[Samba] samba problems. accounts expire after a hour,
but work after reset
Collen Blijenberg
collen at hermanjordan.nl
Wed Feb 28 13:11:47 GMT 2007
Hello I'm having some strange problems with samba 3.0.23d (PDC) on my FC6
if i start samba, everything works fine, but after an hour orso(some
times 2 hours if there is not mutch traffic)
machines and user accounts start expiring.
i don't know why, but it is ?! after i do a restart, samba comes up and
works again.
i checked the mysql server (coz' i use pdb-sql as backend) but the sql
query's get executed and value's are returned. (even if goes into bug-mode)
so that part works ok!, all i can think of is that tdb files get
corrupted ??
the funny part is that i also have a BDC running the same samba version
and sql version, and that one has no prob's ad all
(only the smb.conf is differed and the netbios name)
but on the counter part, the bdc isn't really doing anything, ot's not
serving shares or printers actively..
some input would be nice, coz' i really have no idea where to look... ???
Thx, Collen
I get error's like these:
---------------------------
[2007/02/27 09:48:26, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2007/02/27 09:48:26, 5] auth/auth_util.c:is_trusted_domain(2020)
is_trusted_domain: Checking for domain trust with [JORDANET]
[2007/02/27 09:48:26, 5]
passdb/secrets.c:secrets_fetch_trusted_domain_password(340)
secrets_fetch failed!
[2007/02/27 09:48:26, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/02/27 09:48:26, 10] lib/gencache.c:gencache_get(329)
Cache entry with key = TDOM/JORDANET couldn't be found
[2007/02/27 09:48:26, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184)
no entry for trusted domain JORDANET found.
[2007/02/27 09:48:26, 5] auth/auth_util.c:make_user_info(75)
attempting to make a user_info for ()
[2007/02/27 09:48:26, 5] auth/auth_util.c:make_user_info(85)
making strings for 's user_info struct
===================
[2007/02/27 09:48:42, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0
[2007/02/27 09:48:42, 0] rpc_server/srv_netlog_nt.c:get_md4pw(258)
get_md4pw: Workstation C6-2$: account is not a trust account
[2007/02/27 09:48:42, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461)
_net_auth2: failed to get machine password for account C6-2$:
NT_STATUS_NO_TRUST_SAM_ACCOUNT
[2007/02/27 09:48:42, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 net_io_r_auth_2
=========================
[2007/02/27 12:09:16, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: Checking password for unmapped user
[JORDANET]\[ralph]@[D8-1] with the new password interface
[2007/02/27 12:09:16, 3] auth/auth.c:check_ntlm_password(224)
check_ntlm_password: mapped user is: [JORDANET]\[ralph]@[D8-1]
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 2] pdb_mysql.c:mysqlsam_select_by_field(292)
Executing query SELECT
logon_time,logoff_time,kickoff_time,pass_last_set_time,pass_can_change_time,pass_must_change_time,username,domain,nt_username,nt_fullname,home_dir,dir_drive,logon_script,profile_path,acct_desc,workstations,unknown_str,munged_dial,user_sid,group_sid,lm_pw,nt_pw,NULL,acct_ctrl,logon_divs,hours_len,bad_password_count,logon_count,unknown_6,logon_hours,password_history
FROM user WHERE username = 'ralph'
[2007/02/27 12:09:16, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1015)
fetch gid from cache 1001 -> S-1-5-21-1968991162-2130249723-1959552931-513
[2007/02/27 12:09:16, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1015)
fetch gid from cache 1001 -> S-1-5-21-1968991162-2130249723-1959552931-513
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] libsmb/ntlm_check.c:ntlm_password_check(344)
ntlm_password_check: NT MD4 password check failed for user lldummanne
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2007/02/27 12:09:16, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/02/27 12:09:16, 3] auth/auth_winbind.c:check_winbind_security(80)
check_winbind_security: Not using winbind, requested domain [JORDANET]
was for this SAM.
