无法创建接受域凭据的 samba 4 共享

无法创建接受域凭据的 samba 4 共享

我创建了一个 CentOS7 服务器,并将其加入到域中。我使用“realm”确认它是域的一部分,并使用“id”确认我可以检查组的成员身份。

我现在尝试设置共享但陷入困境。我设置了一个共享“测试”,如下所示。在 Windows 中,我可以使用文件浏览器查看服务器根目录(仅显示“测试”共享),但是当我双击共享名称(测试)时,它会超时并要求提供凭据。我尝试了我的凭据和域管理员凭据,但均被拒绝。

smbclient 正确列出了该主机上的共享。而且,奇怪的是,我从我域中的 CentOS6 服务器复制了 smb.conf,该服务器运行良好。我认为 CentOS 7 中有些东西是不同的。

是不是缺少什么设置?

# Global parameters
[global]
        interfaces = 172.33.254.38 127.0.0.1
        realm = mydomain.com
        server string = Linux Server
        workgroup = mydomain
        log file = /var/log/samba/%m.log
        max log size = 50
        load printers = No
        printcap name = /dev/null
        unix extensions = No
        security = ADS
        winbind offline logon = Yes
        dns proxy = No
        wins server = 172.33.254.31
        idmap config * : backend = tdb
        wide links = Yes
        lpq command = lpq -P'%p'
        lprm command = lprm -P'%p' %j
        print command = lpr -r -P'%p' %s
        printing = bsd
        guest ok = Yes


[test]
        comment = mydomain Files
        path = /data/test
        force group = root
        force user = root
        read only = No
        valid users = "@mydomain\domain admins" mydomain\myname root
        browseable = yes

查看共享内容失败后,该主机的 samba 日志如下:

[2017/01/22 01:08:13.259022, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259077, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2017/01/22 01:08:13.259090, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_TDIS] mid = 10
[2017/01/22 01:08:13.259115,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1475001125, 1475000513) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259129,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
  Security token SIDs (7):
    SID[  0]: S-1-22-1-1475001125
    SID[  1]: S-1-22-2-1475000513
    SID[  2]: S-1-22-2-1475001141
    SID[  3]: S-1-22-2-1475001140
    SID[  4]: S-1-1-0
    SID[  5]: S-1-5-2
    SID[  6]: S-1-5-11
   Privileges (0x               0):
   Rights (0x               0):
[2017/01/22 01:08:13.259162,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 1475001125
  Primary group is 1475000513 and contains 3 supplementary groups
  Group[  0]: 1475000513
  Group[  1]: 1475001141
  Group[  2]: 1475001140
[2017/01/22 01:08:13.259206,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
  Impersonated user: uid=(1475001125,1475001125), gid=(0,1475000513)
[2017/01/22 01:08:13.259222,  4, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259231,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259239,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259254,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259320,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259333,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259341,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259353,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259363,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259372, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259383, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key 64C5DBD4
[2017/01/22 01:08:13.259399, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a38850
[2017/01/22 01:08:13.259414, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key 64C5DBD4
[2017/01/22 01:08:13.259423,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259432, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259448,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259457,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259465,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259476,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259485,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum)
  172.31.254.73 (ipv4:172.31.254.73:50848) closed connection to service IPC$
[2017/01/22 01:08:13.259507,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir)
  vfs_ChDir to /
[2017/01/22 01:08:13.259545,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir)
  vfs_ChDir got /
[2017/01/22 01:08:13.259559,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259568,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259576,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259587,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259606, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_tcon.c:521
[2017/01/22 01:08:13.259620, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2017/01/22 01:08:13.259685, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259700, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2017/01/22 01:08:13.259709, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_LOGOFF] mid = 11
[2017/01/22 01:08:13.259719,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259764,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259774,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259787,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259823,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259834,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259842,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259854,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259864,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259878, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259889, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key D483AFB6
[2017/01/22 01:08:13.259902, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a4c2c0
[2017/01/22 01:08:13.259919, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key D483AFB6
[2017/01/22 01:08:13.259929,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259937, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259952, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_sesssetup.c:1262
[2017/01/22 01:08:13.259966, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2017/01/22 01:08:13.261841, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1069(smbd_server_connection_terminate_ex)
  smbd_server_connection_terminate_ex: conn[ipv4:172.31.254.73:50848] reason[NT_STATUS_CONNECTION_RESET] at ../source3/smbd/smb2_server.c:3901
[2017/01/22 01:08:13.261894,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261909,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261917,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261931,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261941,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261949,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261956,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261968,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261977,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261984,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261992,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262004,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262014,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.262029,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.262037,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262048,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262093, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor)
  msg_dgm_ref_destructor: refs=(nil)
[2017/01/22 01:08:13.262245,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:246(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)

相关内容