[CVS latest] Recent strangeness with Samba PDC

Tad Kollar tkollar at lerc.nasa.gov
Tue Nov 9 23:16:33 GMT 1999 

Well, after many (!) hours of brain wracking, I finally solved the problem... it
was one part user error, one part extreme sensitivity by Samba...

The problem was that there was a username (rderwae) in /etc/group who didn't
exist... the group that name was in was specified in a 'valid users' entry in
smb.conf. Samba dealt with it fine for normal user logins, but when someone tried
to logon from an NT workstation in the domain, it segfaulted, even though the
share wasn't relevant to the logon. Below is the pertinent section of the logfile
with log level = 20...

[1999/11/09 17:53:07, 10] lib/domain_namemap.c:lookupsmbpwnam(866)
  lookupsmbpwnam: unix user name rderwae
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(233)
  getpwnam(rderwae)
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(256)
  rderwae not found
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(233)
  getpwnam(rderwae)
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(256)
  rderwae not found
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(233)
  getpwnam(RDERWAE)
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(256)
  RDERWAE not found
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(233)
  getpwnam(Rderwae)
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(256)
  Rderwae not found
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(233)
  getpwnam(rderwaE)
[1999/11/09 17:53:07, 5] lib/username.c:hashed_getpwnam(256)
  rderwaE not found
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:lookupsmbgrpnam(1161)
  lookupsmbgrpnam: unix user group rderwae
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:lookupsmbgrpgid(1252)
  lookupsmbgrpgid: unix gid 11161
[1999/11/09 17:53:07, 20] lib/util_file.c:file_modified(338)
  file_modified: /usr/local/samba/lib/localgroup.map not modified
[1999/11/09 17:53:07, 7] lib/util_sid.c:sid_to_string(50)
  sid_to_string returning S-1-5-32-544
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:map_unixid(741)
  map_unixid: enum entry unix group wheel 103 nt Administrators S-1-5-32-544
[1999/11/09 17:53:07, 20] lib/util_file.c:file_modified(338)
  file_modified: /usr/local/samba/lib/domaingroup.map not modified
[1999/11/09 17:53:07, 7] lib/util_sid.c:sid_to_string(50)
  sid_to_string returning S-1-5-21-3274904897-113583634-2832134990-512
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:map_unixid(741)
  map_unixid: enum entry unix group adm 4 nt Domain Admins
S-1-5-21-3274904897-113583634-2832134990-512
[1999/11/09 17:53:07, 7] lib/util_sid.c:sid_to_string(50)
  sid_to_string returning S-1-5-21-3274904897-113583634-2832134990-513
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:map_unixid(741)
  map_unixid: enum entry unix group ciso 101 nt Domain Users
S-1-5-21-3274904897-113583634-2832134990-513
[1999/11/09 17:53:07, 10] lib/domain_namemap.c:lookupsmbpwnam(866)
[1999/11/09 17:53:07, 0] lib/fault.c:fault_report(40)
  ===============================================================
[1999/11/09 17:53:07, 0] lib/fault.c:fault_report(41)
  INTERNAL ERROR: Signal 11 in pid 15811 (2.1.0-prealpha)
  Please read the file BUGS.txt in the distribution
[1999/11/09 17:53:07, 0] lib/fault.c:fault_report(43)
  ===============================================================
[1999/11/09 17:53:07, 0] lib/util.c:smb_panic(2527)
  PANIC: internal error

Tad Kollar wrote:

> I've been using the PDC stuff since August with few problems. However,
> last week when I updated my local source copy (I think it was Monday),
> my NT workstations w/ domain accounts started seeing this error:
>
> The system cannot log you on to this domain because the system's computer
> account in its primary domain is missing or the password on that account
> is incorrect.
>
> After fiddling with it for awhile I thought no problem, I'll just update
> from an earlier date and try it again later... I took it all the way back
> to October 1st, but the error was still there.
>
> I figured I must have screwed up a config file, so I restored everything
> from a system backup - the binaries, smb.conf, SID file, etc. But the error
> still doesn't go away. Note that on one system I tried re-adding it to the
> domain, which worked fine, but when it rebooted it still had the error.
>
> So I'm baffled... I can only think that its a WINS thing, because
> everything on my server is back to the way it was before the
> problem appeared. Unfortunately I'm unfamiliar with WINS and don't have
> control of the WINS server.
>
> In the meantime I'm using 2.0.5 (the error doesn't show up), which gives
> people access to their files and printers, but for people who logon to
> the domain its using the wrong profile. Plus of course no group stuff...
>
> I'm not complaining or anything, just wondering if anyone knows what
> could be causing this... smb.conf globals below...
>
> TIA,
> Tad
>
> # smb.conf
> # Note: addresses/names changed to protect the innocent
> # Global parameters
>         workgroup = MY_DOMAIN
>         netbios name = MY_SERVER
>         encrypt passwords = Yes
>         name resolve order = host wins lmhosts bcast
>         nt printer driver = /usr/local/samba/lib/nt_printers
>         local group map = /usr/local/samba/lib/localgroup.map
>         domain group map = /usr/local/samba/lib/domaingroup.map
>         builtin group map = /usr/local/samba/lib/builtingroup.map
>         domain user map = /usr/local/samba/lib/domainuser.map
>         logon path =
>         domain logons = Yes
>         preferred master = True
>         dns proxy = No
>         wins server = xxx.xx.xxx.xx
>         unix realname = Yes
>         admin users = root
>         invalid users = root
>         printing = lprng
>         print command = lpr -h -r -P %p %s
>         lppause command = lpc hold %p %j
>         lpresume command = lpc release %p %j
>         queuepause command = lpc stop %p
>         queueresume command = lpc start %p
>         printer driver location = \\MY_SERVER\PRINTER$
>
> --
> ------------------------------------------------------------------------------
> Thaddeus J. Kollar
> Integral Systems, Inc.
> NASA John H. Glenn Research Center, M/S 142-2
> ------------------------------------------------------------------------------

--
------------------------------------------------------------------------------
Thaddeus J. Kollar                                           Fax: 216-433-8000
Integral Systems, Inc.                                     Phone: 216-433-5105
NASA John H. Glenn Research Center, M/S 142-2              Pager: 433-8950 028
------------------------------------------------------------------------------

More information about the samba-ntdom mailing list