[Samba] Winbind error "Could not fetch our SID - did we join?"

Rowland Penny rpenny at samba.org
Mon Nov 13 16:06:17 UTC 2017 

On Mon, 13 Nov 2017 16:22:35 +0100
Sven Schwedas via samba <samba at lists.samba.org> wrote:

> On 2017-11-13 16:00, Rowland Penny via samba wrote:
> > On Mon, 13 Nov 2017 15:20:05 +0100
> > Sven Schwedas <sven.schwedas at tao.at> wrote:
> >>
> >>> PS, your configs are still wrong.
> >>
> >> It would be *really* helpful if you explained *why*. Sprinkling
> >> magic pixie dust over random config files isn't exactly purposeful
> >> debugging.
> >>
> > 
> > Lets start with /etc/krb5.conf
> > 
> > Samba doesn't need most of what you will find in it, this is mostly
> > because most of what you will find there, is a default setting.
> > Believe it, or believe it not, you only really need:
> > 
> > [libdefaults]
> >     default_realm = AD.TAO.AT
> 
> 'unnecessary' and 'wrong' are two different things. No doubt that the
> config files are overly verbose, but that doesn't make them wrong,
> does it?

No, but if you re-read my original post, you will see that I said what
I would do, which is to change the configs to known working examples.

> 
> > using 'search' in /etc/resolv.conf means you use host-name lookups
> 
> 'search' and 'domain' are supposed to be idempotent if there's only
> one domain, aren't they?

I think you might be misunderstanding the use of 'domain' and 'search'
in /etc/resolv.conf. They are mutually-exclusive, that is, you can use
one or the other, but not both. If you do use both, the last one found
is used.
 
> 
> > /etc/hosts should contain information in the following format:
> > 
> > ipaddress 'canonical-name' 'alias' 
> > 
> > 'canonical-name' is anotherway of saying FQDN
> > 'alias' is another way of saying short hostname
> 
> But how does it affect samba?

Where do think Samba gets the domain name from ?

> 
> > When trying to identify a problem, you start with the obvious from
> > the info supplied and fix anything that might be causing the
> > problem. If this doesn't work, then look further, ask other
> > questions etc
> 
> Yes, but I'd like to get away from asking the *same* five questions
> every time by understanding *how* Samba reacts to changes /
> misconfigurations here.
> 

I can understand this, but it didn't come across in that way ;-)

Rowland

More information about the samba mailing list