[Samba] Winbind - wbinfo -u works, getent passwd only gives local users

David Lee dnl at f2s.com
Tue May 15 22:41:19 GMT 2007 

I only have limited Samba experience, and expect this is a silly mistake, but 
have been unable to find a solution

I have installed Samba and Winbind on my desktop Linux (Debian) machine 
(SPARKSTONELX), aiming to unify logins with other windows machines accessing 
the PDC, again samba/Debian, with tdbsam password backend. All is well, 
joining the domain, and getting account details using wbinfo -u, but getent 
passwd only gives the local account details.

The log file on the PDC (FILESTONE) reports 

[2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242)
  get_md4pw: Workstation SPARKSTONELX$: no account in domain
[2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461)
  _net_auth2: failed to get machine password for account SPARKSTONELX$: 
NT_STATUS_ACCESS_DENIED

[2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259)
  group sparkstonelx$ in domain STONES does not exist

and on the Linux desktop

[2007/05/15 22:30:18, 1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remo
te machine FILESTONE pipe \lsarpc fnum 0x767a!
[2007/05/15 22:30:18, 1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
  cli_pipe_validate_current_pdu: Bind NACK received from remote 
machinesparkstonelx:/var/log/samba# wbinfo --own-domain
STONES
sparkstonelx:/var/log/samba# wbinfo -t
checking the trust secret via RPC calls succeeded
sparkstonelx:/var/log/samba# wbinfo -D stones
Name              : STONES
Alt_Name          :
SID               : S-1-5-21-835963941-2627181251-1431239077
Active Directory  : No
Native            : No
Primary           : Yes
Sequence          : 1179266454
 FILESTONE pipe \samr
 fnum 0x767b!
[2007/05/15 22:30:18, 0] 
rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
  cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error 
NT_STATUS_NETWORK_
ACCESS_DENIED
[2007/05/15 22:30:18, 1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
  cli_pipe_validate_current_pdu: Bind NACK received from remote machine 
FILESTONE pipe \lsar
pc fnum 0x767e!
[2007/05/15 22:30:18, 0] 
rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
  cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error 
NT_STATUS_NETWORK_
ACCESS_DENIED

but 

sparkstonelx:/var/log/samba# wbinfo --own-domain
STONES
sparkstonelx:/var/log/samba# wbinfo -t
checking the trust secret via RPC calls succeeded
sparkstonelx:/var/log/samba# wbinfo -D stones
Name              : STONES
Alt_Name          :
SID               : S-1-5-21-835963941-2627181251-1431239077
Active Directory  : No
Native            : No
Primary           : Yes
Sequence          : 1179266454

Any ideas?

My network is about 6 machines in a Christian community, some being XP home, 
which limits my possible security settings!
-- 
David Lee
----------------------------
Living Stones, Flore, UK

More information about the samba mailing list