AW: [Samba] Samba PDC with Squid NTLM_AUTH
Martin Hoffmann
mhoffmann at pro-nets.de
Fri Apr 7 13:09:43 GMT 2006
Unfortunately it took some time to my test environment up and running -
however $subject still does not work:
Main problem is to get "wbinfo" on PDC itself running!
Here is what i got from winbind logfiles (smb.conf loglevel 10)
#wbinfo -u
Error looking up domain users
[2006/03/21 02:10:54, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 19
[2006/03/21 02:10:54, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn INTERFACE_VERSION
[2006/03/21 02:10:54, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(454)
[ 0]: request interface version
[2006/03/21 02:10:54, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2006/03/21 02:10:54, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(487)
[ 0]: request location of privileged pipe
[2006/03/21 02:10:54, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 20
[2006/03/21 02:10:54, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn LIST_USERS
[2006/03/21 02:10:54, 3] nsswitch/winbindd_user.c:winbindd_list_users(738)
[ 0]: list users
#wbinfo -g
BUILTIN\administrators
BUILTIN\account operators
BUILTIN\print operators
BUILTIN\backup operators
BUILTIN\replicators
[2006/03/21 02:11:18, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 19
[2006/03/21 02:11:18, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn INTERFACE_VERSION
[2006/03/21 02:11:18, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(454)
[ 0]: request interface version
[2006/03/21 02:11:18, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2006/03/21 02:11:18, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(487)
[ 0]: request location of privileged pipe
[2006/03/21 02:11:18, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 20
[2006/03/21 02:11:18, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn LIST_GROUPS
[2006/03/21 02:11:18, 3] nsswitch/winbindd_group.c:winbindd_list_groups(813)
[ 0]: list groups
[2006/03/21 02:11:18, 4]
nsswitch/winbindd_group.c:get_sam_group_entries(523)
get_sam_group_entries: BUILTIN or local domain; enumerating local groups
as well
[2006/03/21 02:11:18, 5] lib/smbldap.c:smbldap_search_ext(1080)
smbldap_search_ext: base => [ou=Groups,ou=OxObjects,dc=pro-nets,dc=de],
filter => [(&(objectclass=sambaGroupMapping)(sambaGroupType=5))], scope =>
[2]
[2006/03/21 02:11:18, 4]
nsswitch/winbindd_group.c:get_sam_group_entries(532)
get_sam_group_entries: Returned 5 local groups
[2006/03/21 02:11:18, 4]
nsswitch/winbindd_group.c:get_sam_group_entries(523)
get_sam_group_entries: BUILTIN or local domain; enumerating local groups
as well
[2006/03/21 02:11:18, 5] lib/smbldap.c:smbldap_search_ext(1080)
smbldap_search_ext: base => [ou=Groups,ou=OxObjects,dc=pro-nets,dc=de],
filter => [(&(objectclass=sambaGroupMapping)(sambaGroupType=4))], scope =>
[2]
[2006/03/21 02:11:18, 3]
nsswitch/winbindd_group.c:get_sam_group_entries(528)
get_sam_group_entries: Failed to enumerate domain local groups!
>From the -u part i cannot find any cause - the -g part at least shows that
winbind is corretly probing my ldap and doesn't find any sambaGroupType=4
(local) since all my groups are either Type=5 (builtin) or Type=2 (domain)
Why is winbind not searching Type=2??
I don't understand what is going on here!
#Wbinfo -t reports succesful trust and "net rpc join pdc" or "net rpc join"
was also successful - so whats the problem!?
I guess since wbinfo -u refuses to work i don't need to fiddle around with
ntlm_auth!?
Please help!
Kind Regards, Martin
More information about the samba
mailing list