inconsistent drive mappings + many other errors
Grimes, David
david.grimes at belointeractive.com
Thu Jul 15 16:34:17 GMT 2004
I have searched the web and mailing lists for a couple weeks on this one and
have come up empty handed on this one, I appreciate and thoughts or
insights. Or ideas. Or suggestions. Or comments. Empathy is welcome....
We have recently migrated to an 2003 AD and I have been tasked with
upgrading the samba servers to 3.0. I've received new hardware (Dell 2650)
and slapped ES 3.0 with all the latest updates. As it stands we have problem
with 2000 machines being unable to access shares (authentication fails)
using the UNC. They can however open the share and authenticate successfully
by IP. If I tail the log on the samba server I get these errors....
[2004/07/15 10:21:52, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!
Users on XP don't exhibit this problem. However, we all have an intermittent
problem getting a drive mapped on log in. Sometimes it just doesn't show up.
If we log out and back in then the drive gets mapped. Tailing the logs
shows this error in /var/log/messages..
Jul 15 11:16:17 bifs2 pam_winbind[19990]: user 'ADDOMAIN+aduser' granted
acces
Jul 15 11:16:17 bifs2 pam_winbind[19990]: pam_parse: unknown option;
service=system-auth
Jul 15 11:16:52 bifs2 smbd[19991]: [2004/07/15 11:16:52, 0]
lib/util_sock.c:get_peer_addr(952)
Jul 15 11:16:52 bifs2 smbd[19991]: getpeername failed. Error was Transport
endpoint is not connected
Jul 15 11:16:52 bifs2 smbd[19991]: [2004/07/15 11:16:52, 0]
lib/util_sock.c:write_socket_data(388)
Jul 15 11:16:52 bifs2 smbd[19991]: write_socket_data: write failure. Error
= Connection reset by peer
Jul 15 11:16:52 bifs2 smbd[19991]: [2004/07/15 11:16:52, 0]
lib/util_sock.c:write_socket(413)
Jul 15 11:16:52 bifs2 smbd[19991]: write_socket: Error writing 4 bytes to
socket 16: ERRNO = Connection reset by peer
Jul 15 11:16:52 bifs2 smbd[19991]: [2004/07/15 11:16:52, 0]
lib/util_sock.c:send_smb(605)
Jul 15 11:16:52 bifs2 smbd[19991]: Error writing 4 bytes to client. -1.
(Connection reset by peer)
Jul 15 11:16:53 bifs2 pam_winbind[19990]: pam_parse: unknown option;
service=system-auth
These two problems have effective stalled our AD migration and the Samba
upgrade. Any help would be GREATLY appreciated!
Also if someone could explain these errors from log.smbd
[2004/07/15 10:08:17, 0] lib/util_sock.c:get_peer_addr(952)
getpeername failed. Error was Transport endpoint is not connected
[2004/07/15 10:23:34, 0] lib/util_sock.c:get_peer_addr(952)
getpeername failed. Error was Transport endpoint is not connected
[2004/07/15 10:28:55, 0] lib/util_sock.c:get_peer_addr(952)
getpeername failed. Error was Transport endpoint is not connected
And this error from messages
Jul 15 09:33:30 bifs2 pam_winbind[19337]: pam_parse: unknown option;
service=system-auth
Jul 15 09:36:17 bifs2 pam_winbind[19337]: pam_parse: unknown option;
service=system-auth
Environment:
2650 dual xeon 4gig mem 500gig disk
2.4.21-15.0.3.ELsmp #1 SMP Tue Jun 29 18:04:47 EDT 2004 i686 i686 i386
GNU/Linux
RH ES 3.0 with latest RHN updates
AD 2003
Clients are a mix of XP and 2000 machines which have the latest updates from
MS
Let me know of any other details that could assist....
/etc/samba/smb.conf
[global]
netbios name = bifs2
browseable = yes
workgroup = ADDOMAIN
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
winbind enum groups = yes
preferred master = no
password server = *
winbind separator = +
max log size = 50
log file = /var/log/samba3/log.%m
encrypt passwords = yes
dns proxy = no
realm = AD.COM
security = ADS
winbind enable local accounts = yes
client signing = auto
client use spnego = yes
template homedir = /home/%U
template shell = /sbin/nologin
use spnego = yes
obey pam restrictions = yes
winbind use default domain = yes
wins server = x.x.x.x
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = "@ADDOMAIN+Domain Users"
create mode = 0664
directory mode = 0775
More information about the samba-technical
mailing list