Login or Register to Ask a Question and Join Our Community


Solaris

Solaris 11.2 - smb with AD

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Solaris 11.2 - smb with AD
# 1  
Old 08-26-2015
Solaris 11.2 - smb with AD
Hello

I used the following procedure in S11.1, everything worked. As we reinstalled some servers, i tried the exact same with s11.2. Now i can't join my AD domain, and smb will not allow my users to access files.
Procedure:
  • Configured NTP
  • Configured DNS
  • Configured Name Service Switch
  • Initialized LDAP client
  • Enabled smb server
  • Tried to join AD Domain with kclient --> failed
  • Tried to join AD Domain with smbadm join --> failed

Hosts Files:
Code:
127.0.0.1       localhost loghost
10.176.1.1      HOST.xx.xx.intern HOST
10.176.0.1      dc01.xx.xx.intern dc01
10.176.0.2      dc02.xx.xx.intern dc02

resolv.conf:
Code:
domain  xx.xx.intern
search  xx.xx.intern
nameserver      10.176.0.1
nameserver      10.176.0.2

Tests:
Code:
# nslookup xx.xx.intern
Server:          10.176.0.1
Address:        10.176.0.1#53

Name:   xx.xx.intern
Address: 10.176.0.1
Name:   xx.xx.intern
Address: 10.176.0.2

# dig dc01.xx.xx.intern +short
10.176.0.1

# nslookup 10.176.0.1
1.0.176.10.in-addr.arpa name = dc01.xx.xx.intern.

nsswitch.conf:
Code:
passwd: files ldap
group:  files ldap
hosts:  files dns
ipnodes:        files dns
networks:       files
protocols:      files
rpc:    files
ethers: files
netmasks:       files
bootparams:     files
publickey:      files
netgroup:       files
automount:      files ldap
aliases:        files
services:       files
printers:       user files
project:        files
auth_attr:      files
prof_attr:      files
tnrhtp: files
tnrhdb: files
sudoers:        files

kclient fails:
Code:
/usr/sbin/kclient -T ms_ad -a DA_USER

Starting client setup

---------------------------------------------------

Setting up /etc/krb5/krb5.conf.

Attempting to join 'HOST' to the 'XX.XX.INTERN' domain.

Password for DA_USER@XX.XX.INTERN:

Forest name found: xx.xx.intern

Site name not found.  Local DCs/GCs will not be discovered.

Creating the machine account in AD via LDAP.

Failed to set account password.
---------------------------------------------------
Setup FAILED.

smbadm join fails:
Code:
smbadm join -o 'OU=AA,OU=BB,OU=CC,DC=xx,DC=xx,DC=intern' -u DA_USER xx.xx.intern
After joining xx.xx.intern the smb service will be restarted automatically.
Would you like to continue? [no]: yes
Enter domain password:
Locating DC in xx.xx.intern ... this may take a minute ...
Joining xx.xx.intern ... this may take a minute ...
failed to join xx.xx.intern: UNSUCCESSFUL
Please refer to the system log for more information.

Logs:
Code:
smbd[19608]: [ID 702911 daemon.error] smbns_kpasswd: KPASSWD protocol exchange failed () (Cannot contact any KDC for requested realm)
smbd[19608]: [ID 702911 daemon.notice] Machine password update failed
smbd[19608]: [ID 702911 daemon.error] unable to join xx.xx.intern (UNSUCCESSFUL)

I have no more ideas what could be the error. The server is our ZFS nas server, we are using it to share NFS and SMB to other hosts. AD is on Win Server 2012r2 (Version 6.2 Build 9200)

any advice would be greatly appreciated
# 2  
Old 08-26-2015
I've read your post a few times but I'm still confused.

Are you using a Solaris userid/passwd as credentials for SMB access?
# 3  
Old 08-26-2015
No, smb access should be possible via AD User/Password.
# 4  
Old 08-26-2015
Yes, but not if it's not joined to the domain.

I wondered whether SMB access would work directly just to check out the Solaris SMB server.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Smb.conf config help

So what i am trying to accomplish is the following: a share that is browse-able by every one on the network with a group of people that can write to it with out ownership problems. I am extremely new to samba/linux and any help would be greatly appreciated. It is a stand alone server running samba... (3 Replies)
Discussion started by: dcs
3 Replies

2. Solaris

auto mount SMB share on Solaris 10

I CANNOT use autmounter so should I just write the command as an /etc/rc script or is it possible to auto mount the share via the vfstab? (4 Replies)
Discussion started by: LittleLebowski
4 Replies

3. Solaris

SMB + Windows sharing

Hi guys I need to create one directory on my Solaris 11 box and then share that directory on my LAN. I have only one disk of 500 GB which is more than enough for my needs. I read SMB guide for Solaris and there is no guide how to achive share only on one directory, it has only tutorials for... (3 Replies)
Discussion started by: solaris_user
3 Replies

4. SCO

sco visionfs vs smb

i need to copy the entire contents of my sco server 5.0.5 it says its running vision fs 2.01.905 if i access it from windows i would like to be able to access it like a normal file share instead of only thru an ftp service i cannot find vison software on the server /usr/vision does not exist ... (1 Reply)
Discussion started by: crosbymook
1 Replies

5. OS X (Apple)

Refresh smb mounted volumes

I have found sometimes that the shell won't see updated folders on a smb share. If I run a script (tsch), that checks the existence of folders: foreach ITEM ( list of directories) if ! ( -e $ITEM ) then echo "$ITEM does not exist" echo "" set ERROR = 1 endif If... (0 Replies)
Discussion started by: deepstructure
0 Replies

6. Solaris

Terrible SMB performance!?

Hi, I tried this question on OTN Discussion Forum, but it seems that forum doesn't have as much activity so I thought I'd try here. I have a big performance problem with Samba server on a fresh install of Solaris Express 11 svn_151a, and a freshly created ZFS pool. I'm getting about 3 to 10 MB/s... (2 Replies)
Discussion started by: doublemeat
2 Replies

7. UNIX for Dummies Questions & Answers

smb.conf question

Folks; I know this might sounds stupid, but please help with this: I have share in my smb.conf on my SUSE 10 box. How can i make this share accessible to outside IP range or a specific IP address without need for user/pass? Here's the share as it's written in smb.conf: ; ;comment =... (0 Replies)
Discussion started by: Katkota
0 Replies

8. UNIX for Dummies Questions & Answers

Samba - smb files

I found this tutorial "Setting Samba in 10 min". It says there that command "/etc/rc.d/init.d/smb start or stop, or /sbin/service/smb restart should do this functions. But this doesn't work for me. Wrong dir. I don't even have "rc.d" dir. Where should I look for this samba files? In samba dir all... (1 Reply)
Discussion started by: salvor_hardin
1 Replies

9. UNIX for Dummies Questions & Answers

swat's smb.conf file?

i am running samba 3 on solaris 9 i have a question where is the smb.conf located is it in /usr/local/samba/lib or private (6 Replies)
Discussion started by: rmuhammad
6 Replies

10. UNIX for Advanced & Expert Users

Samba 2.2.5 smb.conf for noobies

Is there a generic smb.conf file that should work on all systems? Right now I am running Red Hat 7.3 and also have 3XP machines and 1 2000 pro. (1 Reply)
Discussion started by: GJC
1 Replies
Login or Register to Ask a Question