[Samba] Winbind not working on Ubuntu 18.04 Samba 4.8.0 File Sever
Bob Thomas
bthomas at cybernetics.com
Wed Mar 28 15:02:49 UTC 2018
Good Morning, Ive been trying to test Samba AD on Ubuntu 18.04 using
samba version 4.8.0 The DC seems to be working fine all tests have
passed. I was able to connect Win7 RSAT, a Ubuntu workstation and a
File server. My problem is the file server will not give response to
'sudo getent passwd' with or with out username or DOMAIN\username.
Everything else works as far as I can tell.
Prior to build I installed the following dependencies:
apt install ntpdate acl attr autoconf bison build-essential debhelper
dnsutils docbook-xml docbook-xsl flex gdb libjansson-dev krb5-user
libacl1-dev libaio-dev libarchive-dev libattr1-dev libblkid-dev
libbsd-dev libcap-dev libcups2-dev libgnutls28-dev libgpgme11-dev
libjson-perl libldap2-dev libncurses5-dev libpam0g-dev
libparse-yapp-perl libpopt-dev libreadline-dev nettle-dev perl
perl-modules pkg-config python-all-dev python-crypto python-dbg
python-dev python-dnspython python3-dnspython python-markdown
python3-markdown python3-dev xsltproc zlib1g-dev
Symbolic links are set correctly:
root at files:~# smbd -b | grep LIBDIR
LIBDIR: /usr/lib
ln -s /usr/lib/libnss_winbind.so.2 /lib/x86_64-linus-gnu/
ln -s /lib/x86_64-linus-gnu/libnss_winbind.so.2
/lib/x86_64-linus-gnu/libnss_winbind.so
ldconfig
nssswitch.conf have tried these three combinations:
passwd: compat winbind systemd
group: compat winbind systemd
passwd: compat systemd winbind
group: compat systemd winbind
passwd: compat winbind
group : compat winbind
Here are my configs:
Samba 4.8.0 AD DC smb.conf using Bind9:
# Global parameters
[global]
netbios name = DC-TEST
realm = TEST.COM
workgroup = TEST
server role = active directory domain controller
server services = -dns
workgroup = TEST
idmap_ldb:use rfc2307 = yes
ldap server require strong auth = no
allow dns updates = nonsecure and secure
log level = 3
# stops cups errors in log file
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[netlogon]
path = /var/lib/samba/sysvol/test.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
########
Samba 4.8.0 Member Server smb.conf:
[global]
realm = TEST.COM
workgroup = TEST
netbios name = files
security = ADS
server role = member server
encrypt passwords = yes
idmap config *:backend = tdb
idmap config *:range = 2000-9999
idmap config TEST:backend = ad
idmap config TEST:schema_mode = rfc2307
idmap config TEST:range = 10000-99999
idmap config TEST:unix_nss_info = yes
winbind use default domain = yes
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
username map = /etc/samba/user.map
log level=3 winbind:10
log file = /var/log/samba/log.%m
max log size = 500
# Stops cups errors in log file
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
#============================ Share Definitions
==============================
####### Profiles and Documents for Windows users ##########
[profiles]
comment = Windows user profiles
path = /var/shares/profiles
level2 oplocks =no
oplocks = no
read only = no
[redirects]
comment = windows user documents
path = /var/shares/redirects
level2 oplocks =no
oplocks = no
read only = no
##############
Kinit works from member:
root at files:/etc/samba# kinit bthomas
Password for bthomas at TEST.COM:
root at files:/etc/samba# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: bthomas at TEST.COM
Valid starting Expires Service principal
03/28/2018 09:57:35 03/28/2018 19:57:35 krbtgt/TEST.COM at TEST.COM
renew until 03/29/2018
09:57:25root at files:/home/cyadmin/source/samba-4.8.0# ps axf | egrep
"samba|smbd|nmbd|winbindd"
Service are Running:
1777 pts/1 S+ 0:00 \_ grep -E --color=auto samba|smbd|nmbd|winbindd
643 ? Ss 0:00 smbd
645 ? S 0:00 \_ smbd
646 ? S 0:00 \_ smbd
651 ? Ss 0:00 nmbd
1774 ? Ss 0:00 winbindd
1775 ? S 0:00 \_ winbindd: domain child [TEST]
Logs from log.wb-TEST (from starting 'winbindd' and doing one 'getent
passwd bthomas'
[2018/03/28 10:20:11.856393, 4, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 20
[2018/03/28 10:20:11.856478, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn LIST_TRUSTDOM
[2018/03/28 10:20:11.856515, 3, pid=1305, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_misc.c:288(winbindd_dual_list_trusted_domains)
[ 1304]: list trusted domains
[2018/03/28 10:20:11.856550, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:2825(wb_cache_trusted_domains)
trusted_domains: [Cached] - doing backend query for info for domain TEST
[2018/03/28 10:20:11.856584, 3, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1390(trusted_domains)
ads: trusted_domains
[2018/03/28 10:20:11.860494, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1475(trusted_domains)
trusted_domains(ads): Searching trusted domain list of TEST and
storing trust flags for domain test.com
[2018/03/28 10:20:11.860570, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4567(wcache_tdc_add_domain)
wcache_tdc_add_domain: Adding domain TEST (test.com), SID
S-1-5-21-2280622806-4116776946-4167826043, flags = 0x1d, attributes =
0x0, type = 0x2
