конфиг самбы:
[global]
workgroup=GOU
realm = GOU.NTKP
server string=%h server (Samba, Ubuntu)
dns proxy=no
log file=/var/log/samba/log.%m
max log size=1000
syslog=0
panic action=/usr/share/samba/panic-action %d
server role=standalone server
passdb backend=tdbsam
obey pam restrictions=yes
unix password sync=yes
passwd program=/usr/bin/passwd %u
passwd chat=*Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssucc$
pam password change=yes
map to guest=bad user
usershare allow guests=yes
idmap config * : range=10000-20000
idmap config * : backend=tdb
winbind enum groups=yes
winbind enum users=yes
winbind use default domain=yes
template shell=/bin/bash
winbind refresh tickets=yes
[printers]
comment=All Printers
browseable=no
path=/var/spool/samba
printable=yes
guest ok=no
read only=yes
create mask=0700
[print$]
comment=Printer Drivers
path=/var/lib/samba/printers
browseable=yes
read only=yes
guest ok=no
krb5.conf:
[libdefaults]
ticket_lifetime = 24000
default_realm = GOU.LOCAL
default_tgs_entypes = rc4-hmac des-cbc-md5
default_tkt__enctypes = rc4-hmac des-cbc-md5
permitted_enctypes = rc4-hmac des-cbc-md5
dns_lookup_realm = true
dns_lookup_kdc = true
dns_fallback = yes
[realms]
GOU.LOCAL = {
kdc = GOU.LOCAL:88
default_domain = GOU.LOCAL
}
[domain_realm]
.GOU.LOCAL= GOU.LOCAL
GOU.LOCAL = GOU.LOCAL
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
smbclient -L localhost -U%
Domain=[GOU] OS=[Unix] Server=[Samba 4.1.23]
Sharename Type Comment
--------- ---- -------
netlogon Disk
sysvol Disk
IPC$ IPC IPC Service (Samba 4.1.23)
Domain=[GOU] OS=[Windows 6.1] Server=[Samba 4.3.11-Ubuntu]
Server Comment
--------- -------
108-1
NTKP ntkp server (Samba, Ubuntu)
Workgroup Master
--------- -------
GOU NTKP
klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@GOU.NTKP
Valid starting Expires Service principal
28.02.2018 10:02:02 28.02.2018 16:41:59 krbtgt/GOU.NTKP@GOU.NTKP
wbinfo -t
checking the trust secret for domain GOU via RPC calls failed
wbcCheckTrustCredentials(GOU): error code was NT_STATUS_NO_SUCH_DOMAIN (0xc00000df)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret
wbinfo -P
checking the NETLOGON for domain[GOU] dc connection to "" failed
failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND
В чем может быть проблема? Почему winbind выдает ошибку?