[Samba] Winbind Trust -- grr
Aaron E.
ssureshot at gmail.com
Wed May 25 14:09:41 MDT 2011
Ah, a new avenue to look down..
winbind cache was 300, idmap cache is set to 7 days so I changed them
both to 60 seconds restarted services and rejoined domain, hoping that
the problem would happen right away, this was not the case though.
Was your issue on the server side or client side? I have not changed
server only client.. I try to keep server settings aside as last resort..
Thanks much,
aaron
On 05/25/2011 02:47 PM, Gaiseric Vandal wrote:
> It may be related to a caching issue. Use testparm -v to check the
> values for the following:
>
> idmap cache time
> winbind cache time
>
>
> I had a problem with samba 3.0.x where idmap entries would populate for
> users in a trusted domain- but after the cache time expired the cache
> would not repopulate and I would "loose" the trusted users. Increasing
> the cache time at least reduced how frequently I had to delete the cache
> entries. This is not a solution but may be will help locate the problem.
>
>
> On 05/25/2011 12:16 PM, Aaron E. wrote:
>> First, Thanks for any and all help!!!!
>>
>> I can't seem to figure out what I need to do, I've been fighting this
>> for a month and am now beating my head off my desk with no solution to
>> be found. I've read others having this issue but they were all older
>> versions.. I am using 3.5.4,, Please read over and give me some input..
>>
>> Every 7 days winbindd fails on the trust secret. The only way I can
>> figure to fix it is rejoin the domain.
>>
>> My only solution I can think of is script and cron so the machine
>> rejoins the domain every 6 days on it's own..
>>
>> I believe I'm forced to use winbind due to dansguardian using
>> ntlm_auth. Dansguardian cant use ldap connection.
>>
>> Now My smb.conf is as follows on the squid server..
>> [global]
>> workgroup = EXAMPLE
>> netbios name = squid1
>> server string = Squid1
>> security = domain
>> password server = netfiles1san, netfiles2san
>> log level = 3
>> log file = /var/log/samba/%m.log
>> max log size = 0
>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> preferred master = False
>> local master = No
>> domain master = False
>> dns proxy = No
>> ;Winbind
>> winbind refresh tickets = false
>> winbind separator = /
>> winbind enum users = yes
>> winbind enum groups = yes
>> winbind use default domain = yes
>> idmap uid = 10000-20000
>> idmap gid = 10000-20000
>>
>> smb.conf on my DC relevent info is as follows
>> security = user
>> LDAP Backend
>> master
>>
>> Possibly an issue with using domain on the squid server and user on
>> the DC??
>>
>>
>
More information about the samba
mailing list