[Samba] Strange winbindd messages
John Center
john.center at villanova.edu
Fri Feb 8 09:50:55 MST 2013
Hi Andrew,
Thanks for getting back to me.
On 02/07/2013 04:52 PM, Andrew Bartlett wrote:
> On Fri, 2013-02-08 at 08:43 +1100, Andrew Bartlett wrote:
>> On Wed, 2013-01-23 at 11:59 -0500, John Center wrote:
>>> Hi,
>>>
>>> We are running samba v3.6.3 on Ubuntu 12.04 server. This is being used
>>> with FreeRADIUS for wireless authentication with AD. We just logged a
>>> set of messages from winbindd that I don't understand:
>>>
>>> Jan 23 10:35:28 as3 winbindd[25371]: [2013/01/23 10:35:28.056846, 0]
>>> rpc_client/cli_netlogon.c:677(rpccli_netlogon_set_trust_password)
>>> Jan 23 10:35:28 as3 winbindd[25371]: dcerpc_netr_ServerPasswordSet{2}
>>> failed: NT code 0xc00002a5
>>> Jan 23 10:35:28 as3 winbindd[26636]: [2013/01/23 10:35:28.105143, 0]
>>> rpc_client/cli_netlogon.c:671(rpccli_netlogon_set_trust_password)
>>> Jan 23 10:35:28 as3 winbindd[26636]: credentials chain check failed
>>> Jan 23 10:35:28 as3 winbindd[25518]: [2013/01/23 10:35:28.310288, 0]
>>> rpc_client/cli_netlogon.c:671(rpccli_netlogon_set_trust_password)
>>> Jan 23 10:35:28 as3 winbindd[25518]: credentials chain check failed
>>> Jan 23 10:36:28 as3 winbindd[25371]: [2013/01/23 10:36:28.121861, 0]
>>> rpc_client/cli_netlogon.c:671(rpccli_netlogon_set_trust_password)
>>> Jan 23 10:36:28 as3 winbindd[25371]: credentials chain check failed
>>>
>>> Authentications went through ok at 10:35:23 & again at 10:35:29. We
>>> haven't seen them before, & searching, I couldn't find much info. What
>>> do these messages mean? What would have caused them? Do we need to be
>>> concerned? Any help would be greatly appreciated.
>>
>> What is happening here is that we are trying and failing to change our
>> machine account password. Can you try Samba 3.6.12 and see if the
>> changes in the meantime have fixed this?
>
Can winbindd change the machine account password? This isn't being done
by us manually.
> Looking into this some more these links suggest a server-side error:
> http://www.tek-tips.com/viewthread.cfm?qid=1487092
> http://support.microsoft.com/kb/306091/en-us
>
Looking at these links, are you suggesting that the DC database is being
locked at this point in time, so when an auth request is being made, it
fails?
> Is there anything in the server event log to match this error?
>
I'm trying to get access to the DC event logs to look into this.
Thanks.
-John
--
John Center
Villanova University
More information about the samba
mailing list