[Samba] samba3.0.14a, Windows2003, ADS

Danna Dowdy Danna.Dowdy at noaa.gov
Thu May 12 13:27:43 GMT 2005


I think I may have found something wrong.....
I have two isntances of secrets.tdb.....
/usr/local/samba/private/secrets.tdb
/etc/samba/secrets.tdb

Also, my smb.conf file was created in /usr/local/samba/lib/ ?  It 
appears that wbinfo is looking for it in /etc/samba but samba is looking 
for it in /usr/local/samba/lib.
I'm not sure where these files are supposed to be?


Michael Joyner wrote:

> I had a problem with winbind talking to one to my ADS here,
> not exactly like your situation, but the following might work, READ 
> THE WARNING, YMMV:
>
> stop winbind
> stop nmb
> stop smb
>
> cd /var/lib/samba(*?* not sure of location on RedHat)
> rm -rfv winbind*
>
> # WARNING!##############################################################
> # THE ABOVE WILL REMOVE ANY PREVIOUS RECORDED MAPPINGS FOR UID's ->
> # SID's! NEW MAPPINGS WILL BE GENERATED THAT MOST CERTAINLY WILL NOT BE
> # THE SAME UNLESS YOU USE
> # idmap backend = idmap_rid:DOMAIN=1000-100000000
> # idmap uid = 1000-100000000
> # idmap gid = 1000-100000000
> # PLEASE UNDERSTAND THE CONSEQUENCES OF idmap_rid BEFORE USING.
> # WARNING!##############################################################
>
> rm secrets.tdb (located in /etc/samba on SuSE, RedHat ?)
> net -U domain_admin ads join
>
> start nmb
> start smb
> start winbind
>
> I also have "use kerberos keytab = yes" in my /etc/samba/smb.conf
>
> Danna Dowdy wrote:
>
>> Platform is RedHat....
>> $ ps -axc | grep winbind
>> 4792 ?        S      0:00 winbindd
>> 4793 ?        S      0:00 winbindd
>>
>>
>> Michael Joyner wrote:
>>
>>> wbinfo -p is trying to tell you the wrong thing. :)
>>>
>>> ps axc | grep winbind
>>>
>>> if there is no output your winbind is not running.
>>>
>>> what is your platform?
>>>
>>> SuSE, RedHat, FreeBSD, Other?
>>>
>
>>>> winbindd.log
>>>> [2005/05/11 12:34:43, 1] libsmb/clikrb5.c:ads_krb5_mk_req(415)
>>>>  ads_krb5_mk_req: krb5_mk_req_extended failed (Ticket expired)
>>>> [2005/05/11 12:34:43, 1] 
>>>> libsmb/cliconnect.c:cli_session_setup_kerberos(539)
>>>>  spnego_gen_negTokenTarg failed: Ticket expired
>>>> [2005/05/11 12:34:43, 1] 
>>>> nsswitch/winbindd_ads.c:ads_cached_connection(81)
>>>>  ads_connect for domain DOMAIN failed: Cannot read password
>>>> [2005/05/11 12:34:43, 1] 
>>>> nsswitch/winbindd_util.c:init_domain_list(322)
>>>>  Could not fetch sid for our domain DOMAIN
>>>> [2005/05/11 12:34:43, 1] 
>>>> libsmb/cliconnect.c:cli_session_setup_kerberos(539)
>>>>  spnego_gen_negTokenTarg failed: No credentials cache found
>>>>
>>>>
>>>>
>>>
>



More information about the samba mailing list