[Samba] Re: Re: Samba as NT Domain Member via Winbind - After
Upgrade users prompted for password for any shares
Jason.McGlamary at Medstar.net
Jason.McGlamary at Medstar.net
Fri Aug 27 01:24:41 GMT 2004
Thomas,
I followed your instructions, and your theory proved correct. The
user I performed 'getent passwd <username> was able to access the shares.
It's something at least, and believe me I was getting ready to swear off
technology forever. Now, how can I manage this task for 20000 users? Is
this a problem only happeningn w/ 3.0.6? It didn't happen to me until I
upgraded yesterday. Does anyone know how I can roll back to a previous
version on Debian? I've really just started using the Distro recently.
Thanks,
Jason
>-----------------------------------------------------------------------
>I'm having similar problems with Samba 3.0.6...
Jason, try this for scientific purposes:
1. Stop Samba
2. Delete /%samba/var/locks/netsamlogon_cache.tdb
3. Start Samba
4. run 'getent passwd <username>' (where <username> includes the domain
name and domain separator if necessary)
If the account shows up, my guess is that your shares will work for that
user for the moment. If you try to access a share before that (even
anonymous "\\server"), you'll be locked out and won't be able to access
anything until you delete netsamlogon_cache.tdb and start over.
Jerry, why does this happen? ;)
Here's my best definition of the situation and the problem:
Existing Infrastructure
- Windows NT 4.0 Domain
- PDC, BDC
- Two-way Domain Trust with external domain
- SP6a
Desired Samba server
- Samba 3.0.6
- Red Hat Linux 7.2
- Domain member server
- Winbind
Successes
- configure, make, make install run normally
- net rpc join -U Admin joins server to domain
- starting samba allows getent passwd, group
- wbinfo -t, -p work fine
Problems
- Users can only connect to shares after doing a 'getent passwd
<username>' *before* attempting a connection to \\servername
- Trying to "Run..." \\servername before doing that locks out the user
until the service is stopped, netsamlogon_cache.tdb is deleted, and the
service is restarted.
Diagnostics
- setting "winbind use default domain = yes" or "no" has no effect.
- setting "passdb backend = tdbsam" or "smbpasswd" or commenting out the
line has no effect.
- this line occurs repeatedly in the visiting workstation's log:
[2004/08/26 15:04:48, 0] auth/auth_util.c:make_server_info_info3(1122)
make_server_info_info3: pdb_init_sam failed!
More information about the samba
mailing list