[Samba] machine being dropped from ads

Kyle Corupe kcorupe at corpedia.com
Tue May 6 17:28:53 GMT 2008 

I checked, and the user account I created "samba" on the AD server is set
for his password to NOT expire. He was also added to the Domain Admin group.
But is there any other setup on the windows side?

I setup some monitoring to check when winbind could no longer lookup users,
and when I got the alert I checked the logs and here's what I can see, not
sure what is causing it at all still though. As soon as I restart winbind
its working fine again.


May  5 20:46:13 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13350]: request interface version
May  5 20:46:18 beedril winbindd[13167]: [2008/05/05 20:46:18, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:46:18 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13352]: request interface version
May  5 20:46:18 beedril winbindd[13167]: [2008/05/05 20:46:18, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:55:30 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13380]: request interface version
May  5 20:55:30 beedril winbindd[13167]: [2008/05/05 20:55:30, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:55:30 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13380]: request interface version
May  5 20:55:30 beedril winbindd[13167]: [2008/05/05 20:55:30, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:57:26 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13405]: request interface version
May  5 20:57:26 beedril winbindd[13167]: [2008/05/05 20:57:26, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:57:26 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13405]: request interface version
May  5 20:57:26 beedril winbindd[13167]: [2008/05/05 20:57:26, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:59:22 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13429]: request interface version
May  5 20:59:22 beedril winbindd[13167]: [2008/05/05 20:59:22, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 20:59:22 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13429]: request interface version
May  5 20:59:22 beedril winbindd[13167]: [2008/05/05 20:59:22, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:02 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13453]: request interface version
May  5 21:01:02 beedril winbindd[13167]: [2008/05/05 21:01:02, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:02 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13453]: request interface version
May  5 21:01:02 beedril winbindd[13167]: [2008/05/05 21:01:02, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:13 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13477]: request interface version
May  5 21:01:13 beedril winbindd[13167]: [2008/05/05 21:01:13, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:13 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13477]: request interface version
May  5 21:01:13 beedril winbindd[13167]: [2008/05/05 21:01:13, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:13 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13502]: request interface version
May  5 21:01:18 beedril winbindd[13167]: [2008/05/05 21:01:18, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:18 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13504]: request interface version
May  5 21:01:18 beedril winbindd[13167]: [2008/05/05 21:01:18, 0]
lib/util_str.c:safe_strcpy_fn(659)
May  5 21:01:34 beedril winbindd[13167]:   ERROR: string overflow by 1 (256
- 255) in safe_strcpy [ERROR: string overflow by 1 (256 - 255) in
safe_strcpy [[13456]: request interface version
May  5 21:01:34 beedril winbindd[13167]: [2008/05/05 21:01:34, 0]
lib/util_sock.c:write_data(564)
May  5 21:01:34 beedril winbindd[13167]:   write_data: write failure. Error
= Connection reset by peer
May  5 21:01:34 beedril winbindd[13167]: [2008/05/05 21:01:34, 0]
libsmb/clientgen.c:write_socket(159)
May  5 21:01:34 beedril winbindd[13167]:   write_socket: Error writing 104
bytes to socket 18: ERRNO = Connection reset by peer
May  5 21:01:34 beedril winbindd[13167]: [2008/05/05 21:01:34, 0]
libsmb/clientgen.c:cli_send_smb(189)
May  5 21:01:34 beedril winbindd[13167]:   Error writing 104 bytes to
client. -1 (Connection reset by peer)


On Mon, May 5, 2008 at 4:01 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Mon, 2008-05-05 at 09:54 -0700, Kyle Corupe wrote:
> > I've noticed this happening quite often, my server after a while gets
> > dropped from the domain controller. I join it like this...
> >
> > net ads join -U samba at CORPEDIA.INTERNAL -S
> windowsserver.corpeda.internal
> >
> > I came in this morning and noticed that I could not login to my shares,
> so I
> > did a net ads info. and it came back with could not find any login
> servers.
> > I re-ran the above command, and restarted smb and winbind. And
> everything is
> > working again.
> >
> > Would anyone know why this is happening?
>
> Perhaps for some reason your AD domain controller is enforcing a maximum
> password age?  I think we try to set a 'password does not expire', but
> given the timed nature of the failure, this is where I would start
> looking.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett
> http://samba.org/~abartlet/ <http://samba.org/%7Eabartlet/>
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Red Hat Inc.
>



-- 
Kyle Corupe

Unix Administrator
kcorupe at corpedia.com

More information about the samba mailing list