[Samba] Winbind problems
Thomas, Daniel J.
Daniel.Thomas at jhuapl.edu
Wed Feb 13 08:22:21 GMT 2002
You might want to try not using the -U option when joining the domain.
Instead, create the machine account on the NT server first, allow time for
the account to propagate, then join. What should happen is the machine
account password that NT uses should be copied to the /private directory and
smbpasswd should randomly generate a MACHINE.SID and send that back to the
domain controller to store in it's machine database. I'm not convinced that
-U works outside of linux.
-Dan
-----Original Message-----
From: Jan van Rensburg [mailto:jan.van.rensburg at epiuse.com]
Sent: Wednesday, February 13, 2002 5:37 AM
To: samba at lists.samba.org
Subject: [Samba] Winbind problems
Hi,
I'd appreciate any help getting winbind to work on Solaris 8 (Sparc).
I've followed the HOWTOs and other documents on the web but can't seem
to get even the basic functionality going.
Some platform info:
$ uname -a
SunOS epiuse-sun 5.8 Generic_108528-12 sun4u sparc SUNW,UltraAX-i2
$ smbd -V
Version 2.2.3a
On the NT side it is win2k with an ADS tree.
My samba config:
$ more /opt/samba/lib/smb.conf
[global]
workgroup = domain
netbios name = solaris
load printers = no
log file = /opt/samba/var/log.%m
max log size = 50
security = domain
password server = nt
encrypt passwords = yes
domain logons = no
interfaces = 10.5.3.6
local master = no
domain master = no
name resolve order = lmhosts wins bcast host
wins server = 10.5.1.1
winbind separator = +
winbind cache time = 10
template shell = /bin/false
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
now what i did:
$ /etc/init.d/samba stop
Stopping Samba
$ rm /opt/samba/private/*
$ smbpasswd -D 4 -j domain -r nt -U w2kadmin
added interface ip=10.5.3.6 bcast=10.5.3.255 nmask=255.255.255.0
Password:
resolve_lmhosts: Attempting lmhosts lookup for name nt<0x20>
startlmhosts: Can't open lmhosts file /opt/samba/lib/lmhosts. Error was
No such file or directory
resolve_wins: Attempting wins lookup for name nt<0x20>
resolve_wins: WINS server == <10.5.1.1>
bind succeeded on port 0
nmb packet from 10.5.1.1(137) header: id=6870 opcode=Query(0)
response=Yes
header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT<20> rr_type=32 rr_class=1 ttl=5783
answers 0 char ...... hex 00000A050303
Got a positive name query response from 10.5.1.1 ( 10.5.3.3 )
Connecting to 10.5.3.3 at port 445
session setup ok
Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
Joined domain DOMAIN.
$ /etc/init.d/samba start
Starting Samba
$ wbinfo -t
Secret is bad
0xc0000001
$ wbinfo -u
Error looking up domain users
I've changed the domain name and the names of the 2 servers above to
make it easier to follow (the problem does not seem to be with name
resolution). I get these results even when I delete the Solaris machine
from the ADS tree, or if I add it to the ADS tree manually with the
backwards compatibility check.
I'm running my winbindd logs at debug level 1, and I have messages like
these:
[2002/02/11 07:17:59, 1] nsswitch/winbindd_util.c:get_domain_info(137)
getting trusted domain list
[2002/02/11 07:17:59, 1]
libsmb/cliconnect.c:cli_establish_connection(867)
failed tcon_X
[2002/02/11 07:18:08, 1] nsswitch/winbindd_util.c:get_domain_info(137)
getting trusted domain list
Any ideas?
Thank you,
Jan van rensburg
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list