Issue for AD:
User that was removed and re-added to OpenLDAP cannot authenticate upon login.
Logs show user found in LDAP and found in Domain.
However, the user has an error message in the log.IPAddress file, that says:
"failed to finalize nt token"
The call getpwuid(12345) has the wrong UID. That was the user's old UID.
$ sudo wb info -i myuser
myuser:*:12345:513:FirstNm LastNm:/home/MINDWATERING/myuser:/bin/bash
Entering, wb info -i myuser, displays the old PID, as well.
Solution:
To fix the issue, needed to clear the net cache.
$ sudo net cache flush
wb info -i myuser, then displayed the correct UID, and login was successful.
wb info -i myuser
myuser:*:54321:513:FirstNm LastNm:/home/MINDWATERING/myuser:/bin/bash
Issues for Non LDAP:
Q - Use cannot see shares?
A - Check valid users in the /etc/samba/smb.conf. Check that you added user to password file, or for Samba 4, added user with the samba-tool tool.
-- Old way:
$ sudo smbpasswd -a myuserid
-- New Samba 4 way:
$ /usr/local/samba/bin/samba-tool user add myuserid
A - Check for config issue, run testparm
$ sudo testparm
A - Firewall open? To add:
$ sudo firewall-cmd --add-service=samba --zone=public --permanent
$ sudo firewall-cmd --reload
A - Are both smb and nmb services enabled and running? To enable, and start:
$ sudo systemctl enable smb
$ sudo systemctl start smb
$ sudo systemctl enable nmb
$ sudo systemctl start nmb
A - Has SELinux been told to allow this access? To add:
$ sudo chcon -R -t samba_share_t /local/mysharefolder
and for home directory:
$ sudo setsebool samba_enable_home_dirs=1
previous page
|