No subject
Thu Mar 18 17:34:04 MDT 2010
May 10 08:36:50 casas-lin kernel: May 10 08:38:42 casas-lin
winbindd[1571]: [2010/05/10 08:38:
42, 0] libsmb/smb_signing.c:255(signing_good)
May 10 08:38:42 casas-lin winbindd[1571]: signing_good: BAD SIG: seq 41
May 10 08:42:25 casas-lin winbindd[1562]: [2010/05/10 08:42:25, 0]
winbindd/winbindd_dual.c:1
86(async_request_timeout_handler)
May 10 08:42:25 casas-lin winbindd[1562]:
async_request_timeout_handler: child pid 1571 is n
ot responding. Closing connection to it.
May 10 08:42:25 casas-lin winbindd[1571]: [2010/05/10 08:42:25, 0]
winbindd/winbindd.c:190(wi
nbindd_sig_term_handler)
May 10 08:42:25 casas-lin winbindd[1571]: Got sig[15] terminate (is_parent=0)
May 10 08:42:25 casas-lin winbindd[1825]: [2010/05/10 08:42:25, 0]
rpc_client/cli_pipe.c:687(
cli_pipe_verify_schannel)
May 10 08:42:25 casas-lin winbindd[1825]: cli_pipe_verify_schannel:
auth_len 56.
May 10 08:43:37 casas-lin winbindd[1825]: [2010/05/10 08:43:37, 0]
libsmb/smb_signing.c:255(s
igning_good)
May 10 08:43:37 casas-lin winbindd[1825]: signing_good: BAD SIG: seq 23
May 10 08:47:25 casas-lin winbindd[1562]: [2010/05/10 08:47:25, 0]
winbindd/winbindd_dual.c:1
86(async_request_timeout_handler)
May 10 08:47:25 casas-lin winbindd[1562]:
async_request_timeout_handler: child pid 1825 is n
ot responding. Closing connection to it.
May 10 08:47:25 casas-lin winbindd[1825]: [2010/05/10 08:47:25, 0]
winbindd/winbindd.c:190(wi
nbindd_sig_term_handler)
May 10 08:47:25 casas-lin winbindd[1825]: Got sig[15] terminate (is_parent=0)
May 10 08:47:25 casas-lin winbindd[1832]: [2010/05/10 08:47:25, 0]
rpc_client/cli_pipe.c:687(
cli_pipe_verify_schannel)
May 10 08:47:25 casas-lin winbindd[1832]: cli_pipe_verify_schannel:
auth_len 56.
May 10 08:48:38 casas-lin winbindd[1832]: [2010/05/10 08:48:38, 0]
libsmb/smb_signing.c:255(s
igning_good)
May 10 08:48:38 casas-lin winbindd[1832]: signing_good: BAD SIG: seq 23
May 10 08:52:25 casas-lin winbindd[1562]: [2010/05/10 08:52:25, 0]
winbindd/winbindd_dual.c:1
86(async_request_timeout_handler)
May 10 08:52:25 casas-lin winbindd[1562]:
async_request_timeout_handler: child pid 1832 is n
ot responding. Closing connection to it.
May 10 08:52:25 casas-lin winbindd[1832]: [2010/05/10 08:52:25, 0]
winbindd/winbindd.c:190(wi
nbindd_sig_term_handler)
---------
log.wb-CASAS (my domain is CASAS.WSU.EDU)
[2010/05/10 09:12:26, 1] libsmb/clikrb5.c:697(ads_krb5_mk_req)
ads_krb5_mk_req: krb5_get_credentials failed for ad1$@CASAS (KDC
reply did not match expectations)
[2010/05/10 09:12:26, 1] libsmb/cliconnect.c:745(cli_session_setup_kerberos)
cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: KDC
reply did not match expectations
[2010/05/10 09:12:26, 0] rpc_client/cli_pipe.c:687(cli_pipe_verify_schannel)
cli_pipe_verify_schannel: auth_len 56.
[2010/05/10 09:12:26, 1]
rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: RPC fault code DCERPC fault
0x00000721 received from host ad1.casas.wsu.edu!
-------
log-wb-CASAS.old (during "crashed state"):
[2010/04/19 08:17:23, 1] libsmb/clikrb5.c:697(ads_krb5_mk_req)
ads_krb5_mk_req: krb5_get_credentials failed for ad1$@CASAS (Cannot
resolve network address
for KDC in requested realm)
[2010/04/19 08:17:23, 1] libsmb/cliconnect.c:745(cli_session_setup_kerberos)
cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot
resolve network address f
or KDC in requested realm
[2010/04/19 08:17:23, 0] rpc_client/cli_pipe.c:687(cli_pipe_verify_schannel)
cli_pipe_verify_schannel: auth_len 56.
[2010/04/19 08:17:23, 1]
rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: RPC fault code DCERPC fault
0x00000721 received from host ad1
.casas.wsu.edu!
------------
My configuration
------------
smb.conf
------------
[global]
security = ads
netbios name = casas-lin
realm = CASAS.WSU.EDU
workgroup = CASAS
password server = ad1.casas.wsu.edu
workgroup = CASAS
idmap uid = 10000-20000
idmap gid = 10000-20000
idmap backend = rid:CASAS.WSU.EDU=10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
#template homedir = /home/%U
template homedir = /net/files/home/%U
template shell = /bin/bash
; client use spnego = yes
domain master = no
--------------
/etc/krb5.conf
-------------
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = CASAS.WSU.EDU
dns_lookup_realm = false
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
CASAS.WSU.EDU = {
kdc = ad1.casas.wsu.edu
admin_server = ad1.casas.wsu.edu
kdc = ad1.casas.wsu.edu
}
CASAS = {
kdc = ad1.casas.wsu.edu
admin_server = ad1.casas.wsu.edu
kdc = ad1.casas.wsu.edu
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
casas.wsu.edu = CASAS.WSU.EDU
.casas.wsu.edu = CASAS.WSU.EDU
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
---------------
/etc/pam.d/common-account
---------------
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
account sufficient pam_winbind.so
account required pam_krb5.so minimum_uid=1000
------------
/etc/pam.d/common-auth
------------
auth [success=3 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE
auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 try_first_pass
auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
------------
/etc/pam.d/common-password
------------
password requisite pam_winbind.so
password requisite pam_krb5.so minimum_uid=1000 use_authtok
password [success=1 default=ignore] pam_unix.so obscure use_authtok
try_first_pass sha512
password requisite pam_deny.so
password required pam_permit.so
password optional pam_gnome_keyring.so
-------------
/etc/nsswitch.conf
-------------
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns mdns4
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
----------------
Thanks!
--Jim
More information about the samba
mailing list