[Samba] Samba ADS Error "Session setup failed: Call returned zero
bytes (EOF)"
Mark Taylor
mky at talk21.com
Tue Dec 2 14:51:31 GMT 2008
Hi Samba Bods,
Sorry for re-posting this one but I got no response to my last post except
for a level 10 logs request which I uploaded last week.
I have been looking at numerous howtos and newsgroup postings and I cannot
spot what the issue is. I am sure its a simple config issue, but I am lost
..
I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using
"security = SERVER" in the smb.conf works fine, however I am having
some issues when using "security = ADS" ..
I have followed numerous HOWTOs and newsgroup listings and seem to be
going round in circles ..
I think I can authenticate ok against the domain win2k3 server, but
then Samba bombs out with the following errors fvrom smbclient on the
host:
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)
Also mapping from a windows system just gives the message "The mapped
network drive could not be created because the following error has
occured: The specified network name is no longer available."
Excuse the LIBPATH stuff it is to get around kinit and klist not
working if I set the variable permanently. I was originally using
3.0.28 pre-compiled from samba.org and got the same issues.
So, I think I am authenticating ok .. but where to go from here
because I get the "session setup failed: Call returned zero bytes
(EOF)" error and I can see the following errors in the "smbd.log"
$ cat smbd.log
<snip>
[2008/11/25 14:49:43, 2] lib/messages_local.c:message_notify(270)
message to process 94214 failed - No such process
[2008/11/25 14:49:43, 2] lib/messages_local.c:messaging_tdb_send(358)
pid 94214 doesn't exist - deleting messages record
[2008/11/25 14:49:43, 2] lib/messages.c:traverse_fn(127)
pid 94214 doesn't exist - deleting connections -1 []
<snip>
###-----------------------------------------###
... some back ground and config ..
###----------------------------------------###
$ cat /etc/smb.conf
# Samba config file created using SWAT
# from ##.##.223.72 (##.##.223.72)
# Date: 2008/11/21 16:29:18
[global]
workgroup = UK
realm = UK.DOMAIN.NET
netbios name = myhostname
netbios aliases = MYHOSTNAME
server string = Samba: version %v, host %h
security = ADS
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 10
max log size = 2048
auth methods = winbind
password server = my_password_server.uk.domain.net
max log size = 2048
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
passdb backend = tdbsam
idmap backend = ad
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind nss info = rfc2307
winbind separator = +
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%U
template shell = /bin/ksh
ldap suffix = "dc=uk,dc=domain.net"
client use spnego = yes
client signing = yes
[sambatest]
path = /tmp/sambatest
valid users = UK+username
read only = No
writable=yes
browseable=yes
create mask = 0770
[homes]
comment = Home Directories
browseable = no
writeable = yes
create mask = 0640
$ cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = UK.DOMAIN.NET
default_tkt_enctypes = des-cbc-md5 des-cbc-crc
default_tgs_enctypes = des-cbc-md5 des-cbc-crc
[realms]
UK.DOMAIN.NET = {
kdc = my_password_server.uk.domain.net
admin_server = my_password_server.uk.domain.net
default_domain = uk.domain.net
}
[domain_realm]
.uk.domain.net = UK.DOMAIN.NET
uk.domain.net = UK.DOMAIN.NET
$ cat /usr/lib/security/methods.cfg
WINBIND:
program = /usr/lib/security/WINBIND
options = debug
KRB5A:
program = /usr/lib/security/KRB5A
options = authonly
KRB5Afiles:
options = db=BUILTIN,auth=KRB5A
## WINBIND copied in from /usr/local/samba/sbin
$ ls -l /usr/lib/security/WINBIND
-rwxr-xr-x 1 root system 9381212 25 Nov 09:57 /usr/lib/
security/WINBIND
$ grep -p WINBIND /etc/security/user
default:
admin = false
login = true
su = false
daemon = true
rlogin = false
sugroups = ALL
admgroups =
ttys = ALL
auth1 = SYSTEM
auth2 = NONE
tpath = nosak
umask = 027
expires = 0
SYSTEM = "WINBIND or compat"
logintimes =
pwdwarntime = 0
account_locked = false
loginretries = 5
histexpire = 0
histsize = 4
minage = 0
maxage = 12
maxexpired = -1
minalpha = 1
minother = 1
minlen = 8
mindiff = 0
maxrepeats = 4
dictionlist =
pwdchecks =
$ echo password | kinit ad... at UK.DOMAIN.NET
Password for ad... at UK.DOMAIN.NET:
Done!
New ticket is stored in cache file //krb5cc_root
$ klist -e
Credentials cache: //krb5cc_root
Default principal: ad... at UK.DOMAIN.NET
Number of entries: 1
[1] Service principal: krbtgt/UK.DOMAIN.... at UK.DOMAIN.NET
Valid starting: 26 November 2008 at 13:31:58
Expires: 26 November 2008 at 23:31:58
Encryption type: DES CBC mode with MD5
$ /etc/rc.d/init.d/samba start
Info: Starting Samba...
Info: /usr/sbin/nmbd [OK]
Info: /usr/sbin/smbd [OK]
Info: /usr/lib/security/WINBIND [OK]
$ /etc/rc.d/init.d/samba status
Info: Samba Running.
UID PID PPID C STIME TTY TIME CMD
root 299050 303186 0 13:34:09 - 0:00 /usr/sbin/smbd -D
UID PID PPID C STIME TTY TIME CMD
root 303186 1 5 13:34:09 - 0:00 /usr/sbin/smbd -D
UID PID PPID C STIME TTY TIME CMD
root 327746 417800 15 13:34:10 - 0:00 /usr/lib/security/
WINBIND
UID PID PPID C STIME TTY TIME CMD
root 340002 417800 15 13:34:11 - 0:00 /usr/lib/security/
WINBIND
UID PID PPID C STIME TTY TIME CMD
root 389346 1 6 13:34:08 - 0:00 /usr/sbin/nmbd -D
UID PID PPID C STIME TTY TIME CMD
root 417800 1 15 13:34:10 - 0:00 /usr/lib/security/
WINBIND
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads testjoin -U admin
Join is OK
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads join -U admin%password
Using short domain name -- UK
Joined MYHOSTNAME to realm 'uk.domain.net'
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo -a "uk+myusername"%mypassword
plaintext password authentication succeeded
challenge/response password authentication succeeded
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo --set-auth-user=admin%password
$ echo $?
0
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)
Any help greatly appreciated ..
Cheers
Mark http://www.nabble.com/file/p20793719/sambalogs-L10-1.tar.gz
sambalogs-L10-1.tar.gz
--
View this message in context: http://www.nabble.com/Samba-ADS-Error-%22Session-setup-failed%3A-Call-returned-zero-bytes-%28EOF%29%22-tp20793719p20793719.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list