[Samba] samba, winbind and NT 4.0 suddenly stop working together
tz at ingenion.de
Thu Oct 23 07:28:07 GMT 2003
since several months an installation using samba 2.2.7a on a SuSE 8.2
box (2.4.20 kernel) worked fine using winbind to authenticate users at
an NT 4.0 SP6a Server including ont-the-fly creation of home dirs on the
LINUX box. There are about 20 WinCients working.
Since monday authentication stops working without any (known) event like
machine crashes, reconfiguring etc. So all users lost access to home an
group shares. wbinfo isn?t working, getent only shows local users and
I tried several things. Rejoining the domain (smbpasswd -j), setting the
SID (smbpasswd -w), reinstalling SP6a on the NT box - nothing helps.
ping to the NT box works. To get the people working i created linux
accounts with fitting uids an gids.
Does anyone has any idea???
Here are some line of the logs an configs.
winbind (seems to me to be the core problem):
[2003/10/22 11:22:34, 1] nsswitch/winbindd_util.c:init_domain_list(144)
Retrying startup domain sid fetch for CDU
[2003/10/22 08:01:58, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
[2003/10/22 08:01:58, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72)
cli_nt_setup_creds: auth2 challenge failed
[2003/10/22 08:01:58, 0]
connect_to_domain_password_server: unable to setup the PDC credentials
to machine C150. Error was : NT_STATUS_OK.
[2003/10/22 08:01:58, 0] smbd/password.c:domain_client_validate(1599)
domain_client_validate: Domain password server not available.
[2003/10/22 08:01:58, 1] lib/util_sock.c:get_socket_name(977)
Gethostbyaddr failed for 192.168.2.232
[2003/10/22 08:01:58, 1] smbd/service.c:make_connection(636)
stiewe2 (192.168.2.232) connect to service stiewe as user stiewe
(uid=10025, gid=10000) (pid 4887)
The 192.168.2.232 is the Client who tries to connect.
workgroup = xyz
netbios name = GENERAL
interfaces = 192.168.2.100/255.255.255.0
security = DOMAIN
encrypt passwords = Yes
password server = 192.168.2.200
log level = 1
null passwords = yes
debug level = 1
syslog = 0
time server = Yes
unix extensions = Yes
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
printcap name = CUPS
character set = ISO8859-15
client code page = 850
add user script = useradd -d /dev/null -g 500 -s /bin/false %m$
logon path = \\%L\profiles\%U
logon home = \\%L\%U\profile
domain logons = Yes
os level = 64
domain master = No
wins server = 192.168.2.200
winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /nutzerdaten/winhomes/%U
obey pam restrictions = yes
Fon 0 50 31 / 9 02 04-2
Fax 0 50 31 / 9 02 04-9
More information about the samba