[Samba] winbind cannot get domain SID, no authentication

rruegner robowarp at gmx.de
Mon Oct 27 12:11:05 GMT 2003

Hi, first update your samba from the suse server to 2.2.8a (3.0)
which is on suses ftp server or via yast for serveral security bugs.
Gethostbyaddr failed for seems to me like samba
cant connect to win server, maybe you have a broken nic cable hub etc,
did you check this by nmap or etherreal ping etc...have you installed
new iptables rules or used yast for update ( which sometimes makes trouble)
Service packs on windows will not be resolution and is not involved with
that stuff
after all after reinstalled service pack invokes a new domain trust....but i
am neary sure you have a network problem.....try nmblookup to you nt server
Best Regards
----- Original Message ----- 
From: "Thomas Zehbe" <tz at ingenion.de>
To: <samba at lists.samba.org>
Sent: Monday, October 27, 2003 11:54 AM
Subject: [Samba] winbind cannot get domain SID, no authentication

Hi Folks,
an installation using samba 2.2.7a on a SuSE 8.2
box (2.4.20 kernel) doesn?t work using winbind to authenticate users at
an NT 4.0 SP6a Server. But it did work until last Monday.

Rejoining the domain (smbpasswd -j), setting the SID (smbpasswd -w),
reinstalling SP6a on the NT box - nothing helps.

Does anyone has any idea???
Here are some lines of the logs an configs.

winbind (seems to me to be the core problem):
[2003/10/22 11:22:34, 1] nsswitch/winbindd_util.c:init_domain_list(144)
Retrying startup domain sid fetch for CDU
[2003/10/22 08:01:58, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
[2003/10/22 08:01:58, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72)
cli_nt_setup_creds: auth2 challenge failed
[2003/10/22 08:01:58, 0]
connect_to_domain_password_server: unable to setup the PDC credentials
to machine C150. Error was : NT_STATUS_OK.
[2003/10/22 08:01:58, 0] smbd/password.c:domain_client_validate(1599)
domain_client_validate: Domain password server not available.
[2003/10/22 08:01:58, 1] lib/util_sock.c:get_socket_name(977)
Gethostbyaddr failed for
[2003/10/22 08:01:58, 1] smbd/service.c:make_connection(636)
stiewe2 ( connect to service stiewe as user stiewe
(uid=10025, gid=10000) (pid 4887)
The is the Client who tries to connect.

workgroup = xyz
netbios name = GENERAL
interfaces =
security = DOMAIN
encrypt passwords = Yes
password server =
log level = 1
null passwords = yes
debug level = 1
syslog = 0
time server = Yes
unix extensions = Yes
printcap name = CUPS
character set = ISO8859-15
client code page = 850
add user script = useradd -d /dev/null -g 500 -s /bin/false %m$
logon path = \\%L\profiles\%U
logon home = \\%L\%U\profile
domain logons = Yes
os level = 64
domain master = No
wins server =

winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /nutzerdaten/winhomes/%U
obey pam restrictions = yes


Thomas Zehbe

Fon 0 50 31 / 9 02 04-2
Fax 0 50 31 / 9 02 04-9

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list