[Samba] Winbind Craziness

ray klassen julius_ahenobarbus at yahoo.co.uk
Fri Jul 27 21:25:04 UTC 2018 

 so I had some time to follow this bunny trailand found that even though all the other servers had no problems this one continued to.Every so often a new computer couldn't connect and then it would be all better after a net leave/net join. 
Net join would not work without -S <MyDC> in the command lineWhat I found out was that most net rpc commands such as net rpc testjoin would also fail without -S <MyDC> in the command linewhereas they would work find for any other box.
I also noticed that a tdbtool dump of secrets.tdb was pretty nearly empty whereas other servers had lots of info.The difference was in the smb.conf line "name resolve order" 

earlier I had taken the advice (the more fool me, I guess) of the man page with recommends 

"name resolve order = wins bcast" in a AD environment.
when I changed it back to 

"name resolve order = lmhosts wins host bcast"

as the other servers had it, suddenly all net rpc functions worked again.
I ran 
net ads changetrustpw -UAdminUserandnet rpc changetrustpw 

and now secrets.tdb is populated 

I think I probably had corrupt winbind files at the outset and those where cleared up by the above activity, but the results continued to be skewed because it wasn't using "host" (dns) to look up some of the services. At least hopefully.



    On Friday, 20 July 2018, 17:01:54 GMT-7, ray klassen via samba <samba at lists.samba.org> wrote:  
 
 about 3 weeks ago there was a power outage where our main file server was not connected to any dc for some time. (don't know if that's related)
since then winbind will randomly not resolve rfc_2307 users or groups whenever it feels like it.

have tried
shutting down nmbd,smbd.winbind and running net cache flush (and starting them up again)have tried turning off winbind group and user enumhave tried leaving and joining the domainhave tried 

service winbind stop
service stop samba
rm –rf /var/lib/samba
mkdir -p /var/lib/samba/private​
rm –rf /var/cache/samba 
net join ads –S "yourADserver" –U username
service winbind start
service samba start from a stack exchange page.

Don't know where to go next.

Debian Stretch install

Version 4.5.12-Debian
Help.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list