[Samba] Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"

Mark Taylor mky at talk21.com
Tue Dec 2 14:51:31 GMT 2008 

Hi Samba Bods, 

Sorry for re-posting this one but I got no response to my last post except
for a level 10 logs request which I uploaded last week. 

I have been looking at numerous howtos and newsgroup postings and I cannot
spot what the issue is. I am sure its a simple config issue, but I am lost
..

I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using
"security = SERVER" in the smb.conf works fine, however I am having
some issues when using "security = ADS" ..

I have followed numerous HOWTOs and newsgroup listings and seem to be
going round in circles ..

I think I can authenticate ok against the domain win2k3 server, but
then Samba bombs out with the following errors fvrom smbclient on the
host:

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)

Also mapping from a windows system just gives the message "The mapped
network drive could not be created because the following error has
occured: The specified network name is no longer available."

Excuse the LIBPATH stuff it is to get around kinit and klist not
working if I set the variable permanently.  I was originally using
3.0.28 pre-compiled from samba.org and got the same issues.

So, I think I am authenticating ok .. but where to go from here
because I get the "session setup failed: Call returned zero bytes
(EOF)" error and I can see  the following errors in the "smbd.log"

$ cat smbd.log
<snip>
[2008/11/25 14:49:43,  2] lib/messages_local.c:message_notify(270)
message to process 94214 failed - No such process
[2008/11/25 14:49:43,  2] lib/messages_local.c:messaging_tdb_send(358)
pid 94214 doesn't exist - deleting messages record
[2008/11/25 14:49:43,  2] lib/messages.c:traverse_fn(127)
pid 94214 doesn't exist - deleting connections -1 []
<snip>

###-----------------------------------------###
... some back ground and config ..
###----------------------------------------###

$ cat /etc/smb.conf
# Samba config file created using SWAT
# from ##.##.223.72 (##.##.223.72)
# Date: 2008/11/21 16:29:18

[global]
        workgroup = UK
        realm = UK.DOMAIN.NET
        netbios name = myhostname
        netbios aliases = MYHOSTNAME
        server string = Samba:  version %v, host %h
        security = ADS
        encrypt passwords = yes
        log file = /var/log/samba/log.%m
        log level = 10
        max log size = 2048
        auth methods = winbind
        password server = my_password_server.uk.domain.net
        max log size = 2048
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        ldap ssl = no
        passdb backend = tdbsam
        idmap backend = ad
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind nss info = rfc2307
        winbind separator = +
        winbind use default domain = Yes
        winbind enum users = yes
        winbind enum groups = yes
        template homedir = /home/%U
        template shell = /bin/ksh
        ldap suffix = "dc=uk,dc=domain.net"
        client use spnego = yes
        client signing = yes

[sambatest]
        path = /tmp/sambatest
        valid users = UK+username
        read only = No
        writable=yes
        browseable=yes
        create mask = 0770

[homes]
        comment = Home Directories
        browseable = no
        writeable = yes
        create mask = 0640

$ cat /etc/krb5.conf
[logging]
        default = FILE:/var/log/krb5libs.log
        kdc = FILE:/var/log/krb5kdc.log
        admin_server = FILE:/var/log/kadmind.log

[libdefaults]
        default_realm = UK.DOMAIN.NET
        default_tkt_enctypes = des-cbc-md5 des-cbc-crc
        default_tgs_enctypes = des-cbc-md5 des-cbc-crc

[realms]
        UK.DOMAIN.NET = {
                kdc = my_password_server.uk.domain.net
                admin_server = my_password_server.uk.domain.net
                default_domain = uk.domain.net
        }

[domain_realm]
        .uk.domain.net = UK.DOMAIN.NET
        uk.domain.net = UK.DOMAIN.NET

$ cat  /usr/lib/security/methods.cfg

WINBIND:
        program = /usr/lib/security/WINBIND
        options = debug

KRB5A:
        program = /usr/lib/security/KRB5A
        options = authonly

KRB5Afiles:
        options = db=BUILTIN,auth=KRB5A

## WINBIND copied in from /usr/local/samba/sbin
$ ls -l /usr/lib/security/WINBIND
-rwxr-xr-x    1 root     system      9381212 25 Nov 09:57 /usr/lib/
security/WINBIND

$ grep -p WINBIND /etc/security/user
default:
        admin = false
        login = true
        su = false
        daemon = true
        rlogin = false
        sugroups = ALL
        admgroups =
        ttys = ALL
        auth1 = SYSTEM
        auth2 = NONE
        tpath = nosak
        umask = 027
        expires = 0
        SYSTEM = "WINBIND or compat"
        logintimes =
        pwdwarntime = 0
        account_locked = false
        loginretries = 5
        histexpire = 0
        histsize = 4
        minage = 0
        maxage = 12
        maxexpired = -1
        minalpha = 1
        minother = 1
        minlen = 8
        mindiff = 0
        maxrepeats = 4
        dictionlist =
        pwdchecks =

$ echo password | kinit ad... at UK.DOMAIN.NET
Password for ad... at UK.DOMAIN.NET:
Done!
New ticket is stored in cache file //krb5cc_root
$ klist -e

Credentials cache: //krb5cc_root
Default principal: ad... at UK.DOMAIN.NET
Number of entries: 1

[1] Service principal: krbtgt/UK.DOMAIN.... at UK.DOMAIN.NET
        Valid starting: 26 November 2008 at 13:31:58
        Expires: 26 November 2008 at 23:31:58

        Encryption type: DES CBC mode with MD5

$  /etc/rc.d/init.d/samba start
Info: Starting Samba...
Info: /usr/sbin/nmbd [OK]
Info: /usr/sbin/smbd [OK]
Info: /usr/lib/security/WINBIND [OK]

$  /etc/rc.d/init.d/samba status
Info: Samba Running.
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 299050 303186   0 13:34:09      -  0:00 /usr/sbin/smbd -D
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 303186      1   5 13:34:09      -  0:00 /usr/sbin/smbd -D
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 327746 417800  15 13:34:10      -  0:00 /usr/lib/security/
WINBIND
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 340002 417800  15 13:34:11      -  0:00 /usr/lib/security/
WINBIND
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 389346      1   6 13:34:08      -  0:00 /usr/sbin/nmbd -D
     UID    PID   PPID   C    STIME    TTY  TIME CMD
    root 417800      1  15 13:34:10      -  0:00 /usr/lib/security/
WINBIND

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads testjoin -U admin
Join is OK

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads join -U  admin%password
Using short domain name -- UK
Joined MYHOSTNAME to realm 'uk.domain.net'

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo -a "uk+myusername"%mypassword
plaintext password authentication succeeded
challenge/response password authentication succeeded

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo --set-auth-user=admin%password
$ echo $?
0

$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)


Any help greatly appreciated ..
Cheers
Mark http://www.nabble.com/file/p20793719/sambalogs-L10-1.tar.gz
sambalogs-L10-1.tar.gz 
-- 
View this message in context: http://www.nabble.com/Samba-ADS-Error-%22Session-setup-failed%3A-Call-returned-zero-bytes-%28EOF%29%22-tp20793719p20793719.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list