Help configuring samba appliance
Patrick Spinler
spinler.patrick at mayo.edu
Thu Feb 15 16:36:42 GMT 2001
I just tried a freshly compiled winbindd, compiled according the the
instructions in the README in the samba-appliance directory.
Unfortunately, my newly compiled winbindd doesn't appear to be able to
contact the PDC.
Same configuration as last time. Again - does anyone have any hints
what the problem may be ? Where do I from here to attempt to debug this
?
-- Pat
$ sudo winbindd -i -d100
codepage_initialise: client code page = 850
load_client_codepage: loading codepage 850.
Adding chars 0x85 0xb7 (l->u = True) (u->l = True)
(--snip--)
Adding chars 0x9c 0x0 (l->u = False) (u->l = False)
load_unicode_map: loading unicode map for codepage 850.
load_unicode_map: filename
/usr/local/samba/lib/codepages/unicode_map.850 does not exist.
added interface ip=172.23.52.30 bcast=172.23.53.255 nmask=255.255.254.0
added interface ip=192.168.10.0 bcast=192.168.10.255 nmask=255.255.255.0
establishing connections
server: dc=, pwdb_init=0, lsa_hnd=0
looking up dc name for domain RCHWKS
resolve_lmhosts: Attempting lmhosts lookup for name RWKSRV00<0x20>
startlmhosts: Can't open lmhosts file /usr/local/samba/lib/lmhosts.
Error was No such file or directory
resolve_hosts: Attempting host lookup for name RWKSRV00<0x20>
bind succeeded on port 0
Sending a packet of len 236 to (129.176.100.175) on port 138
[000] 10 1A 39 3E C0 A8 0A 00 0B 0D 00 EC 00 00 20 46 ..9>.... ......
F
[010] 43 44 41 44 41 44 46 44 46 44 47 44 43 44 41 43 CDADADFD
FDGDCDAC
[020] 41 43 41 43 41 43 41 43 41 43 41 43 41 41 41 00 ACACACAC
ACACAAA.
[030] 20 46 43 45 44 45 49 46 48 45 4C 46 44 43 41 43 FCEDEIF
HELFDCAC
[040] 41 43 41 43 41 43 41 43 41 43 41 43 41 43 41 42 ACACACAC
ACACACAB
[050] 4C 00 FF 53 4D 42 25 00 00 00 00 00 00 00 00 00 L..SMB%.
........
[060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........
........
[070] 00 00 11 00 00 3E 00 00 00 00 00 00 00 00 00 00 .....>..
........
[080] 00 00 00 00 00 00 00 00 00 3E 00 5C 00 03 00 01 ........
.>.\....
[090] 00 01 00 02 00 4F 00 5C 4D 41 49 4C 53 4C 4F 54 .....O.\
MAILSLOT
[0A0] 5C 4E 45 54 5C 4E 45 54 4C 4F 47 4F 4E 00 07 00 \NET\NET
LOGON...
[0B0] 72 30 30 35 35 36 32 30 00 5C 4D 41 49 4C 53 4C r0055620
.\MAILSL
[0C0] 4F 54 5C 4E 45 54 5C 47 45 54 44 43 31 34 36 35 OT\NET\G
ETDC1465
[0D0] 34 00 72 00 30 00 30 00 35 00 35 00 36 00 32 00 4.r.0.0.
5.5.6.2.
[0E0] 30 00 00 00 01 00 00 00 FF FF FF FF 0....... ....