[2007/02/27 12:09:16, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [ralph] -> [ralph]
FAILED with error NT_STATUS_WRONG_PASSWORD
[2007/02/27 12:09:16, 3] smbd/error.c:error_packet(146)
error packet at smbd/sesssetup.c(99) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
------------------
smb.conf:
-----------
# Global parameters
[global]
workgroup = Jordanet
server string =
netbios name = STATLER
netbios aliases = HERMES
interfaces = 192.168.2.2
bind interfaces only = yes
# socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
# socket options = TCP_NODELAY SO_KEEPALIVE IPTOS_LOWDELAY
socket options = TCP_NODELAY
name resolve order = wins host bcast
security = user
preferred master = yes
domain master = yes
domain logons = Yes
local master = yes
os level = 66
map to guest = Never
encrypt passwords = yes
update encrypted = no
obey pam restrictions = no
pam password change = no
unix password sync = no
null passwords = no
wins support = yes
dns proxy = no
host msdfs = NO
msdfs root = NO
syslog = 0
log level = 3
log file = /usr/local/samba/var/samba.log
deadtime = 30
kernel oplocks = no
locking = no
oplocks = no
level2 oplocks = no
posix locking = no
strict locking = no
time server = yes
admin users = root, collen, admin
utmp directory = /var/run
wtmp directory = /var/log
utmp = yes
#---------------------------------------------------------
guest account = nobody
passdb backend = mysql:mysql
mysql:mysql host = 192.168.2.2
mysql:mysql user = samba
mysql:mysql password = <NOT-HERE>
mysql:mysql database = samba
idmap uid = 10000-15000
idmap gid = 10000-15000
#-----------------------------------------------------------------------------
add user script = /usr/local/samba/scripts/user_add %u 1>>
/usr/local/samba/scripts/debug.txt 2>> /usr/local/samba/scripts/debug.txt
delete user script = /usr/local/samba/scripts/user_del %u
add group script = /usr/local/samba/scripts/group_add %g %u %U
delete group script = /usr/local/samba/scripts/group_del %g
add user to group script = /usr/local/samba/scripts/member_add %u %g
delete user from group script = /usr/local/samba/scripts/member_del
%u %g 1>> /usr/local/samba/scripts/debug.txt 2>>
/usr/local/samba/scripts/debug.txt
set primary group script = /usr/local/samba/scripts/prim_mem %g %u %U
add machine script = /usr/local/samba/scripts/machine_add %u 1>>
/usr/local/samba/scripts/log/mach.txt 2>>
/usr/local/samba/scripts/log/mach.txt
shutdown script = /usr/local/samba/scripts/user
abort shutdown script = /usr/local/samba/scripts/user
dfree command = /usr/local/samba/scripts/dfree %U 1>>
/usr/local/samba/var/debug.txt
#--------------- PRINTER ---------------------------------
printing = bsd
print command = /usr/local/samba/scripts/printcmd %p %s %u %m %c 1>>
/usr/local/samba/var/print.txt 2>> /usr/local/samba/var/debug.txt
#------------------------------------------------
[admin]
path = /Jordanet/homes/medewerkers/admin
comment = "Home Directory Admin"
read only = No
browseable = No
public = no
admin users = root, collen,admin
[mlhj]
path = /Jordanet/homes/medewerkers/mlhj
comment = "Home Directory mlhj"
read only = No
browseable = No
public = no
inherit permissions = yes
admin users = root, collen, admin, mlhj
#------------------------------------------------
[homes]
comment = "Home Directory for %U"
read only = No
browseable = No
public = no
guest ok = no
veto files =
/*.exe/*.EXE/*.com/*.COM/*.bat/*.BAT/*.vbs/*.VBS/*.js/*.JS/*.pif/*.PIF/*.lnk/*.LNK/*.nfo/*.NFO/*.scr/*.SCR/*.msi/*.MSI/*.cmd/*.CMD/
inherit permissions = yes
inherit acls = yes
[netlogon]
comment = "Netlogon Share"
path = /Jordanet/NETLOGON
Guest ok = yes
writable = no
share modes = no
[Jordanet]
comment = "Admin"
path = /Jordanet
public = yes
browseable = no
writable = yes
valid users = root, collen, admin
nt acl support = yes
create mode = 0670
directory mode = 0770
inherit permissions = yes
inherit acls = yes
[profiles]
comment = "desktops"
path = /Jordanet/profiles
public = yes
read only = no
browseable = yes
writable = yes
csc policy = disable
hide files = /*desktop.ini*/
profile acls = yes
inherit permissions = no
inherit acls = no
[aurawin]
comment = "aura share"
path = /Jordanet/aurawin
public = yes
browseable = yes
writable = yes
hide files = /*aurawin*/
[updates]
comment = "MLHJ Updates"
path = /Jordanet/updates
public = yes
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
-- end
More information about the samba
mailing list