winbindd problem
Orwig, Paul
PORWIG at PacificLife.com
Thu Apr 11 09:55:02 GMT 2002
Hmmm...
My NT admins assure me that they have had the annonymous restriction on for
months.
I wonder if when they are modifying the database, the restriction is
nullified...
OR, they could be removing the restriction momentarily for something else...
I will get a user/password from the NT admins and try from there. This is
separate from the domain-join secret?
Paul Orwig
Pacific Life
-----Original Message-----
From: Richard Sharpe [mailto:rsharpe at ns.aus.com]
Sent: Thursday, April 11, 2002 10:47 AM
To: Orwig, Paul
Cc: 'MCCALL,DON (HP-USA,ex1)'; 'samba-technical at lists.samba.org'
Subject: RE: winbindd problem
On Thu, 11 Apr 2002, Orwig, Paul wrote:
> Just so I understand...
> The fact that wbinfo -t replies with "secret is good" says that it is able
> to talk to the domain controller and should be able to request users/group
> listing. Right?
Well, yes, but, as Tim pointed out in response to my erroneous statement,
the fact that wbinfo -t says that the secret is good means that the trust
account secrets stored in tdb are OK.
winbindd uses anonymous connections to retrieve its information by
default, unless you have told it a valid account and password on the
DC[s].
In the presence of restrict-anonymous, this will not work, and if some of
your DCs have restrict-anonymous set and some not, you may get
intermittent failures.
Regards
-----
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org,
sharpe at ethereal.com
More information about the samba-technical
mailing list