closest_dc(149)
ads_closest_dc: ADS_CLOSEST flag set
[2010/09/24 08:00:04, 10] libads/kerberos.c:create_local_private_krb5_conf_for_domain(673)
create_local_private_krb5_conf_for_domain: fname = /var/cache/samba/smb_krb5/krb5.conf.HPTU, realm = HPTU.ORG.CO, domain = HPTU
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = SAF/DOMAIN/HPTU.ORG.CO, value = 172.20.21.34, timeout = Fri Sep 24 08:14:53 2010
[2010/09/24 08:00:04, 5] libsmb/namequery.c:saf_fetch(136)
saf_fetch: Returning "172.20.21.34" for "HPTU.ORG.CO" domain
[2010/09/24 08:00:04, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: "172.20.21.34, 172.20.21.34"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/HPTU.ORG.CO, value = Hospital, timeout = Sun Feb 7 01:28:15 2106
[2010/09/24 08:00:04, 5] libads/dns.c:sitename_fetch(709)
sitename_fetch: Returning sitename for HPTU.ORG.CO: "Hospital"
[2010/09/24 08:00:04, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2010/09/24 08:00:04, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 172.20.21.34:389
[2010/09/24 08:00:04, 10] libads/kerberos.c:get_kdc_ip_string(624)
get_kdc_ip_string: Returning kdc = 172.20.21.34
[2010/09/24 08:00:04, 5] libads/kerberos.c:create_local_private_krb5_conf_for_domain(746)
create_local_private_krb5_conf_for_domain: wrote file /var/cache/samba/smb_krb5/krb5.conf.HPTU with realm HPTU.ORG.CO KDC = 172.20.21.34
[2010/09/24 08:00:04, 4] libsmb/namequery_dc.c:ads_dc_name(139)
ads_dc_name: using server='SVR-CAIRO.HPTU.ORG.CO' IP=172.20.21.34
jmartinez's password:
[020] 02 00 00 00 00 25 00 00 00 00 00 C7 CF 23 68 9D .....%.. .....#h.
[030] 67 2D 4E 9C 28 DC B5 D2 44 2F 63 19 00 19 00 00 g-N.(... D/c.....
[040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0E0] 00 00 00 00 00 00 00 80 02 00 00 00 00 10 03 00 ........ ........
[0F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[100] 00 00 00 FC 19 9F F4 34 7B 9B CE 36 D3 01 26 94 .......4 {..6..&.
[110] 70 29 B7 D2 AA C8 0A 84 77 FD DF 93 65 4A 11 FE p)...... w...eJ..
[120] CA ED F2 14 F2 5E 46 E5 C0 22 66 0C 29 94 6B 88 .....^F. ."f.).k.
[130] 64 65 8E AA 11 DB 01 3C 06 A1 D2 08 B4 50 07 FC de.....< .....P..
[140] F6 92 63 58 FB EB EB A4 C7 08 51 86 28 2B 7B 98 ..cX.... ..Q.(+{.
[150] 6B CB 79 CF 9A 97 DE F8 C4 06 C3 EE B1 46 FF 2C k.y..... .....F.,
[160] 90 58 7A 79 44 01 B2 18 57 06 DC 70 4E 3B 0F F4 .XzyD... W..pN;..
[170] 3B 53 D0 15 23 54 4C C8 7B BE 9D 7F DC 69 01 3F ;S..#TL. {....i.?
[180] 0B 77 5C BA C2 FC B4 96 D8 07 37 5C 10 BF AF 87 .w\..... ..7\....
[190] 96 D3 DE 04 EB AF 71 2F 8F CB 3C BF 69 E8 15 A7 ......q/ ..<.i...
[1A0] 28 5F 55 C3 BE 13 67 DB F9 9E 15 1F C4 38 55 64 (_U...g. .....8Ud
[1B0] 35 E5 94 D1 64 95 59 25 D2 BB 30 F3 BB 90 D0 DA 5...d.Y% ..0.....
[1C0] 75 D0 06 5F 41 80 5B 9E 20 77 C2 E8 B5 66 8B 36 u.._A.[. w...f.6
[1D0] C6 5A 5A BD 27 F1 57 B7 0E B2 88 49 7D E7 69 1A .ZZ.'.W. ...I}.i.
