[Samba] Winbind ldap samba 3 BDC getent passwd answer
don't retrieve domain users,
can't login on the domain with users that are not on /ect/passwd + typo
error ?
jean-marc pouchoulon
jean-marc.pouchoulon at ac-montpellier.fr
Thu Oct 2 07:15:23 GMT 2003
Hi ,
I've just upgraded to the last samba rpm on a redhat 9 and I
have a new problem on winbind
wbinfo -u and wbinfo -g this time don't return user or group.
getent passwd don't return the users but I think this time it's a direct
inheritance of the previous line.
I can see in the log a 'lookupsid' with an unknow sid number
I can suppose this sid number come from the install ( net getlocalsid
and netgetlocalsid DOMAIN give the good sid domain)
2 small other things:
If I use idmap backend = ldapsam:ldap://ip_address
I have
[2003/10/02 08:01:40, 5] lib/module.c:smb_probe_module(113)
Probing module 'ldapsam': Trying to load from
/usr/lib/samba/idmap/ldapsam.so
[2003/10/02 08:01:40, 3] lib/module.c:do_smb_load_module(46)
Error loading module '/usr/lib/samba/idmap/ldapsam.so':
/usr/lib/samba/idmap/ldapsam.so: Ne pe
ut ouvrir le fichier d'objet partagé: Aucun fichier ou répertoire de
ce type
[2003/10/02 08:01:40, 0] sam/idmap.c:idmap_init(136)
idmap_init: could not load remote backend 'ldapsam'
With idmap backend = ldap:ldap://ip_address winbind is able to start
Testparm give a warning:
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Hope this can help going further in the analyse.
Jean-Marc
----------------------------------
cli_pipe: return critical error. Error was Call timed out: server did
not respond after 10000 milliseconds
[2003/10/02 08:07:30, 0] rpc_parse/parse_prs.c:prs_dump_region(67)
created /tmp/reply_\PIPE\samr_1.5.prs
[2003/10/02 08:07:30, 10]
nsswitch/winbindd_cache.c:store_cache_seqnum(314)
store_cache_seqnum: success [DOMAIN][4294967295 @ 1065074850]
[2003/10/02 08:07:30, 10]
nsswitch/winbindd_cache.c:refresh_sequence_number(367)
refresh_sequence_number: DOMAIN seq number is now -1
[2003/10/02 08:07:30, 3]
nsswitch/winbindd_group.c:get_sam_group_entries(526)
get_sam_group_entries: could not enumerate domain groups! Error:
NT_STATUS_UNSUCCESSFUL
[2003/10/02 08:07:30, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:30, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:07:30, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 23, pid 1931: EOF
[2003/10/02 08:07:35, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 20
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn INTERFACE_VERSION
[2003/10/02 08:07:35, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(231)
[ 1934]: request interface version
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2003/10/02 08:07:35, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(267)
[ 1934]: request location of privileged pipe
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(547)
client_write: need to write 37 extra data bytes.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 37 bytes.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(536)
client_write: client_write: complete response written.
[2003/10/02 08:07:35, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 23
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:07:35, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 20, pid 1934: EOF
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn LIST_USERS
[2003/10/02 08:07:35, 3]
nsswitch/winbindd_user.c:winbindd_list_users(585)
[ 1934]: list users
[2003/10/02 08:07:35, 10]
nsswitch/winbindd_cache.c:refresh_sequence_number(342)
refresh_sequence_number: DOMAIN time ok
[2003/10/02 08:07:35, 10]
nsswitch/winbindd_cache.c:refresh_sequence_number(367)
refresh_sequence_number: DOMAINR seq number is now -1
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:35, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:07:35, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 23, pid 1934: EOF
[2003/10/02 08:07:41, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 20
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn INTERFACE_VERSION
[2003/10/02 08:07:41, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(231)
[ 1937]: request interface version
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2003/10/02 08:07:41, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(267)
[ 1937]: request location of privileged pipe
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(547)
client_write: need to write 37 extra data bytes.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 37 bytes.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(536)
client_write: client_write: complete response written.
