Patch for whatsnew

Sassy Natan sassyn at gmail.com
Wed Apr 7 06:10:02 MDT 2010 

Hi Matthieu

Sorry for the late response, but it is better then never :-)

Thanks for the comments.
I think that by using the
bind-dyndb-ldap<http://github.com/mnagy/bind-dyndb-ldap>tridge can
easy implement samba4 as the backend of bind.
At the moment, it seems that Andrew prefer to have bind9 as a stand alone
machine, since the provision script make the bind conf file, and I saw that
they started using the  python-dns implementation http://www.dnspython.org/


Regarding my problem -  I have removed nscd, and still no good.

I have attach the file from the tcpdump in pcap format.

There are two dump file - one for the dc, and one for the remote samba3 host
trying to connect to samba4 - when shipping the command "getent passwd"

Thanks for the support

Sassy



On Tue, Mar 30, 2010 at 9:50 AM, Matthieu Patou <
mat+Informatique.Samba at matws.net <mat%2BInformatique.Samba at matws.net>>wrote:

> On 29/03/2010 23:40, Sassy Natan wrote:
>
>> Hi Matthieu
>>
>> Nice work with the winbind.
>> I was wonder if u can give me some help with this issue
>> http://archives.free.net.ph/message/20100127.124344.7361f914.en.html
>>
>>
>>
> Well in this mail you said that you are using nscd, I know that it is not
> recommended to use winbind and nscd try first without this daemon.
>
>  It seems that winbind still have trouble with samba3 over samba4.
>>
>> I talked to *Andrew* Bartlett about this issue but he didn't figure out
>> what
>> is the problem his.
>>
>> The feedback he gave me was to create a tcpdump in a pacp format.
>> I did it, but I don't know what to do with it.
>>
>>
>>
> Send it to us :-)
> Well I guess now is a bit outdated, you should recreate one and also do a
> net export keytab mykeytab.krb on your s4 dc and send us also the keytab so
> that we can decrypt stuff.
> Be careful to send us only tests domain as keytab will contains md4 hash of
> your password (so depending on the strength of them it can be pretty easy to
> guess them and it's also very easy to reuse the md4 to pretend to be you
> ...) and the trace can contain sensitive data.
>
>> I test today the latest git version, and still the problem exists.
>> I also test it with a new opensolaris server, using the own built in cifs
>> server, which is very, very cool, but again there seems to be some issue
>> with the ldap on the samba4 server. the opensolairs trying to resolve the
>> users in the tree, but from some reason the samba4 block it.
>>
>> Thank You for the help
>> Sassy
>>
>> On Mon, Mar 29, 2010 at 10:19 PM, Matthieu Patou<
>> mat+Informatique.Samba at matws.net <mat%2BInformatique.Samba at matws.net><
>> mat%2BInformatique.Samba at matws.net <mat%252BInformatique.Samba at matws.net>
>> >>wrote:
>>
>>
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pcap.tar.bz2
Type: application/x-bzip2
Size: 7457 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100407/dfe6e40b/attachment.bin>

More information about the samba-technical mailing list