[Samba] winbindd probs w/ Samba 3.0 & ADS

Matt McParland matt at engsoc.org
Wed Dec 10 16:56:54 GMT 2003 

Hello,

I'm using samba 3.0.0.

Win2k clients on my network can access their fileshares without entering 
their username/password as long as their username and password exist in 
smbpasswd on the Samba server.  Now I'm trying to have that information 
grabbed from ADS so that their passwords are kept synchronized but am 
having problems with winbindd.

winbindd is running but I get nothing from 'wbinfo -u' and 'getent passwd' 
just returns what's in /etc/passwd. 'wbinfo -u' generates a bunch of SMB, 
DCERPC, LDAP and RPC_NETLOGON traffic if I do a tcpdump, but I'm not sure 
what a successful sequence would look like.

[root at dev pam.d]# wbinfo -p
Ping to winbindd succeeded on fd 4
[root at dev pam.d]# wbinfo -u
Error looking up domain users


Results of a 'kinit' on same machine (not sure if relevant):

[mcparlandm at dev samba]$ kinit
Password for mcparlandm at AGR.GC.CA: 
[mcparlandm at dev samba]$ ls -l /tmp/k*
-rw-------    1 mcparlandm mcparlandm     1296 Dec 10 11:28 /tmp/krb5cc_531


Selected contents of nsswitch.conf:

passwd:     files winbind
shadow:     files
group:      files winbind


Contents of smb.conf:

[global]
        workgroup = DEV
        realm = DEV.CA
        server string = Dev File Server
        security = ADS
        password server = onncrx1
        log level = 10
        log file = /var/log/samba/%m.log
        max log size = 0
        preferred master = No
        local master = No
        domain master = No
        enhanced browsing = No
        dns proxy = No
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind use default domain = Yes


>From winbindd.log:

[2003/12/10 11:38:43, 6] nsswitch/winbindd.c:new_connection(340)
  accepted socket 16
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 1568 bytes. Need 0 more for a full request.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:process_request(305)
  process_request: request fn INTERFACE_VERSION
[2003/12/10 11:38:43, 3] 
nsswitch/winbindd_misc.c:winbindd_interface_version(231)
  [24138]: request interface version
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(502)
  client_write: wrote 1300 bytes.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 1568 bytes. Need 0 more for a full request.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:process_request(305)
  process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2003/12/10 11:38:43, 3] 
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(267)
  [24138]: request location of privileged pipe
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(502)
  client_write: wrote 1300 bytes.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(547)
  client_write: need to write 37 extra data bytes.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(502)
  client_write: wrote 37 bytes.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(536)
  client_write: client_write: complete response written.
[2003/12/10 11:38:43, 6] nsswitch/winbindd.c:new_connection(340)
  accepted socket 20
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 0 bytes. Need 1568 more for a full request.
[2003/12/10 11:38:43, 5] nsswitch/winbindd.c:winbind_client_read(462)
  read failed on sock 16, pid 24138: EOF
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 1568 bytes. Need 0 more for a full request.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:process_request(305)
  process_request: request fn LIST_USERS
[2003/12/10 11:38:43, 3] nsswitch/winbindd_user.c:winbindd_list_users(585)
  [24138]: list users
[2003/12/10 11:38:43, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(342)
  refresh_sequence_number: DEV time ok
[2003/12/10 11:38:43, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(367)
  refresh_sequence_number: DEV seq number is now -1
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:client_write(502)
  client_write: wrote 1300 bytes.
[2003/12/10 11:38:43, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 0 bytes. Need 1568 more for a full request.
[2003/12/10 11:38:43, 5] nsswitch/winbindd.c:winbind_client_read(462)
  read failed on sock 20, pid 24138: EOF


-- 
Matt McParland

More information about the samba mailing list