[Samba] Samba 4 WBC_ERR_DOMAIN_NOT_FOUND [broken again]
steve
steve at steve-ss.com
Wed Dec 21 02:05:04 MST 2011
On 21/12/11 07:18, David Roid wrote:
> Hi Steve,
>
> Do you have
>
> idmap config * : backend = ...
> idmap config * : range = ...
>
> in your smb.conf (besides domain specific backend and range)?
>
> Regards
> -David
Hi
No. I just followed the samba howto in the wiki.
I have:
cat /usr/local/samba/etc/smb.conf
# Global parameters
server role = domain controller
workgroup = CACTUS
realm = hh3.site
netbios name = HH3
passdb backend = samba4
[netlogon]
path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[home]
path = /home/CACTUS
read only = No
I'm wondering if this maybe a hardware issue. I'm testing on an 8 year
old acer laptop with 512Mb and a 16Gb usb memory as hard disk. Now, for
example it's working. But in 5 minutes maybe not.
Should I have the idmap stuff you mention?
e.g. a user I created has this:
CACTUS\steve2:*:3000006:100::/home/CACTUS/steve2:/bin/false
Thanks for the reply.
Steve.
>
> 2011/12/21 steve <steve at steve-ss.com <mailto:steve at steve-ss.com>>
>
> Works for a while, then falls over:
>
> wbinfo -u
> hh3$
> administrator
> dns-hh3
> krbtgt
> guest
> lynn2
>
> wbinfo -i lynn2
> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get info for user lynn2
>
> Here is the log:
>
> hh3:/home/steve # winbindd -i -S -d=4
> winbindd version 4.0.0alpha18-GIT-bfc7481 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2011
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384)
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.conf"
> Processing section "[global]"
> doing parameter server role = domain controller
> doing parameter workgroup = SITE
> doing parameter realm = hh3.site
> doing parameter netbios name = HH3
> doing parameter passdb backend = samba4
> pm_process() returned Yes
> Registered MSG_REQ_POOL_USAGE
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384)
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.conf"
> Processing section "[global]"
> doing parameter server role = domain controller
> doing parameter workgroup = SITE
> doing parameter realm = hh3.site
> doing parameter netbios name = HH3
> doing parameter passdb backend = samba4
> pm_process() returned Yes
> added interface eth1 ip=192.168.1.3 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface eth1 ip=192.168.1.3 bcast=192.168.1.255
> netmask=255.255.255.0
> TimeInit: Serverzone is -3600
> initialize_winbindd_cache: clearing cache and re-creating with
> version number 2
> ldb_wrap open of idmap.ldb
> Added domain BUILTIN S-1-5-32
> Added domain SITE S-1-5-21-821565856-2698423283-2299657328
> Home server: hh3
> Home server: hh3
> get_privileges: No privileges assigned to SID [S-1-22-1-0]
> get_privileges: No privileges assigned to SID [S-1-22-2-0]
> get_privileges: No privileges assigned to SID [S-1-5-2]
> get_privileges: No privileges assigned to SID [S-1-5-11]
> child daemon request 51
> Finished processing child request 51
> child daemon request 20
> [ 3378]: list trusted domains
> samr: trusted domains
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00
> F1 4E 3D 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00
> F1 4E 3D 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00
> F1 4E 3D 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00
> F1 4E 3D 0D ........ .....N=.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 20
> [ 3381]: request interface version
> [ 3381]: request location of privileged pipe
> getpwnam lynn2
> child daemon request 59
> sam_name_to_sid
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 02 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> name_to_sid: SITE\LYNN2 for domain SITE
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Home server: hh3
> Home server: hh3
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> samr: sequence number
> Create pipe requested \samr
> Created internal pipe \samr
> _samr_Connect2: ACCESS should be DENIED (requested: 0x000f003f)
> but overritten by euid == sec_initial_uid()
> _samr_Connect2: access GRANTED (requested: 0x000f003f, granted:
> 0x000f003f)
> Opened policy hnd[1] [0000] 00 00 00 00 03 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenDomain: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenDomain: access GRANTED (requested: 0x000f07ff, granted:
> 0x000f07ff)
> Opened policy hnd[2] [0000] 00 00 00 00 04 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> sam_query_user
> Create pipe requested \samr
> Created internal pipe \samr
> _samr_Connect2: ACCESS should be DENIED (requested: 0x000f003f)
> but overritten by euid == sec_initial_uid()
> _samr_Connect2: access GRANTED (requested: 0x000f003f, granted:
> 0x000f003f)
> Opened policy hnd[1] [0000] 00 00 00 00 05 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenDomain: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenDomain: access GRANTED (requested: 0x000f07ff, granted:
> 0x000f07ff)
> Opened policy hnd[2] [0000] 00 00 00 00 06 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> _samr_OpenUser: ACCESS should be DENIED (requested: 0x000f07ff)
> but overritten by euid == sec_initial_uid()
> _samr_OpenUser: access GRANTED (requested: 0x000f07ff, granted:
> 0x000f07ff)
> Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> User:[lynn2]
> Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> sam_sid_to_name
> Create pipe requested \lsarpc
> Created internal pipe \lsarpc
> _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
> but overritten by euid == sec_initial_uid()
> _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted:
> 0x000f0fff)
> Opened policy hnd[1] [0000] 00 00 00 00 08 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00
> F1 4E 47 0D ........ .....NG.
> [0010] 34 0D 00 00 4...
> Closed policy
> Finished processing child request 59
> child daemon request 59
> idmap range not specified for domain *
> Finished processing child request 59
>
> Anyone have any ideas about this?
>
> Thanks.
> Steve.
>
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list