[Samba] Winbind without netbios

Pedro Nunes pedro.nunes at factis.pt
Mon Jan 24 10:36:30 GMT 2005


Hi there,

 

Im using for long time winbind + squid for my proxy server and it has
been working very good... No problems at all. 

Some months ago, I decided to get rid of Netbios protocol and start to
use only dns for name resolution on my domain. That's when my problem
begin.

All my windows servers and workstations are doing fine without netbios
but I cant get winbind to work without netbios.

In this moment I have only one DC with netbios on to work with winbind +
squid. 

Every time that I put "disable netbios = yes" on my smb.conf, windind
always says that cant find a domain controller

 

Here is my smb.conf 

 

workgroup = FACTIS

password server = facdc01.factis.com

#disable netbios = yes

security = ADS

winbind uid = 10000-20000

winbind gid = 10000-20000

winbind use default domain = yes

ENCRYPT PASSWORDS = YES

INTERFACES = eth0

 

root at FACPX02:~# wbinfo -t

checking the trust secret via RPC calls succeeded

 

But with ...

 

workgroup = FACTIS

password server = facdc01.factis.com

disable netbios = yes

security = ADS

winbind uid = 10000-20000

winbind gid = 10000-20000

winbind use default domain = yes

ENCRYPT PASSWORDS = YES

INTERFACES = eth0

 

root at FACPX02:~# wbinfo -t

checking the trust secret via RPC calls failed

error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)

Could not check secret

 

By the way... Im using samba 3.0.10 and slackware 9.1 with kernel
2.4.20. 

 

Here is the debug output of winbind with netbios disable.

 

root at FACPX02:~# winbindd -i -S -d 9

winbindd version 3.0.10 started.

Copyright The Samba Team 2000-2004

lp_load: refreshing parameters

Initialising global parameters

params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"

doing parameter workgroup = FACTIS

doing parameter password server = facdc01.factis.com

doing parameter disable netbios = yes

doing parameter security = ADS

doing parameter winbind uid = 10000-20000

doing parameter winbind gid = 10000-20000

doing parameter winbind use default domain = yes

doing parameter ENCRYPT PASSWORDS = YES

doing parameter INTERFACES = eth0

doing parameter wins server = 192.168.1.1

pm_process() returned Yes

lp_servicenumber: couldn't find homes

add_a_service: Creating snum = 0 for IPC$

adding IPC service

add_a_service: Creating snum = 1 for ADMIN$

adding IPC service

Attempting to register new charset UCS-2LE

Registered charset UCS-2LE

Attempting to register new charset UTF-16LE

Registered charset UTF-16LE

Attempting to register new charset UCS-2BE

Registered charset UCS-2BE

Attempting to register new charset UTF-16BE

Registered charset UTF-16BE

Attempting to register new charset UTF8

Registered charset UTF8

Attempting to register new charset UTF-8

Registered charset UTF-8

Attempting to register new charset ASCII

Registered charset ASCII

Attempting to register new charset 646

Registered charset 646

Attempting to register new charset ISO-8859-1

Registered charset ISO-8859-1

Attempting to register new charset UCS2-HEX

Registered charset UCS2-HEX

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

Substituting charset 'ANSI_X3.4-1968' for LOCALE

added interface ip=192.168.1.254 bcast=192.168.1.255 nmask=255.255.255.0

Netbios name list:-

my_netbios_names[0]="FACPX02"

added interface ip=192.168.1.254 bcast=192.168.1.255 nmask=255.255.255.0

Opening cache file at /var/cache/samba/gencache.tdb

namecache_enable: enabling netbios namecache, timeout 660 seconds

smb_register_idmap: Successfully added idmap backend 'tdb'

fcntl_lock 7 13 0 1 1

fcntl_lock: Lock call successful

Registered MSG_REQ_POOL_USAGE

Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED

add_trusted_domain: FACTIS is an NT4  domain

Added domain FACTIS  S-0-0

Using cleartext machine password

get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]

name facdc01.factis.com#20 found.

get_dc_list: returning 1 ip addresses in an ordered list

get_dc_list: 192.168.1.1:0

name_status_find(FACTIS#1c): netbios is disabled

set_dc_type_and_flags: Could not open a connection to FACTIS for
PIPE_LSARPC (NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)

get_cache: Setting MS-RPC methods for domain FACTIS

scanning trusted domain list

rpc: trusted_domains

Using cleartext machine password

get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]

name facdc01.factis.com#20 found.

get_dc_list: returning 1 ip addresses in an ordered list

get_dc_list: 192.168.1.1:0

name_status_find(FACTIS#1c): netbios is disabled

Could not open a connection to FACTIS for \PIPE\lsarpc
(NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)

add_trusted_domain: BUILTIN is an NT4  domain

Added domain BUILTIN  S-1-5-32

add_trusted_domain: FACPX02 is an NT4  domain

Added domain FACPX02  S-1-5-21-2795259228-1423499927-2706720521

scanning trusted domain list

rpc: trusted_domains

Using cleartext machine password

get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]

name facdc01.factis.com#20 found.

get_dc_list: returning 1 ip addresses in an ordered list

get_dc_list: 192.168.1.1:0

name_status_find(FACTIS#1c): netbios is disabled

Could not open a connection to FACTIS for \PIPE\lsarpc
(NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)

 

Thanks in advance



More information about the samba mailing list