samba-appliance problem: winbindd overwrites secrets.tdb
Chris Briggs
cbriggs at nauticusnet.com
Mon Feb 26 21:46:58 GMT 2001
I'm trying to use the samba-appliance stuff on a Redhat 7.0 system, on a
network with NT servers (with an NT server as the PDC). I want to make the
Linux system use the NT domain for authentication of everything. I followed
the instructions in the whitepaper "Unified Logons between Windows NT and
Unix using Winbind" and the winbindd man page.
So I started by installing samba-2.2.0alpha2 and configuring it for domain
authentication. I made an account for the Linux box in the NT domain, set
its password, and defined a sample share. This worked great. I could access
the share from my win2k client using my domain password, and I could get the
status of the Linux box from Server Manager on the PDC.
Then I made the necessary changes to smb.conf, nsswitch.conf and the
appropriate (I think) /etc/pam.d/* files and started winbindd. It didn't
seem to work--I couldn't login to the Linux box using my domain account
(DOMAIN\username).
Further, the domain authentication for (plain) Samba doesn't work anymore.
If I try looking at the properties of the Linux box from Server Manager on
the PDC, it says "Connection refused" and I get errors in my nt1.log file
(nt1 is my pdc). The file is attached, but I think the main error is this:
[2001/02/22 10:37:19, 0] smbd/password.c:domain_client_validate(1503)
domain_client_validate: could not fetch trust account password for domain
BREAKWATER
Also, I noticed that while my /usr/local/samba/private/secrets.tdb file was
exactly 8KB before I ran winbindd, it was only 676 bytes after. I'm guessing
that this is the crux of my problem. Is it?
I've tried these installs:
1. installing samba-appliance-0.5-1.i386.rpm
2. building from samba-appliance-0.5-1.src.rpm
3. "make nsswitch" on samba-tng acquired via cvs last week (using Samba
2.2.0alpha2 for the main Samba daemons)
They all have the same result, as described above.
Now my questions are these:
1. Has anyone gotten Samba with domain security and winbind working on a RH
7.0 system? (Question 1.a. From the mailing list archive for February, it
looks like someone has gotten it to run on a Solaris 2.6 system? Is this
true, and if so, will it work on Solaris 2.8?)
2. How do I get winbindd not to clobber my secrets.tdb file? (Or is this not
important?)
3. Is this the right place for samba-appliance questions? (If not, where
is?)
Thank you much. My smb.conf is also attached.
-cb
--
Chris Briggs
Nauticus Networks (formerly Breakwater Communications)
cbriggs at nauticusnet.com
508-270-0500 x225
<<smb.conf>> <<nt1.log>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smb.conf
Type: application/octet-stream
Size: 818 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010226/769949fb/smb.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nt1.log
Type: application/octet-stream
Size: 12153 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-ntdom/attachments/20010226/769949fb/nt1.obj
More information about the samba-ntdom
mailing list