[Samba] winbindd starts, works, then fails soon

Robert Grasso Robert.Grasso at cedrat.com
Wed Aug 22 13:02:06 GMT 2007 

Hello,

I recently installed samba 3.0.25b-33, in order to connect some RHEL 4 workstations to our AD servers using SFU. I am a Linux
sysadmin but not very used to Samba.

I succeeded configuring Samba, and when the smb and winbind services are started, everything is fine, I get my Linux users as I
configured them in AD/SFU : wbinfo -u is correct, logins are possible, samba shares are reachable from a Windows desktop

Alas, very quickly (less than one hour ?) winbind uses to fail, and the connection with AD is lost; the logs are full of

ads_connect for domain ddd failed: No logon servers
(...)
ad_idmap_init: failed to connect to AD
(...)
NT_STATUS_UNSUCCESSFUL

Can anybody give some help ?

Here is my smb.conf

[global]
   workgroup = xxx
   realm = yyy
   server string = Samba Server - ccc
   hosts allow = 192.168. 127.
   #printcap name = /etc/printcap
   printcap name = cups
   load printers = yes
    printing = cups
    cups options = raw
 log level = 1
 log file = /var/log/samba/%m.log
   max log size = 50
   security = ADS
   encrypt passwords = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   preferred master = no
name resolve order = wins bcast
   dns proxy = yes
   idmap domains = ALLDOMAINS
   idmap config ALLDOMAINS:backend = ad
   idmap config ALLDOMAINS:default = yes
   idmap config ALLDOMAINS:schema_mode = sfu

   template homedir = /home/%U
   winbind use default domain = yes
   winbind separator = +
   winbind enum users = yes
   winbind enum groups = yes
   winbind nss info = template sfu
   winbind offline logon = true
   winbind refresh tickets = true
[xxx]
	path = /home/xxx
	writeable = yes
        valid users = ddd+xxx ddd+yyy
        create mask = 0755
	map archive = yes

[zzz]
	path = /home/zzz
	writeable = yes
        valid users = ddd+zzz ddd+yyy
        create mask = 0755
	map archive = yes




---
Robert GRASSO
System Engineer

CEDRAT
15, Chemin de Malacher - Inovallée - 38246 MEYLAN Cedex - FRANCE
Tel: +33 (0)4 76 90 50 45 Fax: +33 (0)4 76 90 16 09
mailto:Robert.Grasso at cedrat.com
---
Support service       : mailto:support at cedrat.com
Commercial service : mailto:cedrat at cedrat.com
Web site                  : http://www.cedrat.com

More information about the samba mailing list