[Samba] Winbind Trust -- grr
Aaron E.
ssureshot at gmail.com
Wed May 25 14:27:48 MDT 2011
I guess the client/server question is a moot point as I don't even have
winbind running on my DC..
On 05/25/2011 04:09 PM, Aaron E. wrote:
> Ah, a new avenue to look down..
>
> winbind cache was 300, idmap cache is set to 7 days so I changed them
> both to 60 seconds restarted services and rejoined domain, hoping that
> the problem would happen right away, this was not the case though.
>
> Was your issue on the server side or client side? I have not changed
> server only client.. I try to keep server settings aside as last resort..
>
> Thanks much,
> aaron
>
> On 05/25/2011 02:47 PM, Gaiseric Vandal wrote:
>> It may be related to a caching issue. Use testparm -v to check the
>> values for the following:
>>
>> idmap cache time
>> winbind cache time
>>
>>
>> I had a problem with samba 3.0.x where idmap entries would populate for
>> users in a trusted domain- but after the cache time expired the cache
>> would not repopulate and I would "loose" the trusted users. Increasing
>> the cache time at least reduced how frequently I had to delete the cache
>> entries. This is not a solution but may be will help locate the problem.
>>
>>
>> On 05/25/2011 12:16 PM, Aaron E. wrote:
>>> First, Thanks for any and all help!!!!
>>>
>>> I can't seem to figure out what I need to do, I've been fighting this
>>> for a month and am now beating my head off my desk with no solution to
>>> be found. I've read others having this issue but they were all older
>>> versions.. I am using 3.5.4,, Please read over and give me some input..
>>>
>>> Every 7 days winbindd fails on the trust secret. The only way I can
>>> figure to fix it is rejoin the domain.
>>>
>>> My only solution I can think of is script and cron so the machine
>>> rejoins the domain every 6 days on it's own..
>>>
>>> I believe I'm forced to use winbind due to dansguardian using
>>> ntlm_auth. Dansguardian cant use ldap connection.
>>>
>>> Now My smb.conf is as follows on the squid server..
>>> [global]
>>> workgroup = EXAMPLE
>>> netbios name = squid1
>>> server string = Squid1
>>> security = domain
>>> password server = netfiles1san, netfiles2san
>>> log level = 3
>>> log file = /var/log/samba/%m.log
>>> max log size = 0
>>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>>> preferred master = False
>>> local master = No
>>> domain master = False
>>> dns proxy = No
>>> ;Winbind
>>> winbind refresh tickets = false
>>> winbind separator = /
>>> winbind enum users = yes
>>> winbind enum groups = yes
>>> winbind use default domain = yes
>>> idmap uid = 10000-20000
>>> idmap gid = 10000-20000
>>>
>>> smb.conf on my DC relevent info is as follows
>>> security = user
>>> LDAP Backend
>>> master
>>>
>>> Possibly an issue with using domain on the squid server and user on
>>> the DC??
>>>
>>>
>>
>
More information about the samba
mailing list