winbindd problem

Orwig, Paul PORWIG at
Thu Apr 11 09:55:02 GMT 2002

My NT admins assure me that they have had the annonymous restriction on for
I wonder if when they are modifying the database, the restriction is
OR, they could be removing the restriction momentarily for something else...

I will get a user/password from the NT admins and try from there. This is
separate from the domain-join secret?

Paul Orwig
Pacific Life

-----Original Message-----
From: Richard Sharpe [mailto:rsharpe at]
Sent: Thursday, April 11, 2002 10:47 AM
To: Orwig, Paul
Cc: 'MCCALL,DON (HP-USA,ex1)'; 'samba-technical at'
Subject: RE: winbindd problem

On Thu, 11 Apr 2002, Orwig, Paul wrote:

> Just so I understand...
> The fact that wbinfo -t replies with "secret is good" says that it is able
> to talk to the domain controller and should be able to request users/group
> listing. Right?

Well, yes, but, as Tim pointed out in response to my erroneous statement, 
the fact that wbinfo -t says that the secret is good means that the trust 
account secrets stored in tdb are OK.

winbindd uses anonymous connections to retrieve its information by 
default, unless you have told it a valid account and password on the 

In the presence of restrict-anonymous, this will not work, and if some of 
your DCs have restrict-anonymous set and some not, you may get 
intermittent failures.

Richard Sharpe, rsharpe at, rsharpe at, 
sharpe at

More information about the samba-technical mailing list