Samba Server Sharing Access Problem

Issues related to applications and software problems and general support
Post Reply
firatcanoglu
Posts: 1
Joined: 2019/11/09 06:15:03

Samba Server Sharing Access Problem

Post by firatcanoglu » 2019/11/09 06:33:21

Hi,

I installed samba server active directory on centos 8..After, I installed samba server on a second machine and made an active directory member.Although everything works correctly.I can't access the share via windows at all.

firewall disabled, selinux disabled on samba server

Samba Active Directory Server DC1 information =

Ticket cache: KCM:0
Default principal: administrator@AKINM.LOCAL

Valid starting Expires Service principal
11/08/2019 20:58:28 11/09/2019 06:58:28 krbtgt/AKINM.LOCAL@AKINM.LOCAL
renew until 11/15/2019 20:58:24
[root@dc1 ~]#
login as: root
root@78.189.94.122's password:
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Fri Nov 8 20:47:54 2019 from 5.27.48.236
[root@dc1 ~]#
[root@dc1 ~]#
[root@dc1 ~]#
[root@dc1 ~]#
[root@dc1 ~]# klist
Ticket cache: KCM:0
Default principal: administrator@AKINM.LOCAL

Valid starting Expires Service principal
11/08/2019 20:58:28 11/09/2019 06:58:28 krbtgt/AKINM.LOCAL@AKINM.LOCAL
renew until 11/15/2019 20:58:24

kinit

Password for administrator@AKINM.LOCAL:
Warning: Your password will expire in 30 days on Mon 09 Dec 2019 09:46:41 PM +03
[root@dc1 ~]#

Active Directory Member Samba Server İnformation :


[root@afs ~]# klist
Ticket cache: KCM:0
Default principal: administrator@AKINM.LOCAL

Valid starting Expires Service principal
11/08/2019 20:57:28 11/09/2019 06:57:28 krbtgt/AKINM.LOCAL@AKINM.LOCAL
renew until 11/15/2019 20:57:24


[root@afs ~]# wbinfo -u
AKINM+krbtgt
AKINM+fffffff
AKINM+guest
AKINM+administrator
AKINM+dns-dc1
AKINM+cuneytakin
AKINM+barisakin



[root@afs ~]# ttestparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[akin-data]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER


vi /etc/samba/smb.conf

[global]
workgroup = AKINM
realm = AKINM.LOCAL
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
log file = /var/log/samba/log.%m
max log size = 50
log level = 3
security = ads
idmap config *:backend = tdb
idmap config *:range = 2000-9999
idmap config AKINM.LOCAL:backend = ad
idmap config AKINM.LOCAL:schema_mode = rfc2307
idmap config AKINM.LOCAL:range = 10000-99999
idmap config AKINM.LOCAL:uid = 500-10000000
idmap config AKINM.LOCAL:gid = 500-10000000
winbind nss info = rfc2307
winbind enum users = yes
domain master = no
domain logons = no
local master = no

[akin-data]
path = /home/akin-data
browseable = yes
read only = no
inherit acls = yes
inherit permissions = yes
create mask = 700
directory mask = 700
valid users = @"DOMAIN+Domain Users" <-- define your ADS groups
admin users = @"DOMAIN+Domain Admins" <-- define your ads groups with admin rights

vi /etc/krb5.conf

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
dns_lookup_realm = false
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
spake_preauth_groups = edwards25519
default_realm = AKINM.LOCAL
default_ccache_name = KEYRING:persistent:%{uid}

[realms]
AKINM.LOCAL = {
kdc = dc1.akinm.local:88
admin_server = dc1.akinm.local
}
[domain_realm]
.akinm.local = AKINM.LOCAL
akinm.local = AKINM.LOCAL

all contents this way. can't access samba share on windows



error I received

remote device or resource wont accept the connection
The device or resource is not set to accept connections on the "File and printer sharing (SMB)" port.

Post Reply