Trusted domain keys in cache
mike at jurney.org
mike at jurney.org
Tue Mar 30 21:57:39 GMT 2004
On Tue, 30 Mar 2004, Rafal Szczesniak wrote:
> On Tue, Mar 30, 2004 at 12:12:21PM -0500, mike at jurney.org wrote:
> >
> > I'm still working on the problem mentioned here:
> >
> > http://lists.samba.org/archive/samba/2004-March/083416.html
> >
> > To provide a little more detail, I'm running a configuration where the PDC
> > and the WINS server are two different servers.
>
> Is one of them a Windows server ?
No, they are both Samba 3.0.2a-1.
> > I seem to have found the
> > answer as to why the PDC for DOM1 is looking for users in DOM2 locally:
> >
> > [2004/03/30 11:09:06, 5] rpc_server/srv_lsa_nt.c:init_lsa_trans_names(251)
> > init_lsa_trans_names: looking up sid S-1-5-21-1471593143-2095198635-341338803-500
> > [2004/03/30 11:09:06, 10] passdb/lookup_sid.c:lookup_sid(107)
> > lookup_sid: winbind lookup for SID S-1-5-21-1471593143-2095198635-341338803-500 failed - trying local.
> >
> > I've noticed that the WINS server for DOM1 contains the following cache
> > entry:
> >
> > Key: TDOM/DOM2 Timeout: 12:15:50 Value: S-1-5-21-1471593143-2095198635-341338803
> >
> > but the PDC does not. In fact, it's gencache contains no keys under TDOM/
> > at all. Is this why the SID lookup is failing? Should the PDC gencache
> > contain TDOM entries for trusted domains, or should the WINS server?
>
> These gencache entries are for PDC.
Do you have any idea why they're being created on the WINS server instead
of on the PDC? Everything else is working correctly - Logins work, and I
can cross-browse fileshares between domains without problems.
--
Michael D. Jurney
mike at jurney.org
More information about the samba-technical
mailing list