[Samba] nsswitch/winbindd_cm.c / samba 2.2.7a / NT4

Andrew McKinney andrew at mongers.org
Mon Oct 13 14:50:57 GMT 2003 

Hi List.
I have successfully used winbindd, with squid to act as a reverse proxy
for a webmail product. I initally tested and set up this system in our
own LAN. This had the squid box, running winbindd, on the same LAN as
our Win2k DC. Everything works fine.

Now, once I came to install this system in the real world, I have run
into some problems. I have compiled Samba 2.2.7a from source with the
--use-winbindd configure option. I am running this on RH 9. Once made
and installed, I ran 'smbpasswd -j DOMAIN -r PDC -U Administrator', and
apparently joined the domain successfully.

I cant use wbinfo to ping, check secrets or view users or groups. I can
ping to the password/WINS server from the winbindd box in the DMZ.

This is a snippet from log.winbindd:

- - SNIP - -
[2003/10/13 15:40:14, 1] nsswitch/winbindd_util.c:init_domain_list(144)
  Retrying startup domain sid fetch for PORTADOWN
[2003/10/13 15:40:14, 3] nsswitch/winbindd_cm.c:cm_get_dc_name(103)
    Could not look up dc's for domain PORTADOWN
[2003/10/13 15:40:14, 10]
    nsswitch/winbindd_cm.c:add_failed_connection_entry(236)
      domain PORTADOWN already tried and failed
[2003/10/13 15:40:14, 3]
      nsswitch/winbindd_cm.c:get_connection_from_cache(411)
        Could not open a connection to PORTADOWN for \PIPE\lsarpc
	(NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)
- - SNIP - -	

And some smb.conf info:

- - SNIP - -
        workgroup = PORTADOWN
	netbios name = INOTES
	name resolve order = wins lmhosts bcast
	wins server = 10.1.1.10
	password server = 10.1.1.10
	security = DOMAIN
	guest ok = yes
	dns proxy = no
	winbind	uid = 10000-20000
	winbind	gid = 10000-20000
	winbind use default domain = yes
- - SNIP - -

I have noticed that our office implementation, which joins a 2k domain,
winbind is connected to mircosoft-ds on the password server. An
interesting fact is that there is no microsoft-ds service running on the
NT4 password server (10.1.1.10). Is this a problem? What needs done on
the NT server to fix? 

I also have played with nsswitch/winbindd_cm.c, but have had no luck, as
my C skills are somewhat embarrassing.

Any help or pointers greatly appriciated. 

Cheers,
Andrew
--
andrew (at) mongers (dot) org

More information about the samba mailing list