[Samba] Fwd: Samba 3.025 wbinfo checking the trust secret via RPC calls failed

Gaiseric Vandal gaiseric.vandal at gmail.com
Thu May 31 21:53:10 GMT 2007 

Some additional info

The unix-level (non samba) authentication is configure for LDAP via
the /etc/nswitch.conf file.  I also have openldap installed from
sunfreeware, although it doesn't seem to have a pkgconfig file.  I am
not using LDAP authentication within samba.    I was able to create
samba accounts with pdbedit whether they were local or network
accounts.

Configuration gave me the following ..

# ./configure --prefix=/usr/local/samba.3025a
OR
# ./configure --prefix=/usr/local/samba.3025a  --with-ldap=no

..
configure: WARNING: netinet/ip.h: present but cannot be compiled
configure: WARNING: netinet/ip.h:     check for missing prerequisite headers?
configure: WARNING: netinet/ip.h: see the Autoconf documentation
configure: WARNING: netinet/ip.h:     section "Present But Cannot Be Compiled"
configure: WARNING: netinet/ip.h: proceeding with the preprocessor's result
configure: WARNING: netinet/ip.h: in the future, the compiler will
take precedence

make command have be lots of warnings about "option -o appears more
than once."
...
make
...
ld: warning: option -o appears more than once, first setting taken
Compiling nsswitch/winbind_nss_solaris.c
Compiling nsswitch/winbind_nss_linux.c
Linking nsswitch/libnss_winbind.so
ld: warning: option -o appears more than once, first setting taken
Compiling nsswitch/wins.c
Linking nsswitch/libnss_wins.so
..


I joined 2 Windows 2003 machines to the domain. I was able to log as
"administrator" and "root" but no other accounts, whether local or
not.   The user accounts them self seem OK-  it just seems to be a
winbind or trusts issue.

#  net user info myusername    --server pdc  --user "sambadomain\administrator"
Password: xxxx
myusergroup


# tail log.winbindd-idmap
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
  [ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
  [ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
  [ 6403]: sid to gid S-wxyz
[2007/05/31 16:29:51, 3] nsswitch/winbindd_async.c:winbindd_dual_sid2gid(xyz)
  [ 6403]: sid to gid S-wxyz
[2007/05/31 16:35:52, 3] nsswitch/winbindd_dual.c:child_read_request(51)
  Got invalid request length: 0

I tried building the software on another solaris 10 machine (which is
the LDAP server but is itself NOT an ldap client)   but got the same
"configure" errors.

I even tried running the autogen.sh file first.

I had no problem when I compiled 3.0.22.  I don't think I saw this
with 3.0.25 either.

Thanks


---------- Forwarded message ----------
From: Gaiseric Vandal <gaiseric.vandal at gmail.com>
Date: May 30, 2007 4:07 PM
Subject: Samba 3.025 wbinfo checking the trust secret via RPC calls failed
To: samba at lists.samba.org


I have compiled Samba 3.0.25a from source on a Solaris 10 machine.  I
had previously been testing Samba 3.0.24 (from packages on
www.sunfreeware.com) and have reused the smb.conf file.  Otherwise
this is a clean setup, not an upgrade.

The server is configured as a PDC for my domain "SAMBADOMAIN"

I created a samba password for the local root and administrator accounts.

I joined the server machine to its own domain

        pdc# net join sambadomain  -U root
        Password:

        Joined domain SAMBADOMAIN

        pdc#  bin/net rpc testjoin
        Join to SAMBADOMAIN is OK
        gopher#


I joined a Windows 2003 server to the domain.  All seems weel.

I tried establish trusts with another domain.    Either way this fails
with a warning that the trust         password was incorrect.   going
back a step,  I tried   to verify the trust to my own domain.


        pdc # ./wbinfo -t
        checking the trust secret via RPC calls failed
        error code was NT_STATUS_INVALID_HANDLE (0xc0000008)
        Could not check secret

        pdc# ./wbinfo --own-domain -t
        SAMBADOMAIN
        checking the trust secret via RPC calls failed
        error code was NT_STATUS_INVALID_HANDLE (0xc0000008)
        Could not check secret




This had worked with Samba 3.0.24.  Not sure if this is a winbind
issue.  my smb.conf file includes the following:



        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind enum users = yes
        winbind enum groups = yes

Thanks

More information about the samba mailing list