[Samba] Samba 3.0 ACL, Windows Credentials

Jason Gauthier jgauthier at lastar.com
Mon Dec 15 15:30:13 GMT 2003


This is probably a hot topic, and if this has been beaten to the ground,
forgive me.
I'm not a regular part of the Samba community.  

Although I have been using Samba for years, I now have to use it in a
corporate environment utilizing some of it's more modern features.

Let me just say, that it's been several hours of testing/troubleshooting to
get where I am now.
(And I don't mean just Samba)

I'm running Linux 2.6-test11 on a Sparc64.  (This was the cause of many of
those hours, and my display is horked and the keyboard is broken, any ideas
off list? :) )

But, I wanted to use a kernel with ACL built in, and not attempt to patch
one and have to keep up with patches every time I changed kernels.

So, I have ACL built. I'm using ext3.  
I went to http://acl.bestbits.at/ and downloaded and installed all the
supporting software required. (Course, all their links are broken, but I
eventually found them)

I followed this guide:
http://www.bluelightning.org/linux/samba_acl_howto/

And everything has gone fairly well. 
I did have to download and compile the MIT Kerberos package, but that was
just a minor set back (even with the compilation errors).

So, here I am.  I have kinit'd. I have ACL support. Samba 3.0 is running
with ACL support.
I have joined the domain, and I have joined active directory.

Now, as far as winbind goes, I've done nothing except changes to
nsswitch.conf.
I do not wish to use my AD credentials on the server, just the shares
themselves.

I think I'm in align, and when I browse to the server, I receive this error:

-=-=
[2003/12/15 10:23:11, 0] lib/util_sock.c:get_socket_addr(919)
  getpeername failed. Error was Transport endpoint is not connected
[2003/12/15 10:23:11, 0] lib/util_sock.c:write_socket_data(388)
  write_socket_data: write failure. Error = Connection reset by peer
[2003/12/15 10:23:11, 0] lib/util_sock.c:write_socket(413)
  write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset
by peer
[2003/12/15 10:23:11, 0] lib/util_sock.c:send_smb(585)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
-=-=

My windows client is then prompted for a password.
I'm not sure what to enter. I have set myself up with smbpasswd (do I need
to?)
So I try my Unix ID (which is different than my Windows ID, although I set
up the mapping)
And it fails:

-=-=
[2003/12/15 10:26:05, 0] lib/util_sock.c:get_socket_addr(919)
  getpeername failed. Error was Transport endpoint is not connected
[2003/12/15 10:26:05, 0] lib/util_sock.c:write_socket_data(388)
  write_socket_data: write failure. Error = Connection reset by peer
[2003/12/15 10:26:05, 0] lib/util_sock.c:write_socket(413)
  write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset
by peer
[2003/12/15 10:26:05, 0] lib/util_sock.c:send_smb(585)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
-=-=

So, then I try my windows credentials:

-=-=
[2003/12/15 10:26:32, 0] lib/util_sock.c:get_socket_addr(919)
  getpeername failed. Error was Transport endpoint is not connected
[2003/12/15 10:26:32, 0] lib/util_sock.c:write_socket_data(388)
  write_socket_data: write failure. Error = Connection reset by peer
[2003/12/15 10:26:32, 0] lib/util_sock.c:write_socket(413)
  write_socket: Error writing 4 bytes to socket 16: ERRNO = Connection reset
by peer
[2003/12/15 10:26:32, 0] lib/util_sock.c:send_smb(585)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
-=-=

I've done some google'ing on this, but because it's such a generic error(s)
nothing of significant value was found.  

Can anyone lend me some ideas? I feel like I've come so far already!
If I can run some verbose logging or run give some gdb output, I'd be happy
to.
 
Thanks for your time and attention at this lengthy e-mail,

Jason


More information about the samba mailing list