Guten Abend,
ich bekomme bei einem Anmeldeversuch unter Windows 10 mit Opsi-Configed die Fehlermeldung:
"Unauthorized - keine Verbindung".
Habe Opsi auf dem Univention Server installiert.
log-file opsiconfd.log:
[4] [2023-04-09 22:56:54.440] [192.168.178.234] Backend authentication error: Backend authentication error: Authentication failed for user 'Administrator': Backend authentication $
$
[3] [2023-04-09 22:57:04.656] [192.168.178.234] Backend permission denied error: Access to method 'getRawData' denied for user 'root' (jsonrpc.py:543)
Traceback (most recent call last):
logfile auth.log:
Apr 10 12:04:00 worblingen unix_chkpwd[27474]: check pass; user unknown
Apr 10 12:04:00 worblingen unix_chkpwd[27474]: password check failed for user (administrator)
Apr 10 12:04:00 worblingen opsiconfd: pam_unix(opsi-auth:auth): authentication failure; logname= uid=2018 euid=2018 tty= ruser= rhost= user=administrator
Apr 10 12:04:00 worblingen opsiconfd: pam_krb5(opsi-auth:auth): authentication failure; logname=administrator uid=2018 euid=2018 tty= ruser= rhost=
Hat jemand eine Idee?
Vielen Dank und frohe Ostern
Stefan
Opsi-Configed --> Unauthorized
-
SisterOfMercy
- Beiträge: 1524
- Registriert: 22 Jun 2012, 19:18
Re: Opsi-Configed --> Unauthorized
Does it work when you try it with the domain? domain\administrator?
No sssd in between? How does the kerberos configuration look?
No sssd in between? How does the kerberos configuration look?
Bitte schreiben Sie Deutsch, when I'm responding in the German-speaking part of the forum!
Re: Opsi-Configed --> Unauthorized
Danke!
Also ich habe den configed deinstalliert.
Dann wollte ich ihn über die cmd neu installieren, dabei kamen aber folgende Fehler:
opsicommon.exceptions.BackendConfigurationError: Backend configuration error: Failed to get depot server for client 'terra1504.ddns-net.intranet'
Apr 12 23:44:39 worblingen python3: pam_krb5(univention-management-console:auth): authentication failure; logname=Administrator uid=0 euid=0 tty= ruser= rhost=
Apr 12 23:44:44 worblingen python3: pam_unix(univention-management-console:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=Administrator
Apr 12 23:44:44 worblingen python3: pam_krb5(univention-management-console:auth): authentication failure; logname=Administrator uid=0 euid=0 tty= ruser= rhost=
Er meint, dass er den Netzwerkpfad nicht findet --> das stimmt, der Client findet den Pfad nicht, ich kann nicht mit der Freigabe "opsi_depot"verbinden.
Komisch - nach dem ich versuchte, smbd neu zu starten, kommt diese Meldung: Failed to restart smbd.service: Unit smbd.service is masked.
Was ist zu tun ?
Vielen Dank und Grueße
Stefna
Also ich habe den configed deinstalliert.
Dann wollte ich ihn über die cmd neu installieren, dabei kamen aber folgende Fehler:
opsicommon.exceptions.BackendConfigurationError: Backend configuration error: Failed to get depot server for client 'terra1504.ddns-net.intranet'
Apr 12 23:44:39 worblingen python3: pam_krb5(univention-management-console:auth): authentication failure; logname=Administrator uid=0 euid=0 tty= ruser= rhost=
Apr 12 23:44:44 worblingen python3: pam_unix(univention-management-console:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=Administrator
Apr 12 23:44:44 worblingen python3: pam_krb5(univention-management-console:auth): authentication failure; logname=Administrator uid=0 euid=0 tty= ruser= rhost=
Er meint, dass er den Netzwerkpfad nicht findet --> das stimmt, der Client findet den Pfad nicht, ich kann nicht mit der Freigabe "opsi_depot"verbinden.
Komisch - nach dem ich versuchte, smbd neu zu starten, kommt diese Meldung: Failed to restart smbd.service: Unit smbd.service is masked.
Was ist zu tun ?
Vielen Dank und Grueße
Stefna
-
SisterOfMercy
- Beiträge: 1524
- Registriert: 22 Jun 2012, 19:18
Re: Opsi-Configed --> Unauthorized
Do you have enough rights? It looks like some weird stuff is going on. Why the hell would that service be masked? Are others also managing this server?
# sudo systemctl unmask smbd
# sudo systemctl unmask smbd
Bitte schreiben Sie Deutsch, when I'm responding in the German-speaking part of the forum!
Re: Opsi-Configed --> Unauthorized
Hallo,
danke für die Antwort.