[2018/03/28 10:20:11.860659, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4277(add_wbdomain_to_tdc_array)
add_wbdomain_to_tdc_array: Found existing record for TEST
[2018/03/28 10:20:11.860701, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4370(pack_tdc_domains)
pack_tdc_domains: Packing 3 trusted domains
[2018/03/28 10:20:11.860764, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain BUILTIN (UNKNOWN)
[2018/03/28 10:20:11.860797, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain FILES (UNKNOWN)
[2018/03/28 10:20:11.860829, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain TEST (test.com)
[2018/03/28 10:20:11.860891, 4, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 20
[2018/03/28 10:20:11.860923, 10, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4071 bytes to parent
[2018/03/28 10:22:38.330478, 0, pid=1305, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd.c:239(winbindd_sig_term_handler)
Got sig[15] terminate (is_parent=0)
[2018/03/28 10:23:35.728834, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cm.c:569(set_domain_online_request)
set_domain_online_request: called for domain TEST
[2018/03/28 10:23:35.729529, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cm.c:604(set_domain_online_request)
set_domain_online_request: domain TEST was globally offline.
[2018/03/28 10:23:35.729584, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:1166(calculate_next_machine_pwd_change)
password last changed 2018/03/27 17:19:46
password valid until 2018/04/03 17:19:46
[2018/03/28 10:23:35.729606, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:1174(calculate_next_machine_pwd_change)
machine password still valid until: Tue, 03 Apr 2018 17:19:46 EDT
[2018/03/28 10:23:35.729643, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 48
[2018/03/28 10:23:35.729657, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn INIT_CONNECTION
[2018/03/28 10:23:35.729676, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:2126(connection_ok)
connection_ok: Connection to (null) for domain TEST is not connected
[2018/03/28 10:23:35.729883, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:1888(cm_open_connection)
cm_open_connection: saf_servername is 'dc-test.test.com' for domain TEST
[2018/03/28 10:23:35.732586, 3] ../source3/libads/ldap.c:634(ads_connect)
Successfully contacted LDAP server 10.157.0.19
[2018/03/28 10:23:35.743725, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:1426(dcip_check_name)
dcip_check_name: flags = 0x13fd
[2018/03/28 10:23:35.743803, 3]
../source3/libsmb/namequery.c:3159(get_dc_list)
get_dc_list: preferred server list: "dc-test.test.com, *"
[2018/03/28 10:23:35.758898, 3]
../source3/libsmb/namequery.c:3159(get_dc_list)
get_dc_list: preferred server list: "dc-test.test.com, *"
[2018/03/28 10:23:35.764434, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:1926(cm_open_connection)
cm_open_connection: dcname is 'dc-test.test.com' for domain TEST
[2018/03/28 10:23:35.765062, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 445
[2018/03/28 10:23:35.765518, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:1045(cm_prepare_connection)
cm_prepare_connection: connecting to DC dc-test.test.com for domain TEST
[2018/03/28 10:23:35.788305, 3]
../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect)
ldb_wrap open of secrets.ldb
[2018/03/28 10:23:35.788448, 5, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:1144(cm_prepare_connection)
connecting to dc-test.test.com (TEST, TEST.COM) with account
[TEST\FILES$] principal [FILES$@TEST.COM] and realm [TEST.COM]
[2018/03/28 10:23:35.788511, 3]
../source3/libsmb/cliconnect.c:271(cli_session_creds_prepare_krb5)
got OID=1.2.840.48018.1.2.2
[2018/03/28 10:23:36.090404, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_spnego' registered
[2018/03/28 10:23:36.090425, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5' registered
[2018/03/28 10:23:36.090434, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5_sasl' registered
[2018/03/28 10:23:36.090442, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'spnego' registered
[2018/03/28 10:23:36.090449, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'schannel' registered
[2018/03/28 10:23:36.090459, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'naclrpc_as_system' registered
[2018/03/28 10:23:36.090467, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'sasl-EXTERNAL' registered
[2018/03/28 10:23:36.090475, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp' registered
[2018/03/28 10:23:36.090482, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp_resume_ccache' registered
[2018/03/28 10:23:36.090489, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_basic' registered
[2018/03/28 10:23:36.090497, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_ntlm' registered
[2018/03/28 10:23:36.090505, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_negotiate' registered
[2018/03/28 10:23:36.124186, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:3534(set_global_winbindd_state_online)
set_global_winbindd_state_online: online requested.