(--- repeated 3 times ---)
unable to lookup pdc name for 129.176.100.175 in domain RCHWKS
no domain controllers found for domain RCHWKS
Patrick Spinler wrote:
>
> Hi:
>
> I've been messing with the samba appliance package recently (the 0.5 rpm
> version built last aug 17), and am having difficulty getting logins
> working via the supplied pam modules. Here's my setup:
>
> My workstation is R0055620, a member of the domain RCHWKS
> My account is pjs11, a account in domain MC
> The RCHWKS domain trusts the MC domain (and the RCH domain, too)
>
> When I attempt to login using MC\pjs11, winbindd spits this tidbit of
> log:
>
> 006e id_auth[0] : 00
> 006f id_auth[1] : 00
> 0070 id_auth[2] : 00
> 0071 id_auth[3] : 00
> 0072 id_auth[4] : 00
> 0073 id_auth[5] : 05
> 0074 sub_auths : 00000015 7c0150b7 0fdc7252 030312ce
> 0084 status: 00000000
> adding trusted domain MC
> adding trusted domain RCH
> (--- NOTE: here is end of winbind startup log, below is login attempt)
> accepted socket 8
> [29305]: pam auth MC\pjs11
> could not get trust password for domain MC
>
> I've attached my pam config file and nsswitch.conf, and the complete
> winbindd output is at http://spinler.dhs.org/~pspinler/winbindd.log.
> My system is a somewhat updated redhat 6.2, glibc 2.1.1.
>
> I've also just recompiled the various componants from cvs SAMBA_TNG and
> APPLIANCE_HEAD branches, and will be trying these new componants later
> today.
>
> -- Pat
>
> p.s. whenever I redirect winbind's output to a file, it hangs. Any
> ideas ? E.g. this command:
>
> $ winbindd -i -d 100 > /tmp/winbindd.log
>
> produces a hung winbindd, only killable by kill -9. Any clues ?
>
> --
> This message does not represent the policies or positions
> of the Mayo Foundation or its subsidiaries.
> Patrick Spinler email: Spinler.Patrick at Mayo.EDU
> Mayo Foundation phone: 507/284-9485
>
> ------------------------------------------------------------------------
> #
> # /etc/nsswitch.conf
> #
> # An example Name Service Switch config file. This file should be
> # sorted with the most-used services at the beginning.
> #
> # The entry '[NOTFOUND=return]' means that the search for an
> # entry should stop if the search in the previous entry turned
> # up nothing. Note that if the search failed due to some other reason
> # (like no NIS server responding) then the search continues with the
> # next entry.
> #
> # Legal entries are:
> #
> # nisplus or nis+ Use NIS+ (NIS version 3)
> # nis or yp Use NIS (NIS version 2), also called YP
> # dns Use DNS (Domain Name Service)
> # files Use the local files
> # db Use the local database (.db) files
> # compat Use NIS on compat mode
> # [NOTFOUND=return] Stop searching if not found so far
> #
>
> # To use db, put the "db" in front of "files" for entries you want to be
> # looked up first in the databases
> #
> # Example:
> #passwd: db files nisplus nis
> #shadow: db files nisplus nis
> #group: db files nisplus nis
>
> passwd: files winbind
> shadow: files winbind
> group: files winbind
>
> #passwd: files nisplus nis winbind
> #shadow: files nisplus nis winbind
> #group: files nisplus nis winbind
>
> #hosts: db files nisplus nis dns
> hosts: files nisplus nis dns
>
> services: nisplus [NOTFOUND=return] files
> networks: nisplus [NOTFOUND=return] files
> protocols: nisplus [NOTFOUND=return] files
> rpc: nisplus [NOTFOUND=return] files
> ethers: nisplus [NOTFOUND=return] files
> netmasks: nisplus [NOTFOUND=return] files
> bootparams: nisplus [NOTFOUND=return] files
>
> netgroup: nisplus
>
> publickey: nisplus
>
> automount: files nisplus
> aliases: files nisplus
>
> ------------------------------------------------------------------------
> #%PAM-1.0
> auth required /lib/security/pam_securetty.so
> auth required /lib/security/pam_nologin.so
> auth sufficient /lib/security/pam_winbind.so
> auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok
> #account required /lib/security/pam_pwdb.so
> account required /lib/security/pam_winbind.so
> password required /lib/security/pam_cracklib.so
> password required /lib/security/pam_pwdb.so shadow nullok use_authtok
> session required /lib/security/pam_pwdb.so
> session optional /lib/security/pam_console.so
--
This message does not represent the policies or positions
of the Mayo Foundation or its subsidiaries.
Patrick Spinler email: Spinler.Patrick at Mayo.EDU
Mayo Foundation phone: 507/284-9485
More information about the samba-ntdom
mailing list