[Samba] samba3.0.14a, Windows2003, ADS
Michael Joyner
mjoyner at vbservices.net
Thu May 12 14:51:41 GMT 2005
Ok,
You have TWO installations of SAMBA, this is going to cause GRIEF beyond
belief.
Apparantly, you have one installed via RPM the other via
./configure; make; make install
You need to remove BOTH, completely (`rpm -qa | grep samba`)
Then you need to either 1) do an RPM install, or 2) do a ./configure
install.
After the cleanup and new fresh install, start over with brand spaken
new smb.conf, *.tdb's etc. :)
Danna Dowdy wrote:
> I think I may have found something wrong.....
> I have two isntances of secrets.tdb.....
> /usr/local/samba/private/secrets.tdb
> /etc/samba/secrets.tdb
>
> Also, my smb.conf file was created in /usr/local/samba/lib/ ? It
> appears that wbinfo is looking for it in /etc/samba but samba is looking
> for it in /usr/local/samba/lib.
> I'm not sure where these files are supposed to be?
>
>
> Michael Joyner wrote:
>
>> I had a problem with winbind talking to one to my ADS here,
>> not exactly like your situation, but the following might work, READ
>> THE WARNING, YMMV:
>>
>> stop winbind
>> stop nmb
>> stop smb
>>
>> cd /var/lib/samba(*?* not sure of location on RedHat)
>> rm -rfv winbind*
>>
>> # WARNING!##############################################################
>> # THE ABOVE WILL REMOVE ANY PREVIOUS RECORDED MAPPINGS FOR UID's ->
>> # SID's! NEW MAPPINGS WILL BE GENERATED THAT MOST CERTAINLY WILL NOT BE
>> # THE SAME UNLESS YOU USE
>> # idmap backend = idmap_rid:DOMAIN=1000-100000000
>> # idmap uid = 1000-100000000
>> # idmap gid = 1000-100000000
>> # PLEASE UNDERSTAND THE CONSEQUENCES OF idmap_rid BEFORE USING.
>> # WARNING!##############################################################
>>
>> rm secrets.tdb (located in /etc/samba on SuSE, RedHat ?)
>> net -U domain_admin ads join
>>
>> start nmb
>> start smb
>> start winbind
>>
>> I also have "use kerberos keytab = yes" in my /etc/samba/smb.conf
>>
>> Danna Dowdy wrote:
>>
>>> Platform is RedHat....
>>> $ ps -axc | grep winbind
>>> 4792 ? S 0:00 winbindd
>>> 4793 ? S 0:00 winbindd
>>>
>>>
>>> Michael Joyner wrote:
>>>
>>>> wbinfo -p is trying to tell you the wrong thing. :)
>>>>
>>>> ps axc | grep winbind
>>>>
>>>> if there is no output your winbind is not running.
>>>>
>>>> what is your platform?
>>>>
>>>> SuSE, RedHat, FreeBSD, Other?
>>>>
>>
>>>>> winbindd.log
>>>>> [2005/05/11 12:34:43, 1] libsmb/clikrb5.c:ads_krb5_mk_req(415)
>>>>> ads_krb5_mk_req: krb5_mk_req_extended failed (Ticket expired)
>>>>> [2005/05/11 12:34:43, 1]
>>>>> libsmb/cliconnect.c:cli_session_setup_kerberos(539)
>>>>> spnego_gen_negTokenTarg failed: Ticket expired
>>>>> [2005/05/11 12:34:43, 1]
>>>>> nsswitch/winbindd_ads.c:ads_cached_connection(81)
>>>>> ads_connect for domain DOMAIN failed: Cannot read password
>>>>> [2005/05/11 12:34:43, 1]
>>>>> nsswitch/winbindd_util.c:init_domain_list(322)
>>>>> Could not fetch sid for our domain DOMAIN
>>>>> [2005/05/11 12:34:43, 1]
>>>>> libsmb/cliconnect.c:cli_session_setup_kerberos(539)
>>>>> spnego_gen_negTokenTarg failed: No credentials cache found
>>>>>
>>>>>
>>>>>
>>>>
>>
More information about the samba
mailing list