[Samba] Dark Secret of Winbind

Juri Ahokas juri.ahokas at ktl.fi
Wed Mar 13 23:37:05 GMT 2002 

-----Original Message-----
From: Blanchard, Michael [mailto:MBlanchard at grandaire.com]
Sent: 13. maaliskuuta 2002 15:42
To: Juri Ahokas
Cc: samba at lists.samba.org
Subject: RE: [Samba] Dark Secret of Winbind


Answer to Question 1.

I had this same kind of problem.  Try running winbindd -i -d5 (that should
be interactive, debug level 5) and then switch to a different console and
try the wbinfo things again, capture the data that winbind puts out and post
it here, it sounds like a WINS problem to me.

****************************************************************************
***********

Hello Michael,
first of all, thank you for such a fast response. It certainly does look
like WINS problem. I´m only wandering why it does "ping PATRIX" go well but
these other things say that it cannot reach DC. I´m really puzzled about
this one...

Anyway, here is the out put that i got from running several different
commands under winbindd -i -d5. The commands that caused the following
output are: wbinfo -t , wbinfo -u, wbinfo -m and last few lines came when I
tried browsing from my w2k dc.


[ 4511]: check machine account
resolve_lmhosts: Attempting lmhosts lookup for name PATRIX<0x20>
getlmhostsent: lmhost entry: 127.0.0.1 localhost
getlmhostsent: lmhost entry: 192.168.0.1 PATRIX
bind succeeded on port 0
Sending a packet of len 50 to (192.168.0.1) on port 137
Sending a packet of len 50 to (192.168.0.1) on port 137
Error looking up DC name for 192.168.0.1 in domain JURI
Could not open a connection to JURI
could not open handle to NETLOGON pipe
[ 4513]: getgroups root
read failed on sock 11, pid 4511: EOF
read failed on sock 12, pid 4513: EOF
[ 4514]: list users
getting trusted domain list
Could not connect to a dc for domain JURI
read failed on sock 11, pid 4514: EOF
[ 4515]: wins_byname PATRIX
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 1
socket option SO_BROADCAST = 1
Could not test socket option TCP_NODELAY.
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 65535
socket option SO_RCVBUF = 65535
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
Sending a packet of len 50 to (192.168.0.255) on port 137
Sending a packet of len 50 to (192.168.0.255) on port 137
Sending a packet of len 50 to (192.168.0.255) on port 137
read failed on sock 11, pid 4515: EOF
[ 4516]: getpwnam JURI.sheriffi
getting trusted domain list
resolve_lmhosts: Attempting lmhosts lookup for name PATRIX<0x20>
getlmhostsent: lmhost entry: 127.0.0.1 localhost
getlmhostsent: lmhost entry: 192.168.0.1 PATRIX
bind succeeded on port 0
Sending a packet of len 50 to (192.168.0.1) on port 137
Sending a packet of len 50 to (192.168.0.1) on port 137
Error looking up DC name for 192.168.0.1 in domain JURI
Could not connect to a dc for domain JURI
No such domain: JURI
[ 4516]: getpwnam sheriffi
[ 4516]: getpwnam SHERIFFI
[ 4516]: getpwnam sheriffi
[ 4516]: getpwnam SHERIFFI
[ 4516]: getpwnam sheriffi
[ 4516]: getpwnam SHERIFFI
[ 4516]: getpwnam sheriffi
[ 4516]: getpwnam SHERIFFI
[ 4516]: getgroups nobody
[ 4516]: lookupsid S-1-5-21-839522115-789336058-2145734979-520
getting trusted domain list
Could not connect to a dc for domain JURI
Could not connect to a dc for domain JURI
[ 4516]: lookupsid S-1-5-21-839522115-789336058-2145734979-512
getting trusted domain list
Could not connect to a dc for domain JURI
Could not connect to a dc for domain JURI
[ 4516]: lookupsid S-1-5-21-839522115-789336058-2145734979-513
getting trusted domain list
Could not connect to a dc for domain JURI
Could not connect to a dc for domain JURI
[ 4516]: lookupsid S-1-5-21-839522115-789336058-2145734979-518
getting trusted domain list
Could not connect to a dc for domain JURI
Could not connect to a dc for domain JURI
[ 4516]: lookupsid S-1-5-21-839522115-789336058-2145734979-519
getting trusted domain list
Could not connect to a dc for domain JURI
Could not connect to a dc for domain JURI
[ 4516]: getgroups nobody
[ 4516]: getpwnam .nobody
getting trusted domain list
Could not connect to a dc for domain JURI
No such domain:
[ 4516]: getgroups nobody
[ 4516]: getgroups nobody
[ 4516]: getgroups nobody
[ 4516]: getpwnam .nobody
getting trusted domain list
resolve_lmhosts: Attempting lmhosts lookup for name PATRIX<0x20>
getlmhostsent: lmhost entry: 127.0.0.1 localhost
getlmhostsent: lmhost entry: 192.168.0.1 PATRIX
bind succeeded on port 0
Sending a packet of len 50 to (192.168.0.1) on port 137
Sending a packet of len 50 to (192.168.0.1) on port 137
Error looking up DC name for 192.168.0.1 in domain JURI
Could not connect to a dc for domain JURI
No such domain:
[ 4516]: getgroups nobody
[ 4516]: getgroups nobody
[ 4516]: getgroups nobody
[ 4519]: getgroups root
[ 4520]: getgroups root
read failed on sock 14, pid 4520: EOF
read failed on sock 13, pid 4519: EOF

****************************************************************************
***********


First of all hello to everybody on this list.

Question 1:

I´m having a little (?) problem with winbind. To be short here is the
situation: Runnign w2k AD on native mode. Linux box is Red Hat 7.2 with 2.4
kernel. Authentication from my W2K Active Directory server fails. I get
following outputs with commands-->

wbinfo -t -->
secret is bad
0x000001

wbinfo -u -->
Error looking up domain users

wbinfo -i 192.168.0.1 -->
192.168.0.1 PATRIX 	<-- This is my w2k server

wbinfo -h -->
could not lookup WINS by hostname

ping goes well with IP and name --> So ping PATRIX does work very well

Every test on DIAGNOSIS.txt turns out ok.

Joining domain also goes ok.

Actual logging with smbclient gives "NT_STATUS_LOGON_FAILURE" - message
followed by "Session request to PATRIX failed (Called name not present)"

Anyway, I can´t figure out what is the source of this problem. I have made
right (?) adjustments to the lmhosts and hosts file. I have tried various
different versions but same problem still persists.

So where is the problem? WINS? Firewall settings? smb.conf? Help me out
please.

Question 2:

Since I have tried various version of samba (including the one that came
with RH), I have started to wonder if all these problems above might be
occuring because of numerous different samba installations. So what is the
best way to remove samba and winbind from system ? Including not so obvious
files that are spreaded throughout the system.

As an epilogue I must really express my deepest respect to the Samba Team
and whole community about sucha groundbreaking work.

With best wishes,

    Juri Ahokas
Linux Certified Newbie



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list