[Samba] Winbind problems

Thomas, Daniel J. Daniel.Thomas at jhuapl.edu
Wed Feb 13 08:22:21 GMT 2002

You might want to try not using the -U option when joining the domain.
Instead, create the machine account on the NT server first, allow time for
the account to propagate, then join.  What should happen is the machine
account password that NT uses should be copied to the /private directory and
smbpasswd should randomly generate a MACHINE.SID and send that back to the
domain controller to store in it's machine database.  I'm not convinced that
-U works outside of linux.

-----Original Message-----
From: Jan van Rensburg [mailto:jan.van.rensburg at epiuse.com]
Sent: Wednesday, February 13, 2002 5:37 AM
To: samba at lists.samba.org
Subject: [Samba] Winbind problems

I'd appreciate any help getting winbind to work on Solaris 8 (Sparc). 
I've followed the HOWTOs and other documents on the web but can't seem 
to get even the basic functionality going.

Some platform info:
$ uname -a
SunOS epiuse-sun 5.8 Generic_108528-12 sun4u sparc SUNW,UltraAX-i2
$ smbd -V
Version 2.2.3a

On the NT side it is win2k with an ADS tree.

My samba config:

$ more /opt/samba/lib/smb.conf
    workgroup = domain
    netbios name = solaris
    load printers = no
    log file = /opt/samba/var/log.%m
    max log size = 50
    security = domain
    password server = nt
    encrypt passwords = yes
    domain logons = no
    interfaces =
    local master = no
    domain master = no
    name resolve order = lmhosts wins bcast host
    wins server =
    winbind separator = +
    winbind cache time = 10
    template shell = /bin/false
    template homedir = /home/%D/%U
    winbind uid = 10000-20000
    winbind gid = 10000-20000

now what i did:
$ /etc/init.d/samba stop
Stopping Samba
$  rm /opt/samba/private/*
$ smbpasswd -D 4 -j domain -r nt -U w2kadmin
added interface ip= bcast= nmask=
resolve_lmhosts: Attempting lmhosts lookup for name nt<0x20>
startlmhosts: Can't open lmhosts file /opt/samba/lib/lmhosts. Error was 
No such file or directory
resolve_wins: Attempting wins lookup for name nt<0x20>
resolve_wins: WINS server == <>
bind succeeded on port 0
nmb packet from header: id=6870 opcode=Query(0) 
     header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
     header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
     answers: nmb_name=NT<20> rr_type=32 rr_class=1 ttl=5783
     answers   0 char ......   hex 00000A050303
Got a positive name query response from ( )
Connecting to at port 445
session setup ok
Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
Joined domain DOMAIN.
$ /etc/init.d/samba start
Starting Samba
$ wbinfo -t
Secret is bad
$ wbinfo -u
Error looking up domain users

I've changed the domain name and the names of the 2 servers above to 
make it easier to follow (the problem does not seem to be with name 
resolution). I get these results even when I delete the Solaris machine 
from the ADS tree, or if I add it to the ADS tree manually with the 
backwards compatibility check.

I'm running my winbindd logs at debug level 1, and I have messages like 
[2002/02/11 07:17:59, 1] nsswitch/winbindd_util.c:get_domain_info(137)
   getting trusted domain list
[2002/02/11 07:17:59, 1] 
   failed tcon_X
[2002/02/11 07:18:08, 1] nsswitch/winbindd_util.c:get_domain_info(137)
   getting trusted domain list

Any ideas?

Thank you,
Jan van rensburg

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list