This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Directory and Authentication / Re: FATAL: Could not connect to samba LDAP server
« on: January 30, 2018, 11:30:47 am »
I solved doing
#zs samba stop
and then
#za samba start
#zs samba stop
and then
#za samba start
2
Directory and Authentication / [SOLVED] FATAL: Could not connect to samba LDAP server
« on: January 30, 2018, 11:30:18 am »
Recently, on Zentyal 5, LDAP service stopped working. All other services were running as well as file sharing. Only LDAP stopped.
Doing
#zs samba restart
get a fail. In error log it couldn't stop service because no LDAP running.
Doing
#zs samba restart
get a fail. In error log it couldn't stop service because no LDAP running.
3
Directory and Authentication / Re: Zentyal 5.0.8 not fully compatible active directory integration
« on: May 26, 2017, 04:52:48 pm »
the new samba already disable the lanman auth to no.
I dont know how and what is you issue, but if it's related to authentication (mschapv2 or lanman) could be because of this.
I dont know how and what is you issue, but if it's related to authentication (mschapv2 or lanman) could be because of this.
4
Directory and Authentication / Re: Zentyal 5.0.8 not fully compatible active directory integration
« on: May 24, 2017, 06:46:09 pm »
Yes, it's about NTLMv1 disabled by default.
I enabled it in [global] section putting the following line on /usr/share/zentyal/stubs/samba/smb.conf.mas
ntlm auth = yes
then
zs samba restart
Everything working good now
I enabled it in [global] section putting the following line on /usr/share/zentyal/stubs/samba/smb.conf.mas
ntlm auth = yes
then
zs samba restart
Everything working good now
5
Directory and Authentication / Zentyal 5.0.8 not fully compatible active directory integration
« on: May 23, 2017, 10:20:24 pm »
Hi,
I have a brand new clean installation of latest zentyal, everything up to date.
AD integration works great with every device except Aerohive access point.
Aerohive access point act as radius server, they support AD integration. This integration works great on Zentyal 3.5, not with zentyal 5.
I can join the AP to the AD, but can't login with the user used for LDAP search.
No logs found on zentyal machine, a simple "access denied" on Aerohive.
Any advice where I can debug this issue?
Any others have experienced this?
Thanks.
UPDATE
These are the samba.log rows logged when I try to authenticate the user, they seems pretty normal:
UPDATE 2
I guess I found the issue, aerohive radius server (like freeradius) uses NTLMv1 which is disabled by default in recent samba versions.
I'll try to enable NTLMv1 and see if everything works.
I have a brand new clean installation of latest zentyal, everything up to date.
AD integration works great with every device except Aerohive access point.
Aerohive access point act as radius server, they support AD integration. This integration works great on Zentyal 3.5, not with zentyal 5.
I can join the AP to the AD, but can't login with the user used for LDAP search.
No logs found on zentyal machine, a simple "access denied" on Aerohive.
Any advice where I can debug this issue?
Any others have experienced this?
Thanks.
UPDATE
These are the samba.log rows logged when I try to authenticate the user, they seems pretty normal:
Code: [Select]
[2017/05/24 00:03:40.696609, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 343 of length 108 (0 toread)
[2017/05/24 00:03:40.696723, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBntcreateX (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.698691, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 344 of length 158 (0 toread)
[2017/05/24 00:03:40.698778, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.698821, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=72 params=0 setup=2
[2017/05/24 00:03:40.698889, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:40.698949, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 4957)
[2017/05/24 00:03:40.700667, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 345 of length 214 (0 toread)
[2017/05/24 00:03:40.700788, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.700830, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=128 params=0 setup=2
[2017/05/24 00:03:40.700871, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:40.700908, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 4957)
[2017/05/24 00:03:40.702851, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 346 of length 250 (0 toread)
[2017/05/24 00:03:40.702963, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.703013, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=164 params=0 setup=2
[2017/05/24 00:03:40.703070, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:40.703163, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 4957)
[2017/05/24 00:03:40.704879, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 347 of length 214 (0 toread)
[2017/05/24 00:03:40.704963, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.705022, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=128 params=0 setup=2
[2017/05/24 00:03:40.705068, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:40.705096, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 4957)
[2017/05/24 00:03:40.706972, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 348 of length 250 (0 toread)
[2017/05/24 00:03:40.707053, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.707199, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=164 params=0 setup=2
[2017/05/24 00:03:40.707254, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:40.707302, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 4957)
[2017/05/24 00:03:40.708845, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 349 of length 45 (0 toread)
[2017/05/24 00:03:40.708927, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBclose (pid 28773) conn 0x55fd3b0dee90
[2017/05/24 00:03:40.708983, 3] ../source3/smbd/reply.c:5364(reply_close)
Close file fd=-1 fnum 18775 (numopen=1)
[2017/05/24 00:03:41.640462, 3] ../source3/smbd/process.c:1957(process_smb)
Transaction 76 of length 222 (0 toread)
[2017/05/24 00:03:41.659186, 3] ../source3/smbd/process.c:1538(switch_message)
switch message SMBtrans (pid 28302) conn 0x55fd3c3d5cd0
[2017/05/24 00:03:41.659319, 3] ../source3/smbd/ipc.c:591(handle_trans)
trans <\PIPE\> data=136 params=0 setup=2
[2017/05/24 00:03:41.659363, 3] ../source3/smbd/ipc.c:542(named_pipe)
named pipe command on <> name
[2017/05/24 00:03:41.659392, 3] ../source3/smbd/ipc.c:506(api_fd_reply)
Got API command 0x26 on pipe "NETLOGON" (pnum 567c)
UPDATE 2
I guess I found the issue, aerohive radius server (like freeradius) uses NTLMv1 which is disabled by default in recent samba versions.
I'll try to enable NTLMv1 and see if everything works.
Pages: [1]