[Samba] Fwd: Samba 3.025 wbinfo checking the trust secret via RPC
calls failed
Gaiseric Vandal
gaiseric.vandal at gmail.com
Thu May 31 21:53:10 GMT 2007
Some additional info
The unix-level (non samba) authentication is configure for LDAP via
the /etc/nswitch.conf file. I also have openldap installed from
sunfreeware, although it doesn't seem to have a pkgconfig file. I am
not using LDAP authentication within samba. I was able to create
samba accounts with pdbedit whether they were local or network
accounts.
Configuration gave me the following ..
# ./configure --prefix=/usr/local/samba.3025a
OR
# ./configure --prefix=/usr/local/samba.3025a --with-ldap=no
..
configure: WARNING: netinet/ip.h: present but cannot be compiled
configure: WARNING: netinet/ip.h: check for missing prerequisite headers?
configure: WARNING: netinet/ip.h: see the Autoconf documentation
configure: WARNING: netinet/ip.h: section "Present But Cannot Be Compiled"
configure: WARNING: netinet/ip.h: proceeding with the preprocessor's result
configure: WARNING: netinet/ip.h: in the future, the compiler will
take precedence
make command have be lots of warnings about "option -o appears more
than once."
...
make
...
ld: warning: option -o appears more than once, first setting taken
Compiling nsswitch/winbind_nss_solaris.c
Compiling nsswitch/winbind_nss_linux.c
Linking nsswitch/libnss_winbind.so
ld: warning: option -o appears more than once, first setting taken
Compiling nsswitch/wins.c
Linking nsswitch/libnss_wins.so
..
I joined 2 Windows 2003 machines to the domain. I was able to log as
"administrator" and "root" but no other accounts, whether local or
not. The user accounts them self seem OK- it just seems to be a
winbind or trusts issue.
# net user info myusername --server pdc --user "sambadomain\administrator"
Password: xxxx
myusergroup
# tail log.winbindd-idmap
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
[ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
[ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
[ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
[ 6403]: sid to gid S-wxyz
[2007/05/31 16:35:52, 3] nsswitch/winbindd_dual.c:child_read_request(51)
Got invalid request length: 0
I tried building the software on another solaris 10 machine (which is
the LDAP server but is itself NOT an ldap client) but got the same
"configure" errors.
I even tried running the autogen.sh file first.
I had no problem when I compiled 3.0.22. I don't think I saw this
with 3.0.25 either.
Thanks
---------- Forwarded message ----------
From: Gaiseric Vandal <gaiseric.vandal at gmail.com>
Date: May 30, 2007 4:07 PM
Subject: Samba 3.025 wbinfo checking the trust secret via RPC calls failed
To: samba at lists.samba.org
I have compiled Samba 3.0.25a from source on a Solaris 10 machine. I
had previously been testing Samba 3.0.24 (from packages on
www.sunfreeware.com) and have reused the smb.conf file. Otherwise
this is a clean setup, not an upgrade.
The server is configured as a PDC for my domain "SAMBADOMAIN"
I created a samba password for the local root and administrator accounts.
I joined the server machine to its own domain
pdc# net join sambadomain -U root
Password:
Joined domain SAMBADOMAIN
pdc# bin/net rpc testjoin
Join to SAMBADOMAIN is OK
gopher#
I joined a Windows 2003 server to the domain. All seems weel.
I tried establish trusts with another domain. Either way this fails
with a warning that the trust password was incorrect. going
back a step, I tried to verify the trust to my own domain.
pdc # ./wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_INVALID_HANDLE (0xc0000008)
Could not check secret
pdc# ./wbinfo --own-domain -t
SAMBADOMAIN
checking the trust secret via RPC calls failed
error code was NT_STATUS_INVALID_HANDLE (0xc0000008)
Could not check secret
This had worked with Samba 3.0.24. Not sure if this is a winbind
issue. my smb.conf file includes the following:
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
Thanks
More information about the samba
mailing list