[2003/10/02 08:07:41, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 23
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:07:41, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 20, pid 1937: EOF
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn LOOKUPSID
[2003/10/02 08:07:41, 3] nsswitch/winbindd_sid.c:winbindd_lookupsid(43)
[ 1937]: lookupsid S-1-5-21-2378977471-3366103441-359622561-1004
[2003/10/02 08:07:41, 1]
nsswitch/winbindd_util.c:winbindd_lookup_name_by_sid(387)
Can't find domain from sid
[2003/10/02 08:07:41, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:07:42, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:07:42, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn LOOKUPSID
[2003/10/02 08:07:42, 3] nsswitch/winbindd_sid.c:winbindd_lookupsid(43)
[ 1937]: lookupsid S-1-5-21-2378977471-3366103441-359622561-1004
[2003/10/02 08:07:42, 1]
nsswitch/winbindd_util.c:winbindd_lookup_name_by_sid(387)
Can't find domain from sid
[2003/10/02 08:07:42, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:16, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:08:16, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 23, pid 1937: EOF
[2003/10/02 08:08:45, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 20
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn INTERFACE_VERSION
[2003/10/02 08:08:45, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(231)
[ 1945]: request interface version
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2003/10/02 08:08:45, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(267)
[ 1945]: request location of privileged pipe
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(547)
client_write: need to write 37 extra data bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 37 bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(536)
client_write: client_write: complete response written.
[2003/10/02 08:08:45, 6] nsswitch/winbindd.c:new_connection(340)
accepted socket 23
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:08:45, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 20, pid 1945: EOF
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:45, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:45, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:45, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:45, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:45, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:45, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:45, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:45, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:45, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:45, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:46, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:46, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:46, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:46, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1927]: getpwnam toto
[2003/10/02 08:08:46, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:46, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:46, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:47, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:47, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:47, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:47, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:47, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:47, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:47, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:49, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:49, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:49, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 1568 bytes. Need 0 more for a full request.
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:process_request(305)
process_request: request fn GETPWNAM
[2003/10/02 08:08:49, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 1945]: getpwnam toto
[2003/10/02 08:08:49, 5] nsswitch/winbindd_acct.c:wb_getpwnam(392)
wb_getpwnam: Did not find user (toto)
[2003/10/02 08:08:49, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
winbindd_getpwnam: lookup for \toto failed
[2003/10/02 08:08:49, 10] nsswitch/winbindd.c:client_write(502)
client_write: wrote 1300 bytes.
[2003/10/02 08:09:01, 5] lib/smbldap.c:smbldap_close(856)
The connection to the LDAP server was closed
[2003/10/02 08:09:01, 5] sam/idmap_ldap.c:ldap_idmap_close(982)
The connection to the LDAP server was closed
[2003/10/02 08:09:01, 10] nsswitch/winbindd.c:winbind_client_read(455)
client_read: read 0 bytes. Need 1568 more for a full request.
[2003/10/02 08:09:01, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 9, pid 1914: EOF
-----Message d'origine-----
De : Gerald (Jerry) Carter [mailto:jerry at samba.org]
Envoyé : mercredi 1 octobre 2003 0:32
À : jean-marc pouchoulon
Cc : samba at lists.samba.org
Objet : Re: [Samba] Winbind ldap samba 3 BDC getent passwd answer don't
retrieve domain users, can't login on the domain with users that are not
on /ect/passwd + typo error ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
jean-marc pouchoulon wrote:
| Helo,
|
| On redhat 9 - samba 3 stable - Using the rpm from 24 september.
| I try to configure a bdc.
|
| Smb.conf is :
|
| idmap backend = ldap:ldap://ip_address
| ldap idmap suffix = ou=personnes,ou=ac-ville,ou=educ
| winbind uid = 10000-20000
| winbind gid = 10000-20000
| # allow enumeration of winbind users and groups
| winbind enum users = yes
| winbind enum groups = yes
| # give winbind users a real shell (only needed if they have
| telnet access)
| template shell = /bin/bash
|
|
| wbinfo -u and -g are working.
|
| Nsswitch.conf is :
|
| passwd: files winbind
| shadow: files
| group: files winbind
|
|
| But getent passwd and getent group did give back only the users
| located in /etc/passwd and /etc/group
There's a buh in the RPM for RedHat 9 that doesn't create the symlink to
/lib/libnss_winbind.so.2. I'll build new RPMS this week.
cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard ------------------------- http://www.hp.com
~ SAMBA Team ---------------------- http://www.samba.org
~ GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~ --John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/egRJIR7qMdg1EfYRAk6EAJ4w2/VrMvtQJu2elsAD9nL/LlnUXwCgwnfP
Rv8CN3cCW0vOtxjw70kC0Ls=
=gCnF
-----END PGP SIGNATURE-----
More information about the samba
mailing list