Anbei die logs von samba (nmbd):
[2023/04/13 00:19:58.217382, 0, pid=1123] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 00:19:58.286165, 0, pid=1147] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 1148
[2023/04/13 00:19:58.287189, 0, pid=1147] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 00:19:58.287208, 0, pid=1147] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
[2023/04/13 23:33:20.541196, 0, pid=26385] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:33:20.544414, 0, pid=26386] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 26387
[2023/04/13 23:33:20.545877, 0, pid=26386] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 23:33:20.545917, 0, pid=26386] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
[2023/04/13 23:35:49.901580, 0, pid=26754] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:35:49.905284, 0, pid=26755] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 26756
[2023/04/13 23:35:49.906591, 0, pid=26755] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 23:35:49.906624, 0, pid=26755] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
und hier log.samba:
[2023/04/13 00:20:02.874735, 0, pid=1163] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 00:20:46.987425, 0, pid=1218] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 00:21:02.221578, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:02.877336, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:03.443877, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:09.870752, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:21.692271, 0, pid=26413] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:33:21.941494, 0, pid=26414] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 23:33:37.145084, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.147139, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.150055, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.197066, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:35:51.622441, 0, pid=26791] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:35:51.925426, 0, pid=26792] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 23:36:07.084314, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.086573, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.089518, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.137651, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
Ich kann übrigens gar nicht mit dem Windows Explorer auf gar keine Freigabe vom Server zugreifen. Obwohl Sie im Webinterface vom Server (Univention) auftauchen und korrekt laufen.
Vielen Dank und Grüße
Stefan
danke für die Antwort.
Anbei die logs von samba (nmbd):
[2023/04/13 00:19:58.217382, 0, pid=1123] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 00:19:58.286165, 0, pid=1147] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 1148
[2023/04/13 00:19:58.287189, 0, pid=1147] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 00:19:58.287208, 0, pid=1147] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
[2023/04/13 23:33:20.541196, 0, pid=26385] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:33:20.544414, 0, pid=26386] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 26387
[2023/04/13 23:33:20.545877, 0, pid=26386] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 23:33:20.545917, 0, pid=26386] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
[2023/04/13 23:35:49.901580, 0, pid=26754] ../../source3/nmbd/nmbd.c:901(main)
nmbd version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:35:49.905284, 0, pid=26755] ../../source3/nmbd/asyncdns.c:158(start_async_dns)
started asyncdns process 26756
[2023/04/13 23:35:49.906591, 0, pid=26755] ../../lib/util/become_daemon.c:150(daemon_status)
daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface ...
[2023/04/13 23:35:49.906624, 0, pid=26755] ../../source3/nmbd/nmbd_subnetdb.c:253(create_subnets)
NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
und hier log.samba:
[2023/04/13 00:20:02.874735, 0, pid=1163] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 00:20:46.987425, 0, pid=1218] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 00:21:02.221578, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:02.877336, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:03.443877, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 00:21:09.870752, 1, pid=1646] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:21.692271, 0, pid=26413] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:33:21.941494, 0, pid=26414] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 23:33:37.145084, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.147139, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.150055, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:33:37.197066, 1, pid=26455] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:35:51.622441, 0, pid=26791] ../../source4/samba/server.c:623(binary_smbd_main)
samba version 4.16.8-Univention started.
Copyright Andrew Tridgell and the Samba Team 1992-2022
[2023/04/13 23:35:51.925426, 0, pid=26792] ../../source4/samba/server.c:897(binary_smbd_main)
binary_smbd_main: samba: using 'prefork' process model
[2023/04/13 23:36:07.084314, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ForestDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.086573, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=DomainDnsZones,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.089518, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on CN=Configuration,DC=ddns-net,DC=intranet and looking for deleted objects
[2023/04/13 23:36:07.137651, 1, pid=26832] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
Doing a full scan on DC=ddns-net,DC=intranet and looking for deleted objects
Ich kann übrigens gar nicht mit dem Windows Explorer auf gar keine Freigabe vom Server zugreifen. Obwohl Sie im Webinterface vom Server (Univention) auftauchen und korrekt laufen.
Vielen Dank und Grüße
Stefan
Re: Opsi-Configed --> Unauthorized
Hallo nochmal,
in der smb.conf fehlte der Eintrag der Netzwerkkarte. Nachdem ich bei "interfaces = lo" die enp0s25 eingetragen hatte, und samba neu gestartet hatte, lief alles wieder.
Aber warum verschwindet einfach die Netzwerkkarte?
Vielen Dank und Grüße
Stefan
in der smb.conf fehlte der Eintrag der Netzwerkkarte. Nachdem ich bei "interfaces = lo" die enp0s25 eingetragen hatte, und samba neu gestartet hatte, lief alles wieder.
Aber warum verschwindet einfach die Netzwerkkarte?
Vielen Dank und Grüße
Stefan