[Samba] winbind problems

Brian Kesting bkesting at cityofwayne.org
Tue Dec 21 04:18:43 GMT 2004


I do have both servers pointed to the same ntp server....the time issue should be negligent here.....i hope (lol)


---------- Original Message ----------------------------------
From: Brett Stevens <brett.stevens at hubbub.com.au>
Date:  Tue, 21 Dec 2004 14:21:10 +1100

One other problem that I experenced was time. Make sure that your servers
are synced closely, preferbaly with the same server.
Brett Stevens

-----Original Message-----
From: Brian Kesting [mailto:bkesting at cityofwayne.org] 
Sent: Tuesday, December 21, 2004 10:29 AM
To: samba at lists.samba.org
Subject: [Samba] winbind problems


Hello,

I am running a Samba server (3.0.7) on a Suse 9.2 box.  I have connected
this server successfully to a Windows 2000 Active Directory (mixed mode).  I
have nsswitch.conf, krb5.conf configured and winbind seems to be running
properly for the most part.  With wbinfo I can get all of my user and group
information.  Problem is, it seems that at random times, the samba server
just stops authenticating the windows user names and accounts.  If I restart
the winbind or smb service, then all seems to be well again for a while.
Right now the only way I can keep this running is to run a cron job that
restartes the samba and winbind services every hour.  This is really bugging
me as I cannot figure out what is going on.  Can anyone help me?  I have
included some of my configuration and log files below.  Thanks in advance.

---------/etc/samba/smb.conf----------
# Samba Configuration File

[global]
        workgroup = WAYNE
        realm = WAYNE.LOCAL
        server string = Samba Server
        security = ADS
        password server = adserver.wayne.local
        encrypt passwords = yes
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template shell = /bin/bash
        winbind use default domain = no
        winbind separator = /

[users]
        comment = Users on Linux
        path = /home/WAYNE
        read only = No
        browseable = Yes

---------/etc/nsswitch.conf-------
passwd: files winbind
group:  files winbind
hosts:    files dns wins winbind
networks: files dns

---------/etc/krb5.conf-----------
[libdefaults]
        default_realm = WAYNE.LOCAL
        clockskew = 300

[realms]
WAYNE.LOCAL = {
        kdc = police.wayne.local
        default_domain = WAYNE.LOCAL
        kpasswd_server = adserver.wayne.local
}
[domain_realm]
        .WAYNE.LOCAL = WAYNE.LOCAL
[appdefaults]
pam = {
        ticket_lifetime = 365d
        renew_lifetime = 365d
        forwardable = true
        proxiable = false
        retain_after_close = true
        minimum_uid = 0
}

----------/var/log/samba/log.smbd--------
[2004/12/20 15:25:33, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/LIEUTENANT1$ is invalid on this system [2004/12/20
15:25:44, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/LIEUTENANT1$ is invalid on this system [2004/12/20
15:25:54, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/LIEUTENANT1$ is invalid on this system [2004/12/20
15:25:56, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/LIEUTENANT1$ is invalid on this system
.
.
.
[2004/12/20 16:04:34, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/DISPATCH_GW1$ is invalid on this system [2004/12/20
16:05:13, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/DISPATCH_GW1$ is invalid on this system [2004/12/20
16:05:13, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
  Username WAYNE/DISPATCH_GW1$ is invalid on this system

----------/var/log/samba/log.winbindd-------------------
[2004/12/20 16:51:07, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2004/12/20 16:54:52, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
  krb5_cc_get_principal failed (No such file or directory) [2004/12/20
16:56:18, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2004/12/20 16:59:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
  user 'root' does not exist
[2004/12/20 17:00:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
  user 'root' does not exist
[2004/12/20 17:01:18, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2004/12/20 17:06:24, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2004/12/20 17:11:40, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2004/12/20 17:15:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)

????
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list