Samba 3.2.0 - Feedbck after 4 days in production evironment

John H Terpstra jht at samba.org
Wed Jul 23 01:41:45 GMT 2008


Samba 3.2.0 was installed on a large site with an LDAP backend on Saturday 
morning.  The following are findings and observations to enrourage others to 
deploy 3.2.0 in the wild.  Samba-3.2.0 sure seems more robust that 3.0.30 was 
at the same site.

I will file bug reports if this is necessary - would someone please indicate 
this requirement.

The update from 3.0.30 was smooth except for the following log messages - 
everything appears to be working nicely.:


Items 1-5 are from the PDC.
======================

1) Starting of winbind produces the following error log in winbindd.log.  So 
far it seems harmless, but if not, I'd like someone to provide feedback.  I 
have time to debug this and report back if this is needed.

[2008/07/20 09:45:31,  0] 
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
  initialize_winbindd_cache: clearing cache and re-creating with version 
number 1
[2008/07/20 09:45:33,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-BDC pipe \lsarpc fnum 0x7441!


2) Smbd reports a needless warning message for all accounts that do not have a 
password history (many accounts are new and do not have one!) - this is 
flooding the log files at loglevel 1.  Should we up the value of the loglevel 
at which this warning is published?:

[2008/07/22 16:46:46,  0] passdb/pdb_ldap.c:init_sam_from_ldap(950)
  init_sam_from_ldap: Failed to get password history for user rdumbell


3) Winbind on startup is logging the following to log.wb-DOMAIN.  Is this 
something to be concerned about or is this a hardmless warning? If harmless, 
why report it?:

[2008/07/20 09:45:33,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-BDC pipe \lsarpc fnum 0x7442!


4) Winbind is reporting on startup the following error message in 
log.wb-BUILTIN.  Is this significant? If not, why report it?:

[2008/07/20 09:50:31,  0] 
winbindd/winbindd_dual.c:async_request_timeout_handler(183)
  async_request_timeout_handler: child pid 32728 is not responding. Closing 
connection to it.
[2008/07/20 09:50:31,  1] winbindd/winbindd_util.c:trustdom_recv(260)
  Could not receive trustdoms


5) Winbind is logging the following on startup to log.winbind-idmap.  Is this 
significant? If not, why report it?:

[2008/07/20 09:45:31,  1] winbindd/idmap.c:idmap_init(388)
  Initializing idmap domains
[2008/07/20 09:50:31,  0] 
winbindd/winbindd_dual.c:async_request_timeout_handler(183)
  async_request_timeout_handler: child pid 32728 is not responding. Closing 
connection to it.
[2008/07/20 09:50:31,  1] winbindd/winbindd_util.c:trustdom_recv(260)
  Could not receive trustdoms


Items 6-9 are from the BDC:
======================

6) From winbindd.log:

[2008/07/19 22:31:22,  0] 
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
  initialize_winbindd_cache: clearing cache and re-creating with version 
number 1
[2008/07/19 22:31:25,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x70b7!
[2008/07/19 22:34:43,  0] 
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
  initialize_winbindd_cache: clearing cache and re-creating with version 
number 1
[2008/07/19 22:34:43,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x77a0!
[2008/07/21 00:10:36,  0] 
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
  initialize_winbindd_cache: clearing cache and re-creating with version 
number 1
[2008/07/21 00:10:38,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x72eb!


7) From a winXP client log (winxp2.log) - this is happening sporadically for 
many clients.  I have not been able to observe a particular pattern, but over 
400 clients have collected about 200MB of logs with this sequence repeated up 
to 50 or so times.  Some client logs do not have this, a few have it repeated 
over and over - one new client has about 75MB of this in its logs. 

[2008/07/22 09:33:53,  1] libsmb/cliconnect.c:cli_start_connection(1651)
  session request to WINXP2 failed (Called name not present)
[2008/07/22 09:33:53,  1] libsmb/cliconnect.c:cli_start_connection(1651)
  session request to *SMBSERVER failed (Called name not present)


8) From log.wb-DOMAIN:

[2008/07/19 22:31:25,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x70b8!
[2008/07/19 22:34:43,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x7799!
[2008/07/21 00:10:38,  1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine CH-PDC pipe \lsarpc fnum 0x72ee!


9) The "net rpc join" operation succeeds but logs the following on the PDC 
(log level 1). The domain join was done on the BDC:

[2008/07/22 21:35:37,  0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2
(520)
  _netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting 
auth request from client CH-BDC machine account CH-BDC$
[2008/07/22 21:35:37,  0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2
(520)
  _netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting 
auth request from client CH-BDC machine account CH-BDC$

The LDAP logs show that the trust account password was infact changed.  I have 
a debug level 10 log if this is of interest.


Cheers,
John T.


More information about the samba-technical mailing list