[2018/03/28 10:23:36.124249, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:3537(set_global_winbindd_state_online)
set_global_winbindd_state_online: rejecting.
[2018/03/28 10:23:36.124282, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:483(set_domain_online)
set_domain_online: called for domain TEST
[2018/03/28 10:23:36.124445, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:2646(set_dc_type_and_flags)
set_dc_type_and_flags: setting up flags for primary or internal domain
[2018/03/28 10:23:36.124486, 5, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cm.c:2374(set_dc_type_and_flags_connect)
set_dc_type_and_flags_connect: domain TEST
[2018/03/28 10:23:36.138678, 5, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cm.c:2613(set_dc_type_and_flags_connect)
set_dc_type_and_flags_connect: domain TEST is in native mode.
[2018/03/28 10:23:36.138746, 5, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cm.c:2616(set_dc_type_and_flags_connect)
set_dc_type_and_flags_connect: domain TEST is running active directory.
[2018/03/28 10:23:36.139214, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 48
[2018/03/28 10:23:36.139260, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4008 bytes to parent
[2018/03/28 10:23:36.139407, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 20
[2018/03/28 10:23:36.139443, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn LIST_TRUSTDOM
[2018/03/28 10:23:36.139488, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_misc.c:288(winbindd_dual_list_trusted_domains)
[ 699]: list trusted domains
[2018/03/28 10:23:36.139524, 5, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:166(winbindd_domain_init_backend)
winbindd_domain_init_backend: Setting ADS methods for domain TEST
[2018/03/28 10:23:36.139554, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:2825(wb_cache_trusted_domains)
trusted_domains: [Cached] - doing backend query for info for domain TEST
[2018/03/28 10:23:36.139597, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1390(trusted_domains)
ads: trusted_domains
[2018/03/28 10:23:36.140264, 3]
../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect)
ldb_wrap open of secrets.ldb
[2018/03/28 10:23:36.141050, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 135
[2018/03/28 10:23:36.143752, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 49153
[2018/03/28 10:23:36.152863, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 135
[2018/03/28 10:23:36.155888, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 49153
[2018/03/28 10:23:36.166627, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1475(trusted_domains)
trusted_domains(ads): Searching trusted domain list of TEST and
storing trust flags for domain test.com
[2018/03/28 10:23:36.166697, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4567(wcache_tdc_add_domain)
wcache_tdc_add_domain: Adding domain TEST (test.com), SID
S-1-5-21-2280622806-4116776946-4167826043, flags = 0x1d, attributes =
0x0, type = 0x2
[2018/03/28 10:23:36.166791, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4277(add_wbdomain_to_tdc_array)
add_wbdomain_to_tdc_array: Found existing record for TEST
[2018/03/28 10:23:36.166829, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4370(pack_tdc_domains)
pack_tdc_domains: Packing 3 trusted domains
[2018/03/28 10:23:36.166870, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain BUILTIN (UNKNOWN)
[2018/03/28 10:23:36.166903, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain FILES (UNKNOWN)
[2018/03/28 10:23:36.166934, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain TEST (test.com)
[2018/03/28 10:23:36.167006, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 20
[2018/03/28 10:23:36.167038, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4071 bytes to parent
[2018/03/28 10:23:36.167255, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 20
[2018/03/28 10:23:36.167290, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn LIST_TRUSTDOM
[2018/03/28 10:23:36.167319, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_misc.c:288(winbindd_dual_list_trusted_domains)
[ 699]: list trusted domains
[2018/03/28 10:23:36.167348, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:2825(wb_cache_trusted_domains)
trusted_domains: [Cached] - doing backend query for info for domain TEST
[2018/03/28 10:23:36.167393, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1390(trusted_domains)
ads: trusted_domains
[2018/03/28 10:23:36.170050, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_ads.c:1475(trusted_domains)
