[Samba] winbind problems

Brian Kesting bkesting at cityofwayne.org
Mon Dec 20 23:47:52 GMT 2004 

I have tried using a + separator with no success.  I also get this in my log.winbindd file as soon as I restart winbind:

[2004/12/20 17:33:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
  krb5_cc_get_principal failed (No such file or directory)


---------- Original Message ----------------------------------
From: Tom Skeren <tms3 at fsklaw.com>
Date:  Mon, 20 Dec 2004 15:25:54 -0800

Brian Kesting wrote:

>Hello,
>
>I am running a Samba server (3.0.7) on a Suse 9.2 box.  I have connected this server successfully to a Windows 2000 Active Directory (mixed mode).  I have nsswitch.conf, krb5.conf configured and winbind seems to be running properly for the most part.  With wbinfo I can get all of my user and group information.  Problem is, it seems that at random times, the samba server just stops authenticating the windows user names and accounts.  If I restart the winbind or smb service, then all seems to be well again for a while.  Right now the only way I can keep this running is to run a cron job that restartes the samba and winbind services every hour.  This is really bugging me as I cannot figure out what is going on.  Can anyone help me?  I have included some of my configuration and log files below.  Thanks in advance.
>
>---------/etc/samba/smb.conf----------
># Samba Configuration File
>
>[global]
>        workgroup = WAYNE
>        realm = WAYNE.LOCAL
>        server string = Samba Server
>        security = ADS
>        password server = adserver.wayne.local
>        encrypt passwords = yes
>        idmap uid = 10000-20000
>        idmap gid = 10000-20000
>        template shell = /bin/bash
>        winbind use default domain = no
>        winbind separator = /
>  
>
The separator might be a problem.

>[users]
>        comment = Users on Linux
>        path = /home/WAYNE
>        read only = No
>        browseable = Yes
>
>---------/etc/nsswitch.conf-------
>passwd: files winbind
>group:  files winbind
>hosts:    files dns wins winbind
>networks: files dns
>
>---------/etc/krb5.conf-----------
>[libdefaults]
>        default_realm = WAYNE.LOCAL
>        clockskew = 300
>
>[realms]
>WAYNE.LOCAL = {
>        kdc = police.wayne.local
>        default_domain = WAYNE.LOCAL>
>        kpasswd_server = adserver.wayne.local
>}
>[domain_realm]
>        .WAYNE.LOCAL = WAYNE.LOCAL
>[appdefaults]
>pam = {
>        ticket_lifetime = 365d
>        renew_lifetime = 365d
>        forwardable = true
>        proxiable = false
>        retain_after_close = true
>        minimum_uid = 0
>}
>
>----------/var/log/samba/log.smbd--------
>[2004/12/20 15:25:33, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/LIEUTENANT1$ is invalid on this system
>[2004/12/20 15:25:44, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/LIEUTENANT1$ is invalid on this system
>[2004/12/20 15:25:54, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/LIEUTENANT1$ is invalid on this system
>[2004/12/20 15:25:56, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/LIEUTENANT1$ is invalid on this system
>.
>.
>.
>[2004/12/20 16:04:34, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/DISPATCH_GW1$ is invalid on this system
>[2004/12/20 16:05:13, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/DISPATCH_GW1$ is invalid on this system
>[2004/12/20 16:05:13, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>  Username WAYNE/DISPATCH_GW1$ is invalid on this system
>
>----------/var/log/samba/log.winbindd-------------------
>[2004/12/20 16:51:07, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
>  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
>[2004/12/20 16:54:52, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
>  krb5_cc_get_principal failed (No such file or directory)
>[2004/12/20 16:56:18, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
>  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
>[2004/12/20 16:59:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
>  user 'root' does not exist
>[2004/12/20 17:00:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
>  user 'root' does not exist
>[2004/12/20 17:01:18, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
>  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
>[2004/12/20 17:06:24, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
>  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
>[2004/12/20 17:11:40, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
>  Failed to parse NTLMSSP packet, could not extract NTLMSSP command
>[2004/12/20 17:15:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
>
>????
>  
>



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list