[Samba] Winbind & client services

[Terrill Yuhas]

Hi,

We're running Samba 3.0.4 compiled from the srpms and they're setup as PDC
for two domains (tdbsam backend).  Both servers are working fine for
domain authentication.  Previously we hadn't been using winbind but
decided to try the extra functionality and fired it up.  The only change
that we can see is that now when the clients login, a whole mess of
services fail like Computer Browser due to not being able to contact the
domain controller (per the event viewer).  These services can be started
manually and then it's business-as-usual.

Not sure if this is related but we'd also tried to set up interdomain
trusts between those two Samba PDCs. By all accounts, it seems that it
should be working: entries in the secrets.tdb, net rpc trustdom list, and
(when we run winbind) wbinfo -m give output consistent with the docs as
far as a working trust relationship.  

Both domains are set up to trust each other.  When I am logged into one
domain (the domain the computer is a client of) and try to do something
that requires admin privileges, I get a login box.  At that point if I
just log in to the other domain, things continue but it definitely appears
the trust isn't working.  I'm at log level = 3 but I can't find anything
in the log that looks obviously wrong.

Maybe one of the tdb files is messed up?  I've seen other posts where
people suggest rebuilding the secrets.tdb file.  The only problem I can
see with that is that a new SID is generated which would require rejoining
all the clients to the domain.  The only docs I can find on changing a
domain SID is by sucking it off a PDC but nothing on modifying the domain
SID if it's on a PDC.

Thanks for any ideas!

Terrill