[Samba] Winbind problems
Blanchard, Michael
MBlanchard at grandaire.com
Wed Feb 13 08:35:14 GMT 2002
I was having close to the exact same problem. What was causing it was I
had split wins servers (WINS servers that had other WINS servers listed
in their network settings) and I was getting bogus IP address and names
reported for domain controllers. So when winbind was trying to find a
domain controller, WINS was saying that there was one at ip address
x.x.x.x when there hadn't been one there for years. What I had to do
was make the wins servers ONLY talk to themselves (besides replication
of course) and set the replication to every 2 hours. This had the
effect of clearing out the junk that was sitting in the WINS DB. As
soon as I did that, everything was working A-OK.
-----Original Message-----
From: Thomas, Daniel J. [mailto:Daniel.Thomas at jhuapl.edu]
Sent: Wednesday, February 13, 2002 11:17 AM
To: 'Jan van Rensburg'; samba at lists.samba.org
Subject: RE: [Samba] Winbind problems
You might want to try not using the -U option when joining the domain.
Instead, create the machine account on the NT server first, allow time
for the account to propagate, then join. What should happen is the
machine account password that NT uses should be copied to the /private
directory and smbpasswd should randomly generate a MACHINE.SID and send
that back to the domain controller to store in it's machine database.
I'm not convinced that -U works outside of linux. -Dan
-----Original Message-----
From: Jan van Rensburg [mailto:jan.van.rensburg at epiuse.com]
Sent: Wednesday, February 13, 2002 5:37 AM
To: samba at lists.samba.org
Subject: [Samba] Winbind problems
Hi,
I'd appreciate any help getting winbind to work on Solaris 8 (Sparc).
I've followed the HOWTOs and other documents on the web but can't seem
to get even the basic functionality going.
Some platform info:
$ uname -a
SunOS epiuse-sun 5.8 Generic_108528-12 sun4u sparc SUNW,UltraAX-i2 $
smbd -V Version 2.2.3a
On the NT side it is win2k with an ADS tree.
My samba config:
$ more /opt/samba/lib/smb.conf
[global]
workgroup = domain
netbios name = solaris
load printers = no
log file = /opt/samba/var/log.%m
max log size = 50
security = domain
password server = nt
encrypt passwords = yes
domain logons = no
interfaces = 10.5.3.6
local master = no
domain master = no
name resolve order = lmhosts wins bcast host
wins server = 10.5.1.1
winbind separator = +
winbind cache time = 10
template shell = /bin/false
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
now what i did:
$ /etc/init.d/samba stop
Stopping Samba
$ rm /opt/samba/private/*
$ smbpasswd -D 4 -j domain -r nt -U w2kadmin
added interface ip=10.5.3.6 bcast=10.5.3.255 nmask=255.255.255.0
Password:
resolve_lmhosts: Attempting lmhosts lookup for name nt<0x20>
startlmhosts: Can't open lmhosts file /opt/samba/lib/lmhosts. Error was
No such file or directory
resolve_wins: Attempting wins lookup for name nt<0x20>
resolve_wins: WINS server == <10.5.1.1>
bind succeeded on port 0
nmb packet from 10.5.1.1(137) header: id=6870 opcode=Query(0)
response=Yes
header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT<20> rr_type=32 rr_class=1 ttl=5783
answers 0 char ...... hex 00000A050303
Got a positive name query response from 10.5.1.1 ( 10.5.3.3 ) Connecting
to 10.5.3.3 at port 445 session setup ok Domain=[DOMAIN] OS=[Windows
5.0] Server=[Windows 2000 LAN Manager] Joined domain DOMAIN. $
/etc/init.d/samba start Starting Samba $ wbinfo -t Secret is bad
0xc0000001 $ wbinfo -u Error looking up domain users
I've changed the domain name and the names of the 2 servers above to
make it easier to follow (the problem does not seem to be with name
resolution). I get these results even when I delete the Solaris machine
from the ADS tree, or if I add it to the ADS tree manually with the
backwards compatibility check.
I'm running my winbindd logs at debug level 1, and I have messages like
these:
[2002/02/11 07:17:59, 1] nsswitch/winbindd_util.c:get_domain_info(137)
getting trusted domain list
[2002/02/11 07:17:59, 1]
libsmb/cliconnect.c:cli_establish_connection(867)
failed tcon_X
[2002/02/11 07:18:08, 1] nsswitch/winbindd_util.c:get_domain_info(137)
getting trusted domain list
Any ideas?
Thank you,
Jan van rensburg
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 4678 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20020213/bfc502f9/attachment.bin
More information about the samba
mailing list