[Freeipa-users] Trouble creating userobjectlass sambaSAMAccount
Jeff Goddard
jgoddard at emerlyn.com
Fri Mar 18 15:08:14 UTC 2016
Hello all,
I'm following this guide:
https://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/cifs.html
in attempts to have a SAMBA server with freeipa as the back-end
authentication method. My problem is that the command: ipa config-mod
--userobjectclasses=top,person,organizationalperson,inetorgperson,inetuser,posixaccount,krbprincipalaux,krbticketpolicyaux,ipaobject,sambaSAMAccount
fails with the message: ipa: ERROR: objectclass
top,person,organizationalperson,inetorgperson,inetuser,posixaccount,krbprincipalaux,krbticketpolicyaux,ipaobject,sambaSAMAccount
not found.
Using the web GUI I was able to add this field but it doesn't dynamically
add it to my existing users and so I get errors such as:
[2016/03/18 10:20:21.052605, 3]
../source3/lib/smbldap.c:579(smbldap_start_tls)
StartTLS issued: using a TLS connection
[2016/03/18 10:20:21.052661, 2]
../source3/lib/smbldap.c:794(smbldap_open_connection)
smbldap_open_connection: connection opened
[2016/03/18 10:20:21.055250, 3]
../source3/lib/smbldap.c:1013(smbldap_connect_system)
ldap_connect_system: successful connection to the LDAP server
[2016/03/18 10:20:21.056774, 4]
../source3/passdb/pdb_ldap.c:1496(ldapsam_getsampwnam)
ldapsam_getsampwnam: Unable to locate user [jgoddard] count=0
[2016/03/18 10:20:21.056856, 3, pid=9121, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/check_samsec.c:400(check_sam_security)
check_sam_security: Couldn't find user 'jgoddard' in passdb.
[2016/03/18 10:20:21.056890, 5, pid=9121, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password)
check_ntlm_password: sam authentication for user [jgoddard] FAILED with
error NT_STATUS_NO_SUCH_USER
[2016/03/18 10:20:21.056944, 2, pid=9121, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [jgoddard] -> [jgoddard]
FAILED with error NT_STATUS_NO_SUCH_USER
[2016/03/18 10:20:21.056972, 2]
../auth/gensec/spnego.c:746(gensec_spnego_server_negTokenTarg)
SPNEGO login failed: NT_STATUS_NO_SUCH_USER
[2016/03/18 10:20:21.057837, 3]
../source3/smbd/server_exit.c:249(exit_server_common)
Server exit (NT_STATUS_CONNECTION_RESET)
When trying to authenticate to my share.
The search from the samba server: ldapsearch -LLL -x -h
id-management-1.internal.emerlyn.com uid=jgoddard
does not return a value for sambaSAMAccount either. Can anyone provide me
a pointer or documentation on where I'm going wrong?
Thanks,
Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160318/79068a64/attachment.htm>
More information about the Freeipa-users
mailing list