winbindd problem

Richard Sharpe rsharpe at ns.aus.com
Tue Apr 9 17:09:11 GMT 2002 

On Tue, 9 Apr 2002, Orwig, Paul wrote:

> I am not certain of the annonymous queries.

        username = secrets_fetch(SECRETS_AUTH_USER, NULL);
        password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);

        if (username && *username) {
                pwd_set_cleartext(&creds->pwd, password);
                pwd_make_lm_nt_16(&creds->pwd, password);

                fstrcpy(creds->user_name, username);
                fstrcpy(creds->domain, lp_workgroup());

                DEBUG(3, ("IPC$ connections done %s\\%s\n", creds->domain,
                          creds->user_name));
        } else 
                DEBUG(3, ("IPC$ connections done anonymously\n"));

The above is the code that is relevant to your message.

> I see an entry in the log.winbindd that states:

The secrets database would appear to have crap! Try rejoining the domain 
and seeing if that works.

> [2002/04/05 17:59:35, 3] nsswitch/winbindd_cm.c:cm_init_creds(211)
>   IPC$ connections done anonymously
> 
> followed by a message:
> 
> [2002/04/05 17:59:35, 3] lib/util_sock.c:open_socket_out(830)
>   Connecting to 10.141.1.170 at port 445
> [2002/04/05 17:59:35, 2] lib/util_sock.c:open_socket_out(858)
>   error connecting to 10.141.1.170:445 (Invalid argument)

This is a non-problem. It simply means that the underlying library tried 
to connect to the domain controller via port 445 (non NetBIOS over TCP/IP 
type connections), and failed because the DC was not listening on that 
port.

> I noticed this last one each time winbindd fails.
> 
> I can send debug level 3 and debug level 5 logs of the startup.

They might be needed, or even a level 10. A network trace taken via 
tcpdump might also be needed ...
 
> If this makes any difference, I have switched winbindd on and off a few
> times via the nsswitch.conf entries.
> It is currently off until we can get winbindd running reliably.

Hmmm, I have not had these problems, and I chop and change winbindd 
against domain controllers (one, and NT4 PDC, the other a Samba 2.2.3pre 
PDC), and I run it all the time in a variety of member servers.

Regards
-----
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org, 
sharpe at ethereal.com

More information about the samba-technical mailing list