Re-2: [Samba] Winbind is DISCONNECTED after restart
Peter Åstrand
astrand at cendio.se
Wed Oct 12 09:35:41 GMT 2005
On Wed, 12 Oct 2005, Stefan Kerkemeier wrote:
> ok you`re using 'security=domain' and a windows 2003 sp1 DC. Well recent
> security updates for Windows2003 (especially SP1) have changed the
> several RPC mechanisms to obtain group and user lists form DCs.
Yes, I know, but I was hoping for a workaround. If Samba/Winbind doesn't
work with 2003SP1 in domain mode, and no fix is available, then we have a
pretty sad situation, I think.
> Please consult the release notes of samba 3.0.20a for further informations.
I have done so. It recommends using "wbinfo --set-auth-user". I've tried
this as well, but it doesn't help.
(Another strange thing is that "wbinfo -A" isn't the same thing as
--set-user, it seems. Even so, the manpage refers to -A under
--get-auth-user, and it doesn't mention --set-user. What is going on here,
does "wbinfo -A" mean something different nowadays?)
Regards,
>>> -------- Original Message --------
>>> Subject: [Samba] Winbind is DISCONNECTED after restart (12-Okt-2005 10:08)
>>> From: Peter Åstrand <astrand at cendio.se>
>>> To: samba at lists.samba.org
>>>
>>>>
>>>>
>>>> I'm experiencing a strange problem on one RHEL4 system with Samba 3.0.
>> 20a.
>>>> After restarting the Samba and Winbind services, the domain connection
>>>> doesn't work any longer:
>>>>
>>>> # wbinfo --sequence
>>>> HA02 : 1
>>>> BUILTIN : 1
>>>> CRT : DISCONNECTED
>>>>
>>>> Before restarting, I got:
>>>>
>>>> # wbinfo --sequence
>>>> CRT : 254
>>>>
>>>> The strange thing is that if I remove /etc/samba/secrets.tdb before
>>>> (re)starting Samba, this problem goes away. Another really strange thing
>>>> is that things works correctly on an identical machine. The PDC is
>> running
>>>> "Windows Server 2003 3790 Service Pack 1".
>>>>
>>>> Any ideas? Our smb.conf looks like:
>>>>
>>>> [global]
>>>> workgroup = CRT
>>>> password server = *
>>>> security = domain
>>>> template shell = /bin/bash
>>>> winbind use default domain = yes
>>>> winbind separator = +
>>>> encrypt passwords = yes
>>>> log level = 2
>>>> idmap uid = 16777216-33554431
>>>> idmap gid = 16777216-33554431
--
Peter Åstrand Chief Developer
Cendio www.thinlinc.com
Teknikringen 3 www.cendio.se
583 30 Linköping Phone: +46-13-21 46 00
More information about the samba
mailing list