Created attachment 16625 [details] Active Directory Users and Computers Hi, After upgrading on the 3 AD DC samba from 4.12.10 to 4.12.15 I get on a joined Windows 10 server when accessing "Active Directory Users and Computers" the error "Naming information cannot be located because: The user name or password is incorrect. Contact your system administrator to verify hat your domain is properly configured and is currently online." I did a downgrade to 4.2.10 on all three samba servers but the error still persists.
(In reply to ierdnah from comment #0) We are going to need a lot more information, what OS ? Are you using OS packages ? Can you get level 10 logs from the DC that ADUC is connecting to. Finally, what is in your DC's smb.conf
I build samba from git "./configure --with-sendfile-support && make -j4 && make install". root@dc04:~# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 18.04.5 LTS Release: 18.04 Codename: bionic root@dc04:~# -smb.conf----------------------- # Global parameters [global] # BEGIN for win2008 terminal.next-gen.ro ntlm auth = yes # END for win2008 terminal.next-gen.ro # BEGIN for old win xp/7 ldap server require strong auth = no # END for old win xp/7 bind interfaces only = Yes interfaces = lo ens19 netbios name = DC04 realm = NEXT-GEN.LOCAL server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dns workgroup = NEXT-GEN idmap_ldb:use rfc2307 = yes dns forwarder = 10.253.50.5 #logging = file:0 #log file = /usr/local/samba/var/log/log.%m #log level = dsdb_audit:4 dsdb_password_audit:4 auth_audit:4 auth:4 passdb:4 winbind:4 #client min protocol = NT1 #server min protocol = NT1 [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [netlogon] path = /usr/local/samba/var/locks/sysvol/next-gen.local/scripts read only = No ------------------------ How do I enable level 10 logs ?
Setting "log level = 10" in smb.conf and getting a lot of this lines in the logs: ldb: Destroying timer event 0x55acfed884f0 "ldb_kv_timeout" [2021/05/25 13:32:20.491582, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Destroying timer event 0x55acff19ccf0 "ldb_kv_callback" [2021/05/25 13:32:20.491627, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (rdn_name)->search [2021/05/25 13:32:20.491657, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (encrypted_secrets)->search [2021/05/25 13:32:20.491680, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (operational)->search [2021/05/25 13:32:20.491705, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2021/05/25 13:32:20.491731, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2021/05/25 13:32:20.491754, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2021/05/25 13:32:20.491782, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2021/05/25 13:32:20.491803, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2021/05/25 13:32:20.491825, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Added timed event "ldb_kv_callback": 0x55acff4f23d0 [2021/05/25 13:32:20.491852, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Added timed event "ldb_kv_timeout": 0x55acff2909e0 [2021/05/25 13:32:20.491880, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Running timer event 0x55acff4f23d0 "ldb_kv_callback" [2021/05/25 13:32:20.491950, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Destroying timer event 0x55acff2909e0 "ldb_kv_timeout" [2021/05/25 13:32:20.491978, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Destroying timer event 0x55acff4f23d0 "ldb_kv_callback" [2021/05/25 13:32:20.492063, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (rdn_name)->search [2021/05/25 13:32:20.492085, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (encrypted_secrets)->search [2021/05/25 13:32:20.492107, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (operational)->search [2021/05/25 13:32:20.492135, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2021/05/25 13:32:20.492170, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2021/05/25 13:32:20.492193, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2021/05/25 13:32:20.492219, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2021/05/25 13:32:20.492240, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2021/05/25 13:32:20.492262, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Added timed event "ldb_kv_callback": 0x55acfe9fce40 [2021/05/25 13:32:20.492289, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Added timed event "ldb_kv_timeout": 0x55acff152620 [2021/05/25 13:32:20.492320, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Running timer event 0x55acfe9fce40 "ldb_kv_callback" [2021/05/25 13:32:20.492395, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_response: DONE error: 0 [2021/05/25 13:32:20.492428, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_request: (schema_load)->read_unlock [2021/05/25 13:32:20.492451, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->read_unlock [2021/05/25 13:32:20.492472, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> DC=next-gen,DC=local [2021/05/25 13:32:20.492493, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492519, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> DC=ForestDnsZones,DC=next-gen,DC=local [2021/05/25 13:32:20.492540, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492565, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> DC=DomainDnsZones,DC=next-gen,DC=local [2021/05/25 13:32:20.492585, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492609, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> CN=Configuration,DC=next-gen,DC=local [2021/05/25 13:32:20.492630, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492662, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> CN=Schema,CN=Configuration,DC=next-gen,DC=local [2021/05/25 13:32:20.492688, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492712, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: partition_read_unlock() -> (metadata partition) [2021/05/25 13:32:20.492740, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->read_unlock [2021/05/25 13:32:20.492770, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Destroying timer event 0x55acff152620 "ldb_kv_timeout" [2021/05/25 13:32:20.492796, 10, pid=29591, effective(0, 0), real(0, 0), class=ldb] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Destroying timer event 0x55acfe9fce40 "ldb_kv_callback"
Also in ADUC if I set an individual AD DC samba server it displays the users but when I try to create a new user is says "Windows cannot verify that the user name is unique because the following error occurred while contacting the global catalog: The user name or password is incorrect". Windows will create this user account, but the user can log only after the user name s verified to be unique. Make sure he global catalog is available. For more information bout troubleshooting this issue , see Windows Help."