Please have a look at my HowTo: HowTo join xUbuntu 16.04 Desktop to NethServer-7 AD and automount ServerHomeDir
Maybe you miss a step ?
Hi @fasup,
Thanks for the suggestion. I’ve followed all the steps as outlined in your and the other instruction.
Any other suggestions? I’m totally lost now and have run out of ideas…
Excerpt from log files can be found here.
Regards
/Mathias
Hello Mathias, I am testing xubuntu 18.04 b1 atm. Is 18.04 an option for you?
Hi,
I followed the HOWTO and I can login with ssh but the home directory cannot be mounted. The error message is
"unable to validate password for user ralph@ad.domain in domain XXX to Domain controller NSDC-XXX. Error was NT_STATUS_WRONG_PASSWORD".
The file server is a NS7 AD member server with all updates.
Any hint?
Regards, Ralph
Hi @fausp,
Well, why not. I’ll try Ubuntu 18.04 during the weekend and get back with my findings. But it might not be until late on Sunday… (Whife, kids, etc… 
)
Regards
/Mathias
OK, no prob. The test with xubuntu 18.04 b1 (64bit) was successful, everything works like expected…
I think you have to use a DC-Server instead of a DC-member. Please logon on directly on the DomainController…
…not really … I have 0 linux machines joined to the domain 
negative. I have a similar setup: I run the domain and it’s samba container on server1 and the samba shares and the ftp server on server2. Server 2 is AD joined to server1. Users have their homeshares on server2 and can connect without issues.
I do not recall if I had to set custom rights, you shouldnt have to for regular shares created through the servermanager webinterface, or the default home-share.
Try without the @ad.domain part, or prepend your NETBIOS domain in the form of netbiosdomain\user
What does your samba log say about this logon event ?
I tried that before and many more variations. The samba log says “Wrong Password”.
After all I’ve read I think it has to do with the “sec=??” param.
What are the options here?
Btw, today it worked once and then never more. Even with the same entry as before.
I presume the password entered in notepad or alike displays correct ?
I am not aware of the sec=?? param, or ever doing anything with it, but again, I join windows machines to the Samba AD.
OK, this is good to know…
Well here’s the result from trying with traditional Ubuntu. Excerpt from /var/log/syslog:
Blockquote failed to commit changes to dconf: GDBus.Error:org.gtk.GDBus.UnmappedGError.Quark._g_2dfile_2derror_2dquark.Code2: Failed to rename file “/home/user@lad.server/.config/dconf/user.44U0FZ” to “/home/user@lad.server/.config/dconf/user”: g_rename() failed: Permission denied
Blockquote
- Toolbar to the left is now nere
- When I try to add programs to the toolbar (Favourites) I get the above error message (same as with 17.10)
- When I try to change the background picture I get the above error message (same as with 17.10)
This is the configuration on the machine:
Blockquote user@ad.server:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
Codename: bionic
Blockquote user@ad.server:~$ uname -a
Linux nuc-2 4.15.0-12-generic #13-Ubuntu SMP Thu Mar 8 06:24:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux > Blockquote
I’ll give xubuntu a try as well later on.
Regards
/Mathias
root@xubu18001:/home/support# mount
//infra01/admin@ad.example.org on /home/admin@ad.example.org/nethome type cifs (rw,nosuid,nodev,relatime,vers=default,cache=strict,username=admin@ad.example.org,domain=,uid=638401105,forceuid,gid=638400513,forcegid,addr=192.168.xx.245,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
1 Like
hi @fausp,
I can now confirm that everything is working as intended with xubuntu. 
Blockquote user@client:~$ lsb_release -a
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
Codename: bionic
Blockquote user@client:~$ uname -a
Linux nuc-2 4.15.0-12-generic #13-Ubuntu SMP Thu Mar 8 06:24:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Blockquote user@client:~$ mount
//nethserver.ad.domain/user@ad.domain on /home/user@ad.domain type cifs (rw,nosuid,nodev,relatime,vers=default,cache=strict,username=user@ad.domain,domain=,uid=1551401106,forceuid,gid=1551400513,forcegid,addr=192.168.nnn.nnn,file_mode=0755,dir_mode=0755,soft,nounix,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
tmpfs on /run/user/1551401106 type tmpfs (rw,nosuid,nodev,relatime,size=793352k,mode=700,uid=1551401106,gid=1551400513)
gvfsd-fuse on /run/user/1551401106/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1551401106,group_id=1551400513) > Blockquote
So now I only have to decide if I shall migrate to xubuntu or stay with traditional ubuntu and hope that the root cause can be identified.
What puzzles me though is that I still get this error message from sssd:
Blockquote
mar 17 16:38:44 nuc-2 sssd[652]: tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Server not found in Kerberos database.
Blockquote
But perhaps this is nothing I need to worry about? Perhaps it’s not even related to this issue?
Regards
/Mathias
Congrats Mathias ! 
Best
Frank
1 Like
You can safely ignore the warning 
1 Like
ok, thanks!
And many thanks to all of you for helping out! 
As far as I’m concerned this matter is no sorted out. My solution will be to migrate to xubuntu.
Case closed.
/Mathias
2 Likes
Sorry for the belated reply. Too much work lately.
I was getting errors like yours about permissions and had to force the use of the older SMB protocol. I had to add “vers=1.0” to the volume configs in the PAM mount config file. This was due to a change in the default protocol when the Ubuntu kernel was upgraded to fix Spectre/Meltdown. Forcing the downgrade fixed that problem for me.
See here:
1 Like
I tried to update the HOWTO to mention this, but I cannot edit it anymore apparently 
Howto wikified. Now you should be able to edit it.