[Samba] Winbind is DISCONNECTED after restart

Peter Åstrand astrand at cendio.se
Thu Oct 13 14:24:41 GMT 2005 

On Thu, 13 Oct 2005, Gerald (Jerry) Carter wrote:

> | I'm experiencing a strange problem on one RHEL4 system
> | with Samba 3.0.20a. After restarting the Samba
> | and Winbind services, the domain connection doesn't
> | work any longer:
> |
> | # wbinfo --sequence
> | HA02 : 1
> | BUILTIN : 1
> | CRT : DISCONNECTED
> |
> | Before restarting, I got:
> |
> | # wbinfo --sequence
> | CRT : 254
>
> What does a level 10 debug log from winbindd say?  grep
> for the string "SEQUENCE".


[2005/10/12 05:31:07, 5] nsswitch/winbindd.c:winbind_client_read(477)
   read failed on sock 17, pid 8982: EOF
[2005/10/12 05:31:07, 10] nsswitch/winbindd.c:winbind_client_read(470)
   client_read: read 1824 bytes. Need 0 more for a full request.
[2005/10/12 05:31:07, 10] nsswitch/winbindd.c:process_request(321)
   process_request: request fn SHOW_SEQUENCE
[2005/10/12 05:31:07, 3] 
nsswitch/winbindd_misc.c:winbindd_show_sequence(165)
   [ 8982]: show sequence
[2005/10/12 05:31:07, 10] 
nsswitch/winbindd_cache.c:fetch_cache_seqnum(272)
   fetch_cache_seqnum: invalid data size key [SEQNUM/CRT]
[2005/10/12 05:31:07, 10] nsswitch/winbindd_rpc.c:sequence_number(817)
   rpc: fetch sequence_number for CRT
...
[2005/10/12 05:31:07, 10] 
nsswitch/winbindd_cache.c:store_cache_seqnum(325)
   store_cache_seqnum: success [CRT][4294967295 @ 1129105867]
[2005/10/12 05:31:07, 10] 
nsswitch/winbindd_cache.c:refresh_sequence_number(386)
   refresh_sequence_number: CRT seq number is now -1
[2005/10/12 05:31:07, 10] nsswitch/winbindd.c:client_write(524)
   client_write: wrote 1300 bytes.


> | The strange thing is that if I remove /etc/samba/secrets.tdb
> | before (re)starting Samba, this problem goes away.
> | Another really strange thing is that things works
> | correctly on an identical machine. The PDC is
> | running "Windows Server 2003 3790 Service Pack 1".
>
> removing secrets.tdb deletes the machine trust account
> password so winbindd has no membership in the domain
> any more.  It's like a user that fogets his or her password.

Yeah, I know. The strange thing is that this "solves" the problem (well, 
temporarily).


-- 
Peter Åstrand		Chief Developer
Cendio			www.thinlinc.com
Teknikringen 3		www.cendio.se
583 30 Linköping        Phone: +46-13-21 46 00

More information about the samba mailing list