[1E0] D4 B8 28 EE 88 56 0D 84 05 C7 A3 EA B2 55 05 06 ..(..V.. .....U..
[1F0] 16 AB 90 0D 4C 2D 71 D6 2D 92 2E C0 AA 1A 03 50 ....L-q. -......P
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 30
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 2B 5B 41 8F A7 02 D7 F1 +[A.....
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 31 mid = 17
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,862)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,862) wrote 862
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 84
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=84
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=17
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 28 (0x1C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 28 (0x1C)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=29
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 00 05 00 02 03 10 00 00 00 1C 00 00 00 0B 00 00 ........ ........
[010] 00 04 00 00 00 00 00 00 00 22 00 00 C0 ........ ."...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 31 mid = 17
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 31
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 31: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] F5 9D 9A F1 D5 94 80 72 .......r
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=84
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=17
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 28 (0x1C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 28 (0x1C)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=29
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 00 05 00 02 03 10 00 00 00 1C 00 00 00 0B 00 00 ........ ........
[010] 00 04 00 00 00 00 00 00 00 22 00 00 C0 ........ ."...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 31 mid = 17
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0000 major : 05
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0001 minor : 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0002 pkt_type : 02
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0003 flags : 03
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0004 pack_type0: 10
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0005 pack_type1: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0006 pack_type2: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0007 pack_type3: 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
0008 frag_len : 001c
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
000a auth_len : 0000
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint32(710)
000c call_id : 0000000b
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint32(710)
0010 alloc_hint: 00000004
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint16(681)
0014 context_id: 0000
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0016 cancel_ct : 00
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_uint8(616)
0017 reserved : 00
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 28, data_len 4, ss_len 0
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 28 at offset 0
[2010/09/24 08:00:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine SVR-CAIRO.hptu.org.co pipe \samr fnum 0x4008 returned 8 bytes.
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_set_userinfo2
[2010/09/24 08:00:23, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
0000 status: NT_STATUS_ACCESS_DENIED
[2010/09/24 08:00:23, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/lib64/samba/en_US.UTF-8.msg: No such file or directory
Failed to set password for machine account (NT_STATUS_ACCESS_DENIED)
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 32
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 02 49 42 20 EA EC A4 A3 .IB ....
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 33 mid = 18
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,45)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,45) wrote 45
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 35
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=18
smt_wct=0
smb_bcc=0
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 33 mid = 18
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 33
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 33: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] EC A9 7F 17 E9 5D CA 3D .....].=
[2010/09/24 08:00:23, 10] libsmb/clientgen.c:cli_rpc_pipe_close(394)
cli_rpc_pipe_close: closed pipe \samr to machine SVR-CAIRO.hptu.org.co
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 34
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(349)
client_sign_outgoing_message: sent SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 97 4F CC 96 7E F9 CA 8C .O..~...
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 35 mid = 19
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(152)
write_socket(7,39)
[2010/09/24 08:00:23, 6] libsmb/clientgen.c:write_socket(155)
write_socket(7,39) wrote 39
[2010/09/24 08:00:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 35
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(506)
[2010/09/24 08:00:23, 5] lib/util.c:show_msg(516)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=8198
smb_pid=3787
smb_uid=16386
smb_mid=19
smt_wct=0
smb_bcc=0
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 35 mid = 19
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 35
[2010/09/24 08:00:23, 10] libsmb/smb_signing.c:client_check_incoming_message(430)
client_check_incoming_message: seq 35: got good SMB signature of
[2010/09/24 08:00:23, 10] lib/util.c:dump_data(2286)
[000] 0F 12 CB DF DE 44 F6 A0 .....D..
[2010/09/24 08:00:23, 1] utils/net_ads.c:net_ads_join(1556)
call of net_join_domain failed: Access denied
Failed to join domain: Access denied
[2010/09/24 08:00:23, 2] utils/net.c:main(1075)
return code = -1
[root@monitorlinux ~]#
So i cannot log into that box with my AD username and password
I also tried from another machine through ssh and obviusly had no luck...
Can anyone tell what am I missing