[Samba] Samba 3.0.28 failing to authenticate on Win2003 ServerActive Directory

Langdon Stevenson langdon at lindenrow.com.au
Mon May 12 22:30:42 GMT 2008 

Thanks for the reply Matt

I included a link to the wrong resource as you point out.  The howto 
that I used was actually:

   http://www.enterprisenetworkingplanet.com/netos/article.php/3487081

Sorry for the confusion, I was also setting up a PDC machine last week 
and got the references mixed up.

I will go through the samba documentation chapters that you referred to 
again more thoroughly.  I spent some time looking at them when I was 
preparing to setup the server.

The troubleshooting guide also looks like useful.  Thanks again for the 
input.

Regards,
Langdon


Humrick, Matt wrote:
>> http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3
> 
> I believe these directions are for setting up Samba as an NT4 style PDC.
> From your description it sounds like you want the samba server to be a
> domain member server in a Win2003 AD and use winbind to authenticate
> users. If that's the case and you followed the directions on that
> website, then your samba config is definitely not going to work for you.
> 
> I suggest reading chapters 3 and 6 here if you haven't already:
> http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/
> 
> Here's some good troubleshooting tips:
> http://us3.samba.org/samba/docs/using_samba/ch12.html#samba2-CHP-12-SECT
> -2.5.3
> 
> Matt
> 
> -----Original Message-----
> From: samba-bounces+matt.humrick=advatechpacific.com at lists.samba.org
> [mailto:samba-bounces+matt.humrick=advatechpacific.com at lists.samba.org]
> On Behalf Of Langdon Stevenson
> Sent: Sunday, May 11, 2008 11:36 PM
> To: samba at lists.samba.org
> Subject: [Samba] Samba 3.0.28 failing to authenticate on Win2003
> ServerActive Directory
> 
> I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora
> yum package version).  I have successfully joined the server to the AD
> realm of a Win2003 server on the office network.
> 
> Configuration was done following this guide:
> 
>    http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3
> 
> However Authentication against the AD server does not work.  When I test
> winbind with:
> 
>    # wbinfo -u
> 
> I get:
> 
>    Error looking up domain users
> 
> I have also found the following output in /var/log/messages/  It is
> generated each time Samba is started (note: date and time have been
> removed for clarity)
> 
> 
> srv winbindd[6850]: [2008/05/06 11:18:14, 0]
> param/loadparm.c:service_ok(3031)
> srv winbindd[6850]:   WARNING: No path in service public - making it
> unavailable!
> srv winbindd[6851]: [2008/05/06 11:18:14, 0]
> nsswitch/winbindd_cache.c:initialize_winbindd_cache(2222)
> srv winbindd[6851]:   initialize_winbindd_cache: clearing cache and
> re-creating with version number 1
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(41)
> srv winbindd[6853]:
> ===============================================================
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(42)
> srv winbindd[6853]:   INTERNAL ERROR: Signal 11 in pid 6853
> (3.0.28a-0.fc8)
> srv winbindd[6853]:   Please read the Trouble-Shooting section of the
> Samba3-HOWTO
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(44)
> srv winbindd[6853]:
> srv winbindd[6853]:   From:
> http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(45)
> srv winbindd[6853]:
> ===============================================================
> srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655)
> srv winbindd[6853]:   PANIC (pid 6853): internal error
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/util.c:log_stack_trace(1759)
> srv winbindd[6853]:   BACKTRACE: 19 stack frames:
> srv winbindd[6853]:    #0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d]
> srv winbindd[6853]:    #1 winbindd(smb_panic+0x5d) [0xb7d5dfcd]
> srv winbindd[6853]:    #2 winbindd [0xb7d48a4a]
> srv winbindd[6853]:    #3 [0x12d420]
> srv winbindd[6853]:    #4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638]
> srv winbindd[6853]:    #5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6]
> srv winbindd[6853]:    #6 winbindd [0xb7cea8f9]
> srv winbindd[6853]:    #7 winbindd [0xb7ced6e7]
> srv winbindd[6853]:    #8 winbindd [0xb7cd2649]
> srv winbindd[6853]:    #9 winbindd [0xb7cd2d29]
> srv winbindd[6853]:    #10 winbindd [0xb7cd31a8]
> srv winbindd[6853]:    #11
> winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008]
> srv winbindd[6853]:    #12 winbindd [0xb7cf3622]
> srv winbindd[6853]:    #13 winbindd(init_child_connection+0x19a)
> [0xb7ccfdaa]
> srv winbindd[6853]:    #14 winbindd(async_domain_request+0xb6)
> [0xb7cf4f86]
> srv winbindd[6853]:    #15 winbindd(rescan_trusted_domains+0x110)
> [0xb7cd03f0]
> srv winbindd[6853]:    #16 winbindd(main+0x75d) [0xb7cc5e0d]
> srv winbindd[6853]:    #17 /lib/libc.so.6(__libc_start_main+0xe0)
> [0x2e3390]
> srv winbindd[6853]:    #18 winbindd [0xb7cc42a1]
> srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181)
> srv winbindd[6853]:   dumping core in /var/log/samba/cores/winbindd
> srv winbindd[6853]:
> 
> 
> The Samba config file /etc/samba/smb.conf
> 
>    [global]
>      log file = /var/log/samba/log.%m
>      workgroup = SLA
>      realm = SLA.COM.AU
>      preferred master = no
>      server string = Merit1
>      security = ADS
>      encrypt passwords = yes
>      log level = 3
>      max log size = 50
>      printcap name = cups
>      printing = cups
>      winbind enum users = Yes
>      winbind enum groups = Yes
>      winbind use default domain = Yes
>      winbind nested groups = Yes
>      winbind separator = +
>      idmap uid = 600-20000
>      idmap gid = 600-20000
>      template shell = /bin/bash
>      template homedir = /home/domain/%D/%U
> 
>    [homes]
>      comment = Home Direcotries
>      valid users = %S
>      read only = No
>      browseable = No
> 
>    [netlogon]
>      comment = Network Logon Service
>      path = /var/lib/samba/netlogon
>      guest ok = yes
>      writable = no
>      share modes = no
> 
> I have used Samba in small workgroups for some years, but this is the
> first time that I have tried anything with Active Directory, so I am way
> out of my depth.
> 
> Can anyone recommend how I should go about troubleshooting this issue?
> if you require more information please let me know.
> 
> Regards,
> Langdon
>

More information about the samba mailing list