I’ve successfully joined domain Windows Server 2003 using LikewiseOpen from Ubuntu repos, but can`t login to Ubuntu-server 10.04 with russian usernames. When I try to do it with test username (only latin symbols) - everything seems good.
I try to troubleshoot this problem step by step using guide http://www.likewise.com/resources/documentation_library/manuals/open/likewise-open-54-guide.html#SolveLogonProblems :
1) domainjoin-cli query
Name = eibuntu
Domain = OUR.DMN
Distinguished Name = CN=EIBUNTU,CN=Computers,DC=our,DC=dmn ;
2) When trying logon to Ubuntu, using escape the slash character with a slash character (OUR\\Петров) ;
3) clear the cache - sudo lw-ad-cache --delete-all
The cache has been emptied successfully ;
4) sudo kdestroy
kdestroy: No credentials cache found while destroying cache ;
5) service lsassd status
running (standalone: 1337) ;
The result shows the correct domain controller name and IP address ;
7) lw-find-user-by-name our\\Петров
User info (Level-0):
====================
Name: OUR\Петров
SID: S-1-5-21-507921405-492894223-839522115-12638
Uid: 58208606
Gid: 58196481
Gecos: Петров Александр Алексеевич
Shell: /bin/bash
Home dir: /home/likewise-open/OUR/Петров
Logon restriction: NO
9) su our\\Петров
And here we got trouble:
su: Authentication failure
In auth.log I see error:
eibuntu su[2530]: [module:pam_lsass]pam_sm_authenticate error [login:our\Петров][error code:40067]
eibuntu su[2530]: pam_authenticate: Authentication failure
eibuntu su[2530]: FAILED su for our\Петров by ubadmin
eibuntu su[2530]: - /dev/pts/1 ubadmin:our\Петров
In daemon.log:
eibuntu lsassd[1337]: 0xb1fb2b70:Failed to authenticate user (name = ‘our\Петров’)
-> error = 40067, symbol = LW_ERROR_STRING_CONV_FAILED, client pid = 8091
10) well, I try to test ssh:
ssh our\\Петров@localhost
In auth.log:
eibuntu sshd[13675]: [module:pam_lsass]pam_sm_authenticate error [login:our\Петров][error code:40067]
eibuntu sshd[13595]: error: PAM: Authentication failure for our\\\320\237\320\265\321\202\321\200\320\276\320\262 from localhost
In daemon.log:
eibuntu lsassd[1337]: 0xb1fb2b70:Failed to authenticate user (name = ‘our\Петров’) ->
error = 40067, symbol = LW_ERROR_STRING_CONV_FAILED, client pid = 13675
Maybe, it`s not involved with impossibility to login, but it is clear that something wrong with it...
Binary package hint: likewise-open
Description: Ubuntu 10.04 LTS 2ubuntu1
Release: 10.04
likewise-open: 5.4.0.42111-
I’ve successfully joined domain Windows Server 2003 using LikewiseOpen from Ubuntu repos, but can`t login to Ubuntu-server 10.04 with russian usernames. When I try to do it with test username (only latin symbols) - everything seems good. www.likewise. com/resources/ documentation_ library/ manuals/ open/likewise- open-54- guide.html# SolveLogonProbl ems : CN=Computers, DC=our, DC=dmn ;
I try to troubleshoot this problem step by step using guide http://
1) domainjoin-cli query
Name = eibuntu
Domain = OUR.DMN
Distinguished Name = CN=EIBUNTU,
2) When trying logon to Ubuntu, using escape the slash character with a slash character (OUR\\Петров) ;
3) clear the cache - sudo lw-ad-cache --delete-all
The cache has been emptied successfully ;
4) sudo kdestroy
kdestroy: No credentials cache found while destroying cache ;
5) service lsassd status
running (standalone: 1337) ;
6) lw-get-dc-name our.domain ======= ======= ======= === lerAddressType = 23 llerName = dc.our.dmn llerAddress = 192.168.x.1 nName = OUR edDomainName = our.dmn First-Site- Name First-Site- Name
Printing LWNET_DC_INFO fields:
=======
dwDomainControl
dwFlags = 1021
dwVersion = 5
wLMToken = 65535
wNTToken = 65535
pszDomainContro
pszDomainContro
pucDomainGUID(hex) = 51 AC 8B FE B2 85 3C 4B 9C 73 19 B0 25 11 69 9D
pszNetBIOSDomai
pszFullyQualifi
pszDnsForestName = our.dmn
pszDCSiteName = Default-
pszClientSiteName = Default-
pszNetBIOSHostName = DC
pszUserName = <EMPTY>
The result shows the correct domain controller name and IP address ;
7) lw-find- user-by- name our\\Петров ======= ====== 507921405- 492894223- 839522115- 12638 open/OUR/ Петров
User info (Level-0):
=======
Name: OUR\Петров
SID: S-1-5-21-
Uid: 58208606
Gid: 58196481
Gecos: Петров Александр Алексеевич
Shell: /bin/bash
Home dir: /home/likewise-
Logon restriction: NO
8) lw-get-status tory-provider]
LSA Server Status:
Compiled daemon version: 5.0.0.0
Packaged product version: 5.4.0.42111
Uptime: 0 days 15 hours 18 minutes 26 seconds
[Authentication provider: lsa-activedirec
Status: Online First-Site- Name ....... ....... ....... ....... .......
Mode: Un-provisioned
Domain: OUR.DMN
Forest: OUR.DMN
Site: Default-
Online check interval: 300 seconds
[Trusted Domains: 2]
.......
9) su our\\Петров
And here we got trouble:
su: Authentication failure
In auth.log I see error: pam_lsass] pam_sm_ authenticate error [login: our\Петров] [error code:40067]
eibuntu su[2530]: [module:
eibuntu su[2530]: pam_authenticate: Authentication failure
eibuntu su[2530]: FAILED su for our\Петров by ubadmin
eibuntu su[2530]: - /dev/pts/1 ubadmin:our\Петров
In daemon.log: STRING_ CONV_FAILED, client pid = 8091
eibuntu lsassd[1337]: 0xb1fb2b70:Failed to authenticate user (name = ‘our\Петров’)
-> error = 40067, symbol = LW_ERROR_
10) well, I try to test ssh: localhost
ssh our\\Петров@
In auth.log: pam_lsass] pam_sm_ authenticate error [login: our\Петров] [error code:40067] 237\320\ 265\321\ 202\321\ 200\320\ 276\320\ 262 from localhost
eibuntu sshd[13675]: [module:
eibuntu sshd[13595]: error: PAM: Authentication failure for our\\\320\
In daemon.log: STRING_ CONV_FAILED, client pid = 13675
eibuntu lsassd[1337]: 0xb1fb2b70:Failed to authenticate user (name = ‘our\Петров’) ->
error = 40067, symbol = LW_ERROR_
Maybe, it`s not involved with impossibility to login, but it is clear that something wrong with it...