我创建了一个 CentOS7 服务器,并将其加入到域中。我使用“realm”确认它是域的一部分,并使用“id”确认我可以检查组的成员身份。
我现在尝试设置共享但陷入困境。我设置了一个共享“测试”,如下所示。在 Windows 中,我可以使用文件浏览器查看服务器根目录(仅显示“测试”共享),但是当我双击共享名称(测试)时,它会超时并要求提供凭据。我尝试了我的凭据和域管理员凭据,但均被拒绝。
smbclient 正确列出了该主机上的共享。而且,奇怪的是,我从我域中的 CentOS6 服务器复制了 smb.conf,该服务器运行良好。我认为 CentOS 7 中有些东西是不同的。
是不是缺少什么设置?
# Global parameters
[global]
interfaces = 172.33.254.38 127.0.0.1
realm = mydomain.com
server string = Linux Server
workgroup = mydomain
log file = /var/log/samba/%m.log
max log size = 50
load printers = No
printcap name = /dev/null
unix extensions = No
security = ADS
winbind offline logon = Yes
dns proxy = No
wins server = 172.33.254.31
idmap config * : backend = tdb
wide links = Yes
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
print command = lpr -r -P'%p' %s
printing = bsd
guest ok = Yes
[test]
comment = mydomain Files
path = /data/test
force group = root
force user = root
read only = No
valid users = "@mydomain\domain admins" mydomain\myname root
browseable = yes
查看共享内容失败后,该主机的 samba 日志如下:
[2017/01/22 01:08:13.259022, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259077, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2017/01/22 01:08:13.259090, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_TDIS] mid = 10
[2017/01/22 01:08:13.259115, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (1475001125, 1475000513) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259129, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (7):
SID[ 0]: S-1-22-1-1475001125
SID[ 1]: S-1-22-2-1475000513
SID[ 2]: S-1-22-2-1475001141
SID[ 3]: S-1-22-2-1475001140
SID[ 4]: S-1-1-0
SID[ 5]: S-1-5-2
SID[ 6]: S-1-5-11
Privileges (0x 0):
Rights (0x 0):
[2017/01/22 01:08:13.259162, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 1475001125
Primary group is 1475000513 and contains 3 supplementary groups
Group[ 0]: 1475000513
Group[ 1]: 1475001141
Group[ 2]: 1475001140
[2017/01/22 01:08:13.259206, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
Impersonated user: uid=(1475001125,1475001125), gid=(0,1475000513)
[2017/01/22 01:08:13.259222, 4, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259231, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259239, 5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259254, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 4
req->in.vector[4].iov_len = 0
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259320, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259333, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259341, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259353, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259363, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259372, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/lock/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259383, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 64C5DBD4
[2017/01/22 01:08:13.259399, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f0770a38850
[2017/01/22 01:08:13.259414, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 64C5DBD4
[2017/01/22 01:08:13.259423, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259432, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259448, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259457, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259465, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259476, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259485, 3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum)
172.31.254.73 (ipv4:172.31.254.73:50848) closed connection to service IPC$
[2017/01/22 01:08:13.259507, 4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir)
vfs_ChDir to /
[2017/01/22 01:08:13.259545, 4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir)
vfs_ChDir got /
[2017/01/22 01:08:13.259559, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259568, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259576, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259587, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259606, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_tcon.c:521
[2017/01/22 01:08:13.259620, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2017/01/22 01:08:13.259685, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259700, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2017/01/22 01:08:13.259709, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_LOGOFF] mid = 11
[2017/01/22 01:08:13.259719, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259764, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259774, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259787, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 4
req->in.vector[4].iov_len = 0
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259823, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259834, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.259842, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259854, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259864, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259878, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/lock/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259889, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key D483AFB6
[2017/01/22 01:08:13.259902, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f0770a4c2c0
[2017/01/22 01:08:13.259919, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key D483AFB6
[2017/01/22 01:08:13.259929, 5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259937, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259952, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_sesssetup.c:1262
[2017/01/22 01:08:13.259966, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2017/01/22 01:08:13.261841, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1069(smbd_server_connection_terminate_ex)
smbd_server_connection_terminate_ex: conn[ipv4:172.31.254.73:50848] reason[NT_STATUS_CONNECTION_RESET] at ../source3/smbd/smb2_server.c:3901
[2017/01/22 01:08:13.261894, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261909, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261917, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261931, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261941, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261949, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261956, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261968, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261977, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261984, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.261992, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262004, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262014, 4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.262029, 5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2017/01/22 01:08:13.262037, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262048, 5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262093, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor)
msg_dgm_ref_destructor: refs=(nil)
[2017/01/22 01:08:13.262245, 3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:246(exit_server_common)
Server exit (NT_STATUS_CONNECTION_RESET)