Howard Swope
Dabbler
- Joined
- Nov 19, 2015
- Messages
- 26
I am trying to get my FreeNAS to create SMB shares which authenticate against FreeIPA (Redhat Identity Management on Centos7). I have SAMBA installed on FreeIPA box. From the FreeNAS box running getent passwd shows my created users. I can successfully access AFP shares and can successfully SSH into the FreeNAS box with user credentials that are on the FreeIPA box. But I can't seem to connect to the SMB shares. I have been tweaking the LDAP parameters for a long while now with no success. I am just ignorantly throwing darts at this problem. Can someone help me increase my understanding? My log.smbd reads:
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Monaco; color: #f5f5f5; background-color: #000000} span.s1 {font-variant-ligatures: no-common-ligatures}
Got user=[test] domain=[HMS3] workstation=[MACBOOKPRO-FDF9] len1=24 len2=230
[2016/12/22 11:15:20.973850, 3] ../source3/param/loadparm.c:3743(lp_load_ex)
lp_load_ex: refreshing parameters
[2016/12/22 11:15:20.973918, 3] ../source3/param/loadparm.c:544(init_globals)
Initialising global parameters
[2016/12/22 11:15:20.974044, 3] ../source3/param/loadparm.c:2672(lp_do_section)
Processing section "[global]"
[2016/12/22 11:15:20.974969, 2] ../source3/param/loadparm.c:2689(lp_do_section)
Processing section "[home]"
[2016/12/22 11:15:20.975245, 3] ../source3/param/loadparm.c:1589(lp_add_ipc)
adding IPC service
[2016/12/22 11:15:20.975283, 3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [HMS3]\[test]@[MACBOOKPRO-FDF9] with the new password interface
[2016/12/22 11:15:20.975310, 3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [HMS3]\[test]@[MACBOOKPRO-FDF9]
[2016/12/22 11:15:21.052850, 3] ../source3/auth/check_samsec.c:400(check_sam_security)
check_sam_security: Couldn't find user 'test' in passdb.
[2016/12/22 11:15:21.052922, 3] ../source3/auth/auth_winbind.c:60(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [HMS3] was for this SAM.
[2016/12/22 11:15:21.052948, 2] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER
[2016/12/22 11:15:21.053001, 3] ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
No such user test [HMS3] - using guest account
[2016/12/22 11:15:21.055477, 0] ../libcli/smb/smb2_signing.c:171(smb2_signing_check_pdu)
Bad SMB2 signature for message
[2016/12/22 11:15:21.055540, 0] ../lib/util/util.c:559(dump_data)
[0000] F0 8B A1 8F 54 87 9C 0C D0 DD EB A2 03 E2 36 9C ....T... ......6.
[2016/12/22 11:15:21.055578, 0] ../lib/util/util.c:559(dump_data)
[0000] C3 0E D9 E3 D6 45 3F 62 7E B9 19 6B D1 C2 03 3E .....E?b ~..k...>
[2016/12/22 11:15:21.055613, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2406
[2016/12/22 11:15:21.061976, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62888215
[2016/12/22 11:15:21.064688, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
Got user=[test] domain=[HMS3] workstation=[MACBOOKPRO-FDF9] len1=24 len2=230
[2016/12/22 11:15:21.064738, 3] ../source3/param/loadparm.c:3743(lp_load_ex)
lp_load_ex: refreshing parameters
[2016/12/22 11:15:21.064809, 3] ../source3/param/loadparm.c:544(init_globals)
Initialising global parameters
[2016/12/22 11:15:21.064920, 3] ../source3/param/loadparm.c:2672(lp_do_section)
Processing section "[global]"
[2016/12/22 11:15:21.065843, 2] ../source3/param/loadparm.c:2689(lp_do_section)
Processing section "[home]"
[2016/12/22 11:15:21.066114, 3] ../source3/param/loadparm.c:1589(lp_add_ipc)
adding IPC service
[2016/12/22 11:15:21.066166, 3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [HMS3]\[test]@[MACBOOKPRO-FDF9] with the new password interface
[2016/12/22 11:15:21.066188, 3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [HMS3]\[test]@[MACBOOKPRO-FDF9]
[2016/12/22 11:15:21.067706, 3] ../source3/auth/check_samsec.c:400(check_sam_security)
check_sam_security: Couldn't find user 'test' in passdb.
[2016/12/22 11:15:21.067786, 3] ../source3/auth/auth_winbind.c:60(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [HMS3] was for this SAM.
[2016/12/22 11:15:21.067813, 2] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER
[2016/12/22 11:15:21.067837, 3] ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
No such user test [HMS3] - using guest account
[2016/12/22 11:15:21.070280, 0] ../libcli/smb/smb2_signing.c:171(smb2_signing_check_pdu)
Bad SMB2 signature for message
[2016/12/22 11:15:21.070346, 0] ../lib/util/util.c:559(dump_data)
[0000] 88 EF 7E 78 B2 E9 A5 02 FC 6E B6 C3 6C 8D F4 BE ..~x.... .n..l...
[2016/12/22 11:15:21.070377, 0] ../lib/util/util.c:559(dump_data)
[0000] 84 15 64 6C 56 BB A6 FA E1 E0 C9 4C 92 5D C7 7F ..dlV... ...L.]..
