[Samba] NT_STATUS_PIPE_NOT_AVAILABLE and non working winbind auth
carlos.efr at mail.telepac.pt
Sat Apr 30 21:20:35 GMT 2005
At work I have an Active Directory domain (Windows 2003) which has the
SFU schema extensions. Recently we set up all the Linux clients (SuSE
9.2) to authenticate using LDAP (nss_ldap). But the main thing is that
we added a Samba server (SuSE 9.0, samba 3.0.14a) to host the user's
homes (somewhere in the future, their Windows profiles too). This server
also has local LDAP authentication (it also serves as an SFTP server).
In this, samba using just "security = ADS" works just fine, as the
uid/gid resolution is made "locally" through LDAP (using the LDAP
attibutes added by SFU's schema extension to AD) and thus doesn't
Using smbclient from within this server works using bothe kerberos and
password authentication (more on this in a minute).
In the last few days, I thought of replicating this configuration to
another machine, so that I could change it to use winbind (just for
kicks, for now). I made sure this was working fine.
But... I just can't make winbind authentication work... local or samba.
The second I start winbind, access to this machine using smbclient and
password stops working. The error is:
"session setup failed: NT_STATUS_PIPE_NOT_AVAILABLE"
However, if I do a "kinit user" followed by "smbclient -k", it works
(which proves kerberos authentication is still working).
Local authentication simply doesn't work... Although "getent
passwd/group" returns the right thing, something like a "finger user"
"wbinfo -u", "wbinfo -g" and "wbinfo --sequence" also shows (apparently)
"wbinfo -t" outputs the following errors:
"checking the trust secret via RPC calls failed
error code was NT_STATUS_PIPE_NOT_AVAILABLE (0xc00000ac)
Could not check secret"
This is starting to annoy me beyond reason. I've followed every howto
out there and after many hours, it still doesn't work...
Thanks in advance,
############### smb.conf ###############
workgroup = ALUNOS
realm = ALUNOS.DQ.FCT.UNL.PT
server string = Samba Test Server
security = ADS
password server = 10.1.96.10
load printers = no
local master = no
invalid users = root
read only = No
encrypt passwords = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
template shell = /bin/bash
winbind separator = +
comment = Home Directories
path = /home
create mask = 0644
browseable = no
More information about the samba