[Samba] rfc2307 - 3.0.24
David W. Chapman Jr.
chapman at petris.com
Wed Jun 27 02:38:46 GMT 2007
I'm running samba 3.0.24 (the latest package that seems to be available for
Ubuntu 7). I have a Windows 2003 AD with the R2/RFC2307 schema loaded. I
would prefer to use the 3.0.24 package if possible unless there is an ubuntu
package for 3.0.25. Any suggestions would be appreciated.
Wbinfo -u and -g appear to work great. Net ads testjoin comes back
successful.
In log.winbindd-idmap I get a lot of these
[2007/06/26 20:09:13, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute
'gidNumber'
[2007/06/26 20:09:13, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute
'gidNumber'
[2007/06/26 20:09:13, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute
'gidNumber'
[2007/06/26 20:09:13, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
Which I believe is causing a lot of these
[2007/06/26 20:08:09, 1] smbd/sesssetup.c:reply_spnego_kerberos(310)
Username DOMAIN\PBROWNXP1$ is invalid on this system
[2007/06/26 20:08:09, 1] smbd/sesssetup.c:reply_spnego_kerberos(310)
Username DOMAIN\chapman is invalid on this system
Turning up the debugging a notch, I see entries such as
[2007/06/26 15:40:49, 3] libsmb/namequery.c:resolve_wins(839)
resolve_wins: WINS server resolution selected and no WINS servers listed.
[2007/06/26 15:40:49, 3] libsmb/namequery.c:name_resolve_bcast(778)
name_resolve_bcast: Attempting broadcast lookup for name DOMAIN<0x1c>
[2007/06/26 15:40:49, 4] libsmb/namequery.c:get_dc_list(1454)
get_dc_list: no servers found
[2007/06/26 15:40:49, 5] libsmb/namequery.c:saf_fetch(105)
saf_fetch: failed to find server for "DOMAIN.COM" domain
[2007/06/26 15:40:49, 3] libsmb/namequery.c:get_dc_list(1426)
get_dc_list: preferred server list: ", *"
[2007/06/26 15:40:49, 5] libsmb/namecache.c:namecache_fetch(195)
no entry for DOMAIN.COM#1C found.
[2007/06/26 15:40:49, 4] libsmb/namequery.c:get_dc_list(1454)
get_dc_list: no servers found
in log.smbd with logging set to level 3 I'm getting the following
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(691)
NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002
5.1] PrimaryDomain=[]
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_spnego_negotiate(551)
Got OID 1 2 840 48018 1 2 2
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_spnego_negotiate(551)
Got OID 1 2 840 113554 1 2 2
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_spnego_negotiate(551)
Got OID 1 3 6 1 4 1 311 2 2 10
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_spnego_negotiate(554)
Got secblob of size 1309
[2007/06/26 21:36:19, 3] smbd/sesssetup.c:reply_spnego_kerberos(207)
Ticket name is [chapman at DOMAIN.COM]
[2007/06/26 21:36:19, 1] smbd/sesssetup.c:reply_spnego_kerberos(310)
Username DOMAIN\chapman is invalid on this system
[2007/06/26 21:36:19, 3] smbd/error.c:error_packet(146)
error packet at smbd/sesssetup.c(315) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
Below is my smb.conf
# Samba config file created using SWAT
# from 172.16.30.30 (172.16.30.30)
# Date: 2007/06/26 20:06:59
[global]
workgroup = DOMAIN
realm = DOMAIN.COM
security = ADS
idmap backend = ad
idmap uid = 1000-10000
idmap gid = 1000-10000
winbind enum users = Yes
winbind enum groups = Yes
winbind nss info = rfc2307
[data]
path = /data
read only = No
More information about the samba
mailing list