[Samba] Samba 3.0.28 failing to authenticate on Win2003
ServerActive Directory
Langdon Stevenson
langdon at lindenrow.com.au
Mon May 12 22:30:42 GMT 2008
Thanks for the reply Matt
I included a link to the wrong resource as you point out. The howto
that I used was actually:
http://www.enterprisenetworkingplanet.com/netos/article.php/3487081
Sorry for the confusion, I was also setting up a PDC machine last week
and got the references mixed up.
I will go through the samba documentation chapters that you referred to
again more thoroughly. I spent some time looking at them when I was
preparing to setup the server.
The troubleshooting guide also looks like useful. Thanks again for the
input.
Regards,
Langdon
Humrick, Matt wrote:
>> http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3
>
> I believe these directions are for setting up Samba as an NT4 style PDC.
> From your description it sounds like you want the samba server to be a
> domain member server in a Win2003 AD and use winbind to authenticate
> users. If that's the case and you followed the directions on that
> website, then your samba config is definitely not going to work for you.
>
> I suggest reading chapters 3 and 6 here if you haven't already:
> http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/
>
> Here's some good troubleshooting tips:
> http://us3.samba.org/samba/docs/using_samba/ch12.html#samba2-CHP-12-SECT
> -2.5.3
>
> Matt
>
> -----Original Message-----
> From: samba-bounces+matt.humrick=advatechpacific.com at lists.samba.org
> [mailto:samba-bounces+matt.humrick=advatechpacific.com at lists.samba.org]
> On Behalf Of Langdon Stevenson
> Sent: Sunday, May 11, 2008 11:36 PM
> To: samba at lists.samba.org
> Subject: [Samba] Samba 3.0.28 failing to authenticate on Win2003
> ServerActive Directory
>
> I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora
> yum package version). I have successfully joined the server to the AD
> realm of a Win2003 server on the office network.
>
> Configuration was done following this guide:
>
> http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3
>
> However Authentication against the AD server does not work. When I test
> winbind with:
>
> # wbinfo -u
>
> I get:
>
> Error looking up domain users
>
> I have also found the following output in /var/log/messages/ It is
> generated each time Samba is started (note: date and time have been
> removed for clarity)
>
>
> srv winbindd[6850]: [2008/05/06 11:18:14, 0]
> param/loadparm.c:service_ok(3031)
> srv winbindd[6850]: WARNING: No path in service public - making it
> unavailable!
> srv winbindd[6851]: [2008/05/06 11:18:14, 0]
> nsswitch/winbindd_cache.c:initialize_winbindd_cache(2222)
> srv winbindd[6851]: initialize_winbindd_cache: clearing cache and
> re-creating with version number 1
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(41)
> srv winbindd[6853]:
> ===============================================================
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(42)
> srv winbindd[6853]: INTERNAL ERROR: Signal 11 in pid 6853
> (3.0.28a-0.fc8)
> srv winbindd[6853]: Please read the Trouble-Shooting section of the
> Samba3-HOWTO
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(44)
> srv winbindd[6853]:
> srv winbindd[6853]: From:
> http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/fault.c:fault_report(45)
> srv winbindd[6853]:
> ===============================================================
> srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655)
> srv winbindd[6853]: PANIC (pid 6853): internal error
> srv winbindd[6853]: [2008/05/06 11:18:14, 0]
> lib/util.c:log_stack_trace(1759)
> srv winbindd[6853]: BACKTRACE: 19 stack frames:
> srv winbindd[6853]: #0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d]
> srv winbindd[6853]: #1 winbindd(smb_panic+0x5d) [0xb7d5dfcd]
> srv winbindd[6853]: #2 winbindd [0xb7d48a4a]
> srv winbindd[6853]: #3 [0x12d420]
> srv winbindd[6853]: #4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638]
> srv winbindd[6853]: #5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6]
> srv winbindd[6853]: #6 winbindd [0xb7cea8f9]
> srv winbindd[6853]: #7 winbindd [0xb7ced6e7]
> srv winbindd[6853]: #8 winbindd [0xb7cd2649]
> srv winbindd[6853]: #9 winbindd [0xb7cd2d29]
> srv winbindd[6853]: #10 winbindd [0xb7cd31a8]
> srv winbindd[6853]: #11
> winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008]
> srv winbindd[6853]: #12 winbindd [0xb7cf3622]
> srv winbindd[6853]: #13 winbindd(init_child_connection+0x19a)
> [0xb7ccfdaa]
> srv winbindd[6853]: #14 winbindd(async_domain_request+0xb6)
> [0xb7cf4f86]
> srv winbindd[6853]: #15 winbindd(rescan_trusted_domains+0x110)
> [0xb7cd03f0]
> srv winbindd[6853]: #16 winbindd(main+0x75d) [0xb7cc5e0d]
> srv winbindd[6853]: #17 /lib/libc.so.6(__libc_start_main+0xe0)
> [0x2e3390]
> srv winbindd[6853]: #18 winbindd [0xb7cc42a1]
> srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181)
> srv winbindd[6853]: dumping core in /var/log/samba/cores/winbindd
> srv winbindd[6853]:
>
>
> The Samba config file /etc/samba/smb.conf
>
> [global]
> log file = /var/log/samba/log.%m
> workgroup = SLA
> realm = SLA.COM.AU
> preferred master = no
> server string = Merit1
> security = ADS
> encrypt passwords = yes
> log level = 3
> max log size = 50
> printcap name = cups
> printing = cups
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = Yes
> winbind nested groups = Yes
> winbind separator = +
> idmap uid = 600-20000
> idmap gid = 600-20000
> template shell = /bin/bash
> template homedir = /home/domain/%D/%U
>
> [homes]
> comment = Home Direcotries
> valid users = %S
> read only = No
> browseable = No
>
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> guest ok = yes
> writable = no
> share modes = no
>
> I have used Samba in small workgroups for some years, but this is the
> first time that I have tried anything with Active Directory, so I am way
> out of my depth.
>
> Can anyone recommend how I should go about troubleshooting this issue?
> if you require more information please let me know.
>
> Regards,
> Langdon
>
More information about the samba
mailing list