[Samba] Samba3 By Example - Suggested Update (Correction?) And Two Winbind Defects

Schlomo Schapiro samba at schlomo.schapiro.org
Thu Oct 14 10:02:00 GMT 2004 

Hi,

probably your problem was caused by SuSE's .local problem. They patched 
their glibc to do a multicast DNS lookup (AKA Apple ZeroConf) for all 
.local domains. A fix is supposed to come soon ( I pushed them to make one 
:-), but if you have support try to ask for it directly. Unfortunateley I 
am not allowed to distribute this patch myself.

Using IP Addresses only of course also serves as a workaround, but with 
DNS-rooted domains this is a pain in the ass.

Regards,
Schlomo

PS: Look for previous traffic on this list regarding SuSE 9.1

On Wed, 13 Oct 2004, L. Mark Stone wrote:

> We were trying to build a SuSE 9.1 box in a lab as a Domain Member server in a 
> Windows Active Directory domain where the AD server was running Windows 2000 
> Server.
> 
> We found that the instructions in Chapter 9.3.3 were, at least in our case, 
> incomplete.
> 
> The AD server was managing a private domain, so following the Windows 
> Configure My Server wizard the domain was setup as "smelug.local".
> 
> When we attempted to have the Linux box (running SuSE 9.1 (fully patched) with 
> the Samba 3.0.7 rpm packages from the SuSE ftp site) join the domain, we got 
> an error indicating the Linux box could not find the Kerberos server.
> 
> After Googling, we saw that others experiencing this problem had as the root 
> cause either a DNS configuration problem or a misconfigured realm in 
> krb5.conf.
> 
> We checked DNS on the W2K server and on the Linux box, added entries in the 
> Linux and Windows hosts files, and then watched the packets go back and forth 
> with Ethereal between the Windows 2K AD server and the SuSE box, but we still 
> got the error. The two boxes were clearly exchanging packets, so we felt 
> pretty good that we didn't have any DNS configuration errors.
> 
> Next, we undid all of the above changes, and simply edited the krb5.conf file 
> to include the realm information and the IP:port info for the AD server. The 
> join was successful now.
> 
> May I therefore suggest that configuring the krb5.conf file be added to 
> Chapter 9.3.3 in S3BE?
> 
> Separately, we found two winbind errors during testing:
> 
> First, we found that winbind does not shut down cleanly during a reboot (we 
> used the SuSE runlevel editor in YaST to have smb, nmb and winbind startup 
> automagically during boot up). Winbind leaves /var/run/samba/winbindd.pid in 
> place, which we must remove manually before we can start winbind. 
> 
> Second, even after starting/stopping/restarting winbind manually, wbinfo -u 
> (and -g) do not work at first. We found we needed to run "net ads info" 
> first, and then wbinfo -whatever would work just fine.
> 
> Please let me know if you would like me to file bugzilla reports on these 
> errors, or if you would like more detail. We are not programmers so we don't 
> know how to narrow this down further.
> 
> With best regards,
> Mark
> 
> P.S. The lab machines are VMware 4.5.2 guests, running on a SuSE Linux 8.2 
> host. We can make the virtual machine files available to you if you would 
> like to run these machines locally for testing (assuming you have VMware and 
> a Windows 2000 Server license).
> 
> 

-- 
Regards,
Schlomo

More information about the samba mailing list