[2016/12/22 11:15:21.070412, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2406
[2016/12/22 11:16:12.888715, 2] ../source3/smbd/process.c:2875(deadtime_fn)
Closing idle connection
[2016/12/22 11:16:12.888921, 3] ../source3/smbd/server.c:154(msg_exit_server)
got a SHUTDOWN message
[2016/12/22 11:16:12.889191, 3] ../source3/smbd/server_exit.c:246(exit_server_common)
Server exit (normal exit)
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Monaco; color: #f5f5f5; background-color: #000000} span.s1 {font-variant-ligatures: no-common-ligatures}
Got user=[test] domain=[HMS3] workstation=[MACBOOKPRO-FDF9] len1=24 len2=230
[2016/12/22 11:15:20.973850, 3] ../source3/param/loadparm.c:3743(lp_load_ex)
lp_load_ex: refreshing parameters
[2016/12/22 11:15:20.973918, 3] ../source3/param/loadparm.c:544(init_globals)
Initialising global parameters
[2016/12/22 11:15:20.974044, 3] ../source3/param/loadparm.c:2672(lp_do_section)
Processing section "[global]"
[2016/12/22 11:15:20.974969, 2] ../source3/param/loadparm.c:2689(lp_do_section)
Processing section "[home]"
[2016/12/22 11:15:20.975245, 3] ../source3/param/loadparm.c:1589(lp_add_ipc)
adding IPC service
[2016/12/22 11:15:20.975283, 3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [HMS3]\[test]@[MACBOOKPRO-FDF9] with the new password interface
[2016/12/22 11:15:20.975310, 3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [HMS3]\[test]@[MACBOOKPRO-FDF9]
[2016/12/22 11:15:21.052850, 3] ../source3/auth/check_samsec.c:400(check_sam_security)
check_sam_security: Couldn't find user 'test' in passdb.
[2016/12/22 11:15:21.052922, 3] ../source3/auth/auth_winbind.c:60(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [HMS3] was for this SAM.
[2016/12/22 11:15:21.052948, 2] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER
[2016/12/22 11:15:21.053001, 3] ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
No such user test [HMS3] - using guest account
[2016/12/22 11:15:21.055477, 0] ../libcli/smb/smb2_signing.c:171(smb2_signing_check_pdu)
Bad SMB2 signature for message
[2016/12/22 11:15:21.055540, 0] ../lib/util/util.c:559(dump_data)
[0000] F0 8B A1 8F 54 87 9C 0C D0 DD EB A2 03 E2 36 9C ....T... ......6.
[2016/12/22 11:15:21.055578, 0] ../lib/util/util.c:559(dump_data)
[0000] C3 0E D9 E3 D6 45 3F 62 7E B9 19 6B D1 C2 03 3E .....E?b ~..k...>
[2016/12/22 11:15:21.055613, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2406
[2016/12/22 11:15:21.061976, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62888215
[2016/12/22 11:15:21.064688, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
Got user=[test] domain=[HMS3] workstation=[MACBOOKPRO-FDF9] len1=24 len2=230
[2016/12/22 11:15:21.064738, 3] ../source3/param/loadparm.c:3743(lp_load_ex)
lp_load_ex: refreshing parameters
[2016/12/22 11:15:21.064809, 3] ../source3/param/loadparm.c:544(init_globals)
Initialising global parameters
[2016/12/22 11:15:21.064920, 3] ../source3/param/loadparm.c:2672(lp_do_section)
Processing section "[global]"
[2016/12/22 11:15:21.065843, 2] ../source3/param/loadparm.c:2689(lp_do_section)
Processing section "[home]"
[2016/12/22 11:15:21.066114, 3] ../source3/param/loadparm.c:1589(lp_add_ipc)
adding IPC service
[2016/12/22 11:15:21.066166, 3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [HMS3]\[test]@[MACBOOKPRO-FDF9] with the new password interface
[2016/12/22 11:15:21.066188, 3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [HMS3]\[test]@[MACBOOKPRO-FDF9]
[2016/12/22 11:15:21.067706, 3] ../source3/auth/check_samsec.c:400(check_sam_security)
check_sam_security: Couldn't find user 'test' in passdb.
[2016/12/22 11:15:21.067786, 3] ../source3/auth/auth_winbind.c:60(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [HMS3] was for this SAM.
[2016/12/22 11:15:21.067813, 2] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER
[2016/12/22 11:15:21.067837, 3] ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
No such user test [HMS3] - using guest account
[2016/12/22 11:15:21.070280, 0] ../libcli/smb/smb2_signing.c:171(smb2_signing_check_pdu)
Bad SMB2 signature for message
[2016/12/22 11:15:21.070346, 0] ../lib/util/util.c:559(dump_data)
[0000] 88 EF 7E 78 B2 E9 A5 02 FC 6E B6 C3 6C 8D F4 BE ..~x.... .n..l...
[2016/12/22 11:15:21.070377, 0] ../lib/util/util.c:559(dump_data)
[0000] 84 15 64 6C 56 BB A6 FA E1 E0 C9 4C 92 5D C7 7F ..dlV... ...L.]..
[2016/12/22 11:15:21.070412, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_server.c:2406
[2016/12/22 11:16:12.888715, 2] ../source3/smbd/process.c:2875(deadtime_fn)
Closing idle connection
[2016/12/22 11:16:12.888921, 3] ../source3/smbd/server.c:154(msg_exit_server)
got a SHUTDOWN message
[2016/12/22 11:16:12.889191, 3] ../source3/smbd/server_exit.c:246(exit_server_common)
Server exit (normal exit)