[Samba] ntlm_auth SID problem
Andrew Bartlett
abartlet at samba.org
Tue Oct 11 10:19:13 GMT 2005
On Mon, 2005-10-10 at 12:32 -0300, Marcello Mezzanotti wrote:
> Hello all
>
> Im using a linux box running CentOS 4.1 as a proxy server with user
> auth with an AD
> Its working for a long time, but suddenly this weekend the users cant
> authenticate anymore
>
> looking on logs i obtain this
>
> Oct 10 08:29:59 sol (ntlm_auth): [2005/10/10 08:29:59, 0]
> utils/ntlm_auth.c:get_require_membership_sid(237)
> Oct 10 08:29:59 sol (ntlm_auth): Winbindd lookupname failed to resolve
> VILLAS+SQUID into a SID!
>
> searching for this error on google i tried on ntlm_auth command to
> change the DOMAIN+GROUP to SID and with SID works fine
The problem is that ntlm_auth does the name2sid call once at startup.
If this call doesn't work then, it has problems, which is why I suggest
storing the SID for maximum reliability. Perhaps your DC was down when
squid started?
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20051011/d61263c6/attachment.bin
More information about the samba
mailing list