[Samba] Re: wbinfo -u returns 0xc0000022

Zylo shiningzylo at caramail.com
Wed Mar 3 11:04:58 GMT 2004

You should use wbinfo -A user%password
You need only a valid user, not an administrator user.


"Salmons, Michael" <SalmonsM at missouri.edu> a écrit dans le message de
news:7F5BBA66C483B1489B4B5749609361D311C6AD at UM-EMAIL08.um.umsystem.edu...

I am attempting to add a Redhat 9 box to our NT4 domain as a member
server. I want to enumerate user and group info so I don't have to make
two sets of user and group accounts. I've setup samba (version 2.2.7a)
and pamd the way I think I'm supposed to, but wbinfo -u always returns
0xc0000022. I've found this particular error mentioned in a few
articles, but applying the various remedies offered has resulted in no

wbinfo -t: the secret was good, but over the weekend (and after a reboot
of the pdc and bdc) it's now bad. it returns 0xc00000e5.

I've used wbinfo -a to authenticate to the domain as the domain admin-
it authenticated successfully- no change in response of wbinfo -u. (also
i noticed it was passing the password in cleartext, something i'd rather
not do..)

in case this is an issue: RestrictAnonymous is set to 1 on the pdc.

I had no trouble adding the machine to the domain. I don't think I did,
at least. I started in the Server Manager of the pdc, then ran
smbpasswd. I can use smbmount to view shares in the domain on the redhat
box, plus test shares I've setup on the redhat box are viewable by
others if I've established a local account for them.

--various files, with a few things changed to protect privacy:


NOTE: wins server is numeric ip and is correct; hosts allow does match
our subnet; password server and remote announce are the netbios names of
our pdc and bdc

 log file = /var/log/samba/%m.log
 smb passwd file = /etc/samba/smbpasswd
 load printers = yes
 passwd chat = *New*password* %n\n *Retype*new*password* %n\n
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 obey pam restrictions = yes
 wins server = xx.xx.xx.xx
 encrypt passwords = yes
 hosts allow = xx.xx
 passwd program = /usr/bin/passwd %u
 dns proxy = no
 netbios name = netname
 server string = serverstring
 printing = cups
 password server = pdc bdc
 unix password sync = Yes
 local master = no
 remote announce = pdc
 workgroup = DOMAIN
 os level = 2
 printcap name = /etc/printcap
 security = domain
 preferred master = no
 max log size = 0
 pam password change = yes
        username map = /etc/samba/smbusers
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        template homedir = /home/%U
        winbind separator = +
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        winbind enum users = yes
        winbind enum groups = yes
        template shell = /bin/bash
        add user script = /usr/sbin/adduser -d /home/%D/%U %u


auth       required pam_securetty.so
auth       required pam_stack.so service=system-auth
auth       required pam_nologin.so
account    required pam_stack.so service=system-auth
password   required pam_stack.so service=system-auth
session    required pam_stack.so service=system-auth
session    optional pam_console.so
account    sufficient  /lib/security/pam_winbind.so
session    required    /lib/security/pam_mkhomedir.so skel=/etc/skel


auth       required pam_nologin.so
auth       required     pam_env.so
auth       required pam_stack.so service=system-auth
auth       sufficient   pam_ldap.so
auth       sufficient   pam_smb_auth.so use_first_pass
auth       sufficient   pam_unix.so likeauth nullok try_first_pass
auth       required     pam_deny.so
account    required pam_stack.so service=system-auth
session    required pam_stack.so service=system-auth
password   required pam_stack.so service=system-auth


# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so

password    required      /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so



(substitute actual domain and netbios names of pdc and bdc)

What should I check next? Any help would be appreciated.

Michael Salmons
salmonsm at missouri.edu

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list