[Samba] Samba 4 WBC_ERR_DOMAIN_NOT_FOUND [broken again]
David Roid
dataroid at gmail.com
Tue Dec 20 23:18:33 MST 2011
Hi Steve,
Do you have
idmap config * : backend = ...
idmap config * : range = ...
in your smb.conf (besides domain specific backend and range)?
Regards
-David
2011/12/21 steve <steve at steve-ss.com>
> Works for a while, then falls over:
>
> wbinfo -u
> hh3$
> administrator
> dns-hh3
> krbtgt
> guest
> lynn2
>
> wbinfo -i lynn2
> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get info for user lynn2
>
> Here is the log:
>
> hh3:/home/steve # winbindd -i -S -d=4
> winbindd version 4.0.0alpha18-GIT-bfc7481 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2011
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.**conf"
> Processing section "[global]"
> doing parameter server role = domain controller
> doing parameter workgroup = SITE
> doing parameter realm = hh3.site
> doing parameter netbios name = HH3
> doing parameter passdb backend = samba4
> pm_process() returned Yes
> Registered MSG_REQ_POOL_USAGE
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.**conf"
> Processing section "[global]"
> doing parameter server role = domain controller
> doing parameter workgroup = SITE
> doing parameter realm = hh3.site
> doing parameter netbios name = HH3
> doing parameter passdb backend = samba4
> pm_process() returned Yes
> added interface eth1 ip=192.168.1.3 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface eth1 ip=192.168.1.3 bcast=192.168.1.255
> netmask=255.255.255.0
> TimeInit: Serverzone is -3600
> initialize_winbindd_cache: clearing cache and re-creating with version
> number 2
> ldb_wrap open of idmap.ldb
> Added domain BUILTIN S-1-5-32
> Added domain SITE S-1-5-21-821565856-2698423283-**2299657328
> Home server: hh3
> Home server: hh3
> get_privileges: No privileges assigned to SID [S-1-22-1-0]
> get_privileges: No privileges assigned to SID [S-1-22-2-0]
> get_privileges: No privileges assigned to SID [S-1-5-2]
> get_privileges: No privileges assigned to SID [S-1-5-11]
> child daemon request 51
> Finished processing child request 51
> child daemon request 20
> [ 3378]: list trusted domains
> samr: trusted domains
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 F1 4E 3D
> 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 F1 4E 3D
> 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 F1 4E 3D
> 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 F1 4E 3D
> 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 20
> [ 3381]: request interface version
> [ 3381]: request location of privileged pipe
> getpwnam lynn2
> child daemon request 59
> sam_name_to_sid
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> name_to_sid: SITE\LYNN2 for domain SITE
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Home server: hh3
> Home server: hh3
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> samr: sequence number
> Create pipe requested \samr
> Created internal pipe \samr
> _samr_Connect2: ACCESS should be DENIED (requested: 0x000f003f)
> but overritten by euid == sec_initial_uid()
> _samr_Connect2: access GRANTED (requested: 0x000f003f, granted: 0x000f003f)
> Opened policy hnd[1] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenDomain: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenDomain: access GRANTED (requested: 0x000f07ff, granted:
> 0x000f07ff)
> Opened policy hnd[2] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> sam_query_user
> Create pipe requested \samr
> Created internal pipe \samr
> _samr_Connect2: ACCESS should be DENIED (requested: 0x000f003f)
> but overritten by euid == sec_initial_uid()
> _samr_Connect2: access GRANTED (requested: 0x000f003f, granted: 0x000f003f)
> Opened policy hnd[1] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenDomain: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenDomain: access GRANTED (requested: 0x000f07ff, granted:
> 0x000f07ff)
> Opened policy hnd[2] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenUser: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenUser: access GRANTED (requested: 0x000f07ff, granted: 0x000f07ff)
> Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> User:[lynn2]
> Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> sam_sid_to_name
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 F1 4E 47
> 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> idmap range not specified for domain *
> Finished processing child request 59
>
> Anyone have any ideas about this?
>
> Thanks.
> Steve.
>
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>
More information about the samba
mailing list