How I got winbind to work with rh71/samba_2_2 and win2k (PDC)

leif.klepp at starcut.com leif.klepp at starcut.com
Fri Sep 21 02:24:02 GMT 2001


John Trostel wrote sometime Thursday:

> Here is my procedure to get winbind running with (a fairly recent) CVS of
> SAMBA_2_2

[snipped most of step-by-step recipe]

{
  My situation as we step into John's recipe:
   * CVS from this morning, -r SAMBA_2_2, around 0930 GMT+2 SEP-21-2001
   * winbindd started, verified running. smbd & nbmd running
}

>        14. # /usr/local/samba/bin/wbinfo -u
>                (should give a list containing local AND domain users)

Error looking up domain users.

>        15. # /usr/local/samba/bin/wbinfo -g
>                (should give a list containing local AND domain groups)

Error looking up domain groups.

>        16. # getent passwd
>                (should give a list containing local AND domain users)

Gives list of users in files. No domain users, although winbindd is
activated and generates log-entries.

>        17. # getent group
>                (should give a list containing local AND domain users)

Gives list of groups in files. No domain groups, although winbindd is
activated and generates log-entries.

[snip rest of recipe, test description, and config file]

The following are parts of my log file, with most of the low-level details
snipped off (I included some parts where I though it could verify that
there is communication between the PDC and my samba server):

added interface ip=192.168.4.100 bcast=192.168.5.255 nmask=255.255.254.0
establishing connections
server: dc=, pwdb_init=0, lsa_hnd=0
...
getting trusted domain list
adding trusted domain SCHKI
...
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=, got_sid=0, sam_hnd=0 sam_dom_hnd=0
...
[17294]: lookupname lklepp
...
000018 lsa_io_r_lookup_names
    0018 ptr_dom_ref: 0014f2f8
    00001c lsa_io_dom_r_ref
        001c num_ref_doms_1: 00000001
        0020 ptr_ref_dom   : 00091e30
        0024 max_entries   : 00000020
        0028 num_ref_doms_2: 00000001
        00002c smb_io_unihdr dom_ref[0]
            002c uni_str_len: 000a
            002e uni_max_len: 000c
            0030 buffer     : 0014c970
        0034 sid_ptr[0] : 000f8cc0
        000038 smb_io_unistr2 dom_ref[0]
            0038 uni_max_len: 00000006
            003c undoc      : 00000000
            0040 uni_str_len: 00000005
            0044 buffer     : S.C.H.K.I.
        000050 smb_io_dom_sid2 sid_ptr[0]
            0050 num_auths: 00000004
            000054 smb_io_dom_sid sid
                0054 sid_rev_num: 01
                0055 num_auths  : 04
                0056 id_auth[0] : 00
                0057 id_auth[1] : 00
                0058 id_auth[2] : 00
                0059 id_auth[3] : 00
                005a id_auth[4] : 00
                005b id_auth[5] : 05
                005c sub_auths : 00000015 a062b7c4 3bc4ed8d 8d8e962c
    006c num_entries: 00000001
    0070 ptr_entries: 001447c0
    0074 num_entries2: 00000001
    000078 smb_io_dom_rid2
        0078 type   : 01
        007c rid    : 00000453
        0080 rid_idx: 00000000
    0084 mapped_count: 00000001
    0088 status      : 00000000
read failed on sock 11, pid 17294: EOF
accepted socket 11
[17295]: list users
checking domain handles for domain SCHKI
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=, got_sid=0, sam_hnd=0 sam_dom_hnd=0
opening sam handles
Getting domain info for domain SCHKI
looking up sid for domain SCHKI
...
found sid S-1-5-21-2690824132-1002761613-2374932012 for domain SCHKI
...
000018 samr_io_r_connect
    000018 smb_io_pol_hnd connect_pol
        0018 data1: 00000000
        001c data2: 00000000
        0020 data3: 0000
        0022 data4: 0000
        0024 data5: 00 00 00 00 00 00 00 00
    002c status: c0000022
read failed on sock 11, pid 17295: EOF
accepted socket 11
establishing connections
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=TANGO, got_sid=1, sam_hnd=0 sam_dom_hnd=0
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=TANGO, got_sid=1, sam_hnd=0 sam_dom_hnd=0
[17297]: list groups
read failed on sock 11, pid 17297: EOF
accepted socket 11
[17298]: list trusted domains
read failed on sock 11, pid 17298: EOF
accepted socket 11
[17299]: getgroups lklepp
read failed on sock 11, pid 17299: EOF
establishing connections
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=TANGO, got_sid=1, sam_hnd=0 sam_dom_hnd=0
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=TANGO, got_sid=1, sam_hnd=0 sam_dom_hnd=0
Global status for winbindd:
     1 clients currently active
     client list:
          pid 17275, sock 10, rbl 0, wbl 0
Status for winbindd idmap:
     Next userid to allocate is 10000
     Next groupid to allocate is 10000
     User id range is 0% full (0 of 10000)
     Group id range is 0% full (0 of 10000)
accepted socket 11
[17301]: setpwent
[17301]: getpwent
checking domain handles for domain SCHKI
server: dc=TANGO, pwdb_init=1, lsa_hnd=1
SCHKI: dc=TANGO, got_sid=1, sam_hnd=0 sam_dom_hnd=0
opening sam handles
...

and so on. (I can provide the full log-file (60K) if interested)

I run DNS on the same server as samba (BRIDGET), and samba acts
as the WINS server on the network.

All servers are on the same subnet 192.168.4.0/24, although
the target subnets (thus clients) should be 192.168.4.0/23 when
I get it to work.

Have had problems with my network card module, but I find it
a bit too paranoic to think that the problems would only occur
when I try to list the domain users/groups.. ;]

Any hints welcome, including modifying code segments if required.

Best Regards,
/Leif






More information about the samba-technical mailing list