我的问题是 logspam。我有 2 个 Windows AD 域和 Windows 域控制器。域 A 有一些 Ubuntu/Samba 域成员。我使用域 A 中的帐户登录服务器没有问题,使用 AD 凭据访问从 Ubuntu 主机共享的文件夹也没有问题。域 B 信任域 A(单向、不传递)。在域 B 域控制器上,我不断(每分钟 2 到 8 次)记录事件 4625 (未知用户名)An account failed to log on: Account name: [email protected] status 0xC000006D
为什么 Samba 要去那里?我怎样才能让它停止?
Ubuntu 20.04 / Samba 4.11.6+dfsg-0ubuntu1.6
smb.conf:
[global]
disable netbios = Yes
domain master = No
idmap gid = 10000-20000
idmap uid = 10000-20000
local master = No
log file = /var/log/samba/log.%m
logging = file
map to guest = Bad User
max log size = 1000
obey pam restrictions = Yes
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd program = /usr/bin/passwd %u
realm = DOMAINA.DOM
restrict anonymous = 2
security = ADS
server role = standalone server
server string = %h server (Samba, Ubuntu)
template shell = /bin/bash
unix password sync = Yes
winbind enum groups = Yes
winbind enum users = Yes
winbind use default domain = Yes
workgroup = DOMAINA
idmap config * : range = 10000-20000
idmap config * : backend = tdb
谢谢您的考虑!