Samba 3.2.0 - Feedbck after 4 days in production evironment
John H Terpstra
jht at samba.org
Wed Jul 23 01:41:45 GMT 2008
Samba 3.2.0 was installed on a large site with an LDAP backend on Saturday
morning. The following are findings and observations to enrourage others to
deploy 3.2.0 in the wild. Samba-3.2.0 sure seems more robust that 3.0.30 was
at the same site.
I will file bug reports if this is necessary - would someone please indicate
this requirement.
The update from 3.0.30 was smooth except for the following log messages -
everything appears to be working nicely.:
Items 1-5 are from the PDC.
======================
1) Starting of winbind produces the following error log in winbindd.log. So
far it seems harmless, but if not, I'd like someone to provide feedback. I
have time to debug this and report back if this is needed.
[2008/07/20 09:45:31, 0]
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
initialize_winbindd_cache: clearing cache and re-creating with version
number 1
[2008/07/20 09:45:33, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-BDC pipe \lsarpc fnum 0x7441!
2) Smbd reports a needless warning message for all accounts that do not have a
password history (many accounts are new and do not have one!) - this is
flooding the log files at loglevel 1. Should we up the value of the loglevel
at which this warning is published?:
[2008/07/22 16:46:46, 0] passdb/pdb_ldap.c:init_sam_from_ldap(950)
init_sam_from_ldap: Failed to get password history for user rdumbell
3) Winbind on startup is logging the following to log.wb-DOMAIN. Is this
something to be concerned about or is this a hardmless warning? If harmless,
why report it?:
[2008/07/20 09:45:33, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-BDC pipe \lsarpc fnum 0x7442!
4) Winbind is reporting on startup the following error message in
log.wb-BUILTIN. Is this significant? If not, why report it?:
[2008/07/20 09:50:31, 0]
winbindd/winbindd_dual.c:async_request_timeout_handler(183)
async_request_timeout_handler: child pid 32728 is not responding. Closing
connection to it.
[2008/07/20 09:50:31, 1] winbindd/winbindd_util.c:trustdom_recv(260)
Could not receive trustdoms
5) Winbind is logging the following on startup to log.winbind-idmap. Is this
significant? If not, why report it?:
[2008/07/20 09:45:31, 1] winbindd/idmap.c:idmap_init(388)
Initializing idmap domains
[2008/07/20 09:50:31, 0]
winbindd/winbindd_dual.c:async_request_timeout_handler(183)
async_request_timeout_handler: child pid 32728 is not responding. Closing
connection to it.
[2008/07/20 09:50:31, 1] winbindd/winbindd_util.c:trustdom_recv(260)
Could not receive trustdoms
Items 6-9 are from the BDC:
======================
6) From winbindd.log:
[2008/07/19 22:31:22, 0]
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
initialize_winbindd_cache: clearing cache and re-creating with version
number 1
[2008/07/19 22:31:25, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x70b7!
[2008/07/19 22:34:43, 0]
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
initialize_winbindd_cache: clearing cache and re-creating with version
number 1
[2008/07/19 22:34:43, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x77a0!
[2008/07/21 00:10:36, 0]
winbindd/winbindd_cache.c:initialize_winbindd_cache(2351)
initialize_winbindd_cache: clearing cache and re-creating with version
number 1
[2008/07/21 00:10:38, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x72eb!
7) From a winXP client log (winxp2.log) - this is happening sporadically for
many clients. I have not been able to observe a particular pattern, but over
400 clients have collected about 200MB of logs with this sequence repeated up
to 50 or so times. Some client logs do not have this, a few have it repeated
over and over - one new client has about 75MB of this in its logs.
[2008/07/22 09:33:53, 1] libsmb/cliconnect.c:cli_start_connection(1651)
session request to WINXP2 failed (Called name not present)
[2008/07/22 09:33:53, 1] libsmb/cliconnect.c:cli_start_connection(1651)
session request to *SMBSERVER failed (Called name not present)
8) From log.wb-DOMAIN:
[2008/07/19 22:31:25, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x70b8!
[2008/07/19 22:34:43, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x7799!
[2008/07/21 00:10:38, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(624)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine CH-PDC pipe \lsarpc fnum 0x72ee!
9) The "net rpc join" operation succeeds but logs the following on the PDC
(log level 1). The domain join was done on the BDC:
[2008/07/22 21:35:37, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2
(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting
auth request from client CH-BDC machine account CH-BDC$
[2008/07/22 21:35:37, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2
(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting
auth request from client CH-BDC machine account CH-BDC$
The LDAP logs show that the trust account password was infact changed. I have
a debug level 10 log if this is of interest.
Cheers,
John T.
More information about the samba-technical
mailing list