도메인 자격 증명을 허용하는 Samba 4 공유를 생성할 수 없습니다.

도메인 자격 증명을 허용하는 Samba 4 공유를 생성할 수 없습니다.

CentOS7 서버를 만들어 도메인에 가입시켰습니다. 도메인에 속하는지 확인하려면 "영역"을 사용하고, 그룹의 멤버십을 확인할 수 있는지 확인하려면 "ID"를 사용했습니다.

지금 공유를 설정하려고 하는데 멈췄습니다. 아래와 같이 공유 "테스트"를 설정했습니다. Windows에서는 파일 브라우저를 사용하여 서버 루트를 볼 수 있지만("테스트" 공유만 표시됨) 공유 이름(테스트)을 두 번 클릭하면 시간이 초과되고 자격 증명을 요청합니다. 내 자격 증명과 도메인 관리자 자격 증명을 시도했지만 둘 다 거부되었습니다.

smbclient는 이 호스트의 공유를 올바르게 나열합니다. 그리고 이상하게도 내 도메인의 CentOS6 서버에서 smb.conf를 복사했는데 제대로 작동했습니다. CentOS 7에서는 뭔가 다른 것 같습니다.

혹시 누락된 설정이 있나요?

# Global parameters
[global]
        interfaces = 172.33.254.38 127.0.0.1
        realm = mydomain.com
        server string = Linux Server
        workgroup = mydomain
        log file = /var/log/samba/%m.log
        max log size = 50
        load printers = No
        printcap name = /dev/null
        unix extensions = No
        security = ADS
        winbind offline logon = Yes
        dns proxy = No
        wins server = 172.33.254.31
        idmap config * : backend = tdb
        wide links = Yes
        lpq command = lpq -P'%p'
        lprm command = lprm -P'%p' %j
        print command = lpr -r -P'%p' %s
        printing = bsd
        guest ok = Yes


[test]
        comment = mydomain Files
        path = /data/test
        force group = root
        force user = root
        read only = No
        valid users = "@mydomain\domain admins" mydomain\myname root
        browseable = yes

공유 콘텐츠 보기에 실패한 후 호스트의 삼바 로그는 다음과 같습니다.

[2017/01/22 01:08:13.259022, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259077, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2017/01/22 01:08:13.259090, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_TDIS] mid = 10
[2017/01/22 01:08:13.259115,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (1475001125, 1475000513) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259129,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
  Security token SIDs (7):
    SID[  0]: S-1-22-1-1475001125
    SID[  1]: S-1-22-2-1475000513
    SID[  2]: S-1-22-2-1475001141
    SID[  3]: S-1-22-2-1475001140
    SID[  4]: S-1-1-0
    SID[  5]: S-1-5-2
    SID[  6]: S-1-5-11
   Privileges (0x               0):
   Rights (0x               0):
[2017/01/22 01:08:13.259162,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 1475001125
  Primary group is 1475000513 and contains 3 supplementary groups
  Group[  0]: 1475000513
  Group[  1]: 1475001141
  Group[  2]: 1475001140
[2017/01/22 01:08:13.259206,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
  Impersonated user: uid=(1475001125,1475001125), gid=(0,1475000513)
[2017/01/22 01:08:13.259222,  4, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259231,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259239,  5, pid=8720, effective(1475001125, 1475000513), real(1475001125, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259254,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259320,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259333,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259341,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259353,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259363,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259372, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259383, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key 64C5DBD4
[2017/01/22 01:08:13.259399, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a38850
[2017/01/22 01:08:13.259414, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key 64C5DBD4
[2017/01/22 01:08:13.259423,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_tcon_global.tdb
[2017/01/22 01:08:13.259432, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259448,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259457,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259465,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259476,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259485,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum)
  172.31.254.73 (ipv4:172.31.254.73:50848) closed connection to service IPC$
[2017/01/22 01:08:13.259507,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir)
  vfs_ChDir to /
[2017/01/22 01:08:13.259545,  4, pid=8720, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir)
  vfs_ChDir got /
[2017/01/22 01:08:13.259559,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259568,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259576,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259587,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259606, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_tcon.c:521
[2017/01/22 01:08:13.259620, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2017/01/22 01:08:13.259685, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3849(smbd_smb2_io_handler)
  smbd_smb2_request idx[1] of 5 vectors
[2017/01/22 01:08:13.259700, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:660(smb2_validate_sequence_number)
  smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2017/01/22 01:08:13.259709, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2258(smbd_smb2_request_dispatch)
  smbd_smb2_request_dispatch: opcode[SMB2_OP_LOGOFF] mid = 11
[2017/01/22 01:08:13.259719,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259764,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259774,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259787,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
  smbd_smb2_request_pending_queue: req->current_idx = 1
        req->in.vector[0].iov_len = 0
        req->in.vector[1].iov_len = 0
        req->in.vector[2].iov_len = 64
        req->in.vector[3].iov_len = 4
        req->in.vector[4].iov_len = 0
        req->out.vector[0].iov_len = 4
        req->out.vector[1].iov_len = 0
        req->out.vector[2].iov_len = 64
        req->out.vector[3].iov_len = 8
        req->out.vector[4].iov_len = 0
[2017/01/22 01:08:13.259823,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.259834,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.259842,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.259854,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.259864,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
  check lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259878, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:/var/lib/samba/lock/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2017/01/22 01:08:13.259889, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Locking key D483AFB6
[2017/01/22 01:08:13.259902, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
  Allocated locked data 0x0x7f0770a4c2c0
[2017/01/22 01:08:13.259919, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
  Unlocking key D483AFB6
[2017/01/22 01:08:13.259929,  5, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
  release lock order 1 for /var/lib/samba/lock/smbXsrv_session_global.tdb
[2017/01/22 01:08:13.259937, 10, pid=8720, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
  lock order:  1:<none> 2:<none> 3:<none>
[2017/01/22 01:08:13.259952, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2989(smbd_smb2_request_done_ex)
  smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[4] dyn[no:0] at ../source3/smbd/smb2_sesssetup.c:1262
[2017/01/22 01:08:13.259966, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:912(smb2_set_operation_credit)
  smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2017/01/22 01:08:13.261841, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1069(smbd_server_connection_terminate_ex)
  smbd_server_connection_terminate_ex: conn[ipv4:172.31.254.73:50848] reason[NT_STATUS_CONNECTION_RESET] at ../source3/smbd/smb2_server.c:3901
[2017/01/22 01:08:13.261894,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261909,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261917,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261931,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261941,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261949,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261956,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.261968,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.261977,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.261984,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.261992,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262004,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262014,  4, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2017/01/22 01:08:13.262029,  5, pid=8720, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2017/01/22 01:08:13.262037,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2017/01/22 01:08:13.262048,  5, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2017/01/22 01:08:13.262093, 10, pid=8720, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor)
  msg_dgm_ref_destructor: refs=(nil)
[2017/01/22 01:08:13.262245,  3, pid=8720, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:246(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)

관련 정보