trusted_domains(ads): Searching trusted domain list of TEST and
storing trust flags for domain test.com
[2018/03/28 10:23:36.170119, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4567(wcache_tdc_add_domain)
wcache_tdc_add_domain: Adding domain TEST (test.com), SID
S-1-5-21-2280622806-4116776946-4167826043, flags = 0x1d, attributes =
0x0, type = 0x2
[2018/03/28 10:23:36.170194, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:4277(add_wbdomain_to_tdc_array)
add_wbdomain_to_tdc_array: Found existing record for TEST
[2018/03/28 10:23:36.170231, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4370(pack_tdc_domains)
pack_tdc_domains: Packing 3 trusted domains
[2018/03/28 10:23:36.170272, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain BUILTIN (UNKNOWN)
[2018/03/28 10:23:36.170304, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain FILES (UNKNOWN)
[2018/03/28 10:23:36.170335, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4389(pack_tdc_domains)
pack_tdc_domains: Packing domain TEST (test.com)
[2018/03/28 10:23:36.170394, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 20
[2018/03/28 10:23:36.170425, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4071 bytes to parent
[2018/03/28 10:24:31.424478, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:69(child_read_request)
Need to read 44 extra bytes
[2018/03/28 10:24:31.424567, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 56
[2018/03/28 10:24:31.424606, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn NDRCMD
[2018/03/28 10:24:31.424639, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual_ndr.c:362(winbindd_dual_ndrcmd)
winbindd_dual_ndrcmd: Running command WBINT_LOOKUPNAME (TEST)
[2018/03/28 10:24:31.424789, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:1770(wcache_name_to_sid)
wcache_name_to_sid: namemap_cache_find_name failed
[2018/03/28 10:24:31.424831, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_cache.c:1817(wb_cache_name_to_sid)
name_to_sid: [Cached] - doing backend query for name for domain TEST
[2018/03/28 10:24:31.424867, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_msrpc.c:244(msrpc_name_to_sid)
msrpc_name_to_sid: name=TEST\BTHOMAS
[2018/03/28 10:24:31.424900, 3, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_msrpc.c:258(msrpc_name_to_sid)
name_to_sid [rpc] TEST\BTHOMAS for domain TEST
[2018/03/28 10:24:31.424933, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:2973(cm_connect_lsa_tcp)
cm_connect_lsa_tcp
[2018/03/28 10:24:31.425082, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 135
[2018/03/28 10:24:31.428731, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.157.0.19 at port 49152
[2018/03/28 10:24:31.435308, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 56
[2018/03/28 10:24:31.435376, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4044 bytes to parent
[2018/03/28 10:24:31.821764, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:69(child_read_request)
Need to read 48 extra bytes
[2018/03/28 10:24:31.821840, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1545(child_handler)
child daemon request 56
[2018/03/28 10:24:31.821875, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual.c:665(child_process_request)
child_process_request: request fn NDRCMD
[2018/03/28 10:24:31.821905, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_dual_ndr.c:362(winbindd_dual_ndrcmd)
winbindd_dual_ndrcmd: Running command WBINT_LOOKUPSIDS (TEST)
[2018/03/28 10:24:31.821957, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cm.c:2973(cm_connect_lsa_tcp)
cm_connect_lsa_tcp
[2018/03/28 10:24:31.825945, 4, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1553(child_handler)
Finished processing child request 56
[2018/03/28 10:24:31.826013, 10, pid=700, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:104(child_write_response)
Writing 4152 bytes to parent
######################
And from log.winbindd:
[2018/03/28 10:24:31.423718, 3, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam bthomas
[2018/03/28 10:24:31.435508, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4802(wcache_store_ndr)
could not fetch seqnum for domain TEST
[2018/03/28 10:24:31.435577, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/wb_sids2xids.c:113(wb_sids2xids_send)
SID 0: S-1-5-21-2280622806-4116776946-4167826043-1108
[2018/03/28 10:24:31.436381, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1578(fork_domain_child)
fork_domain_child called without domain.
[2018/03/28 10:24:31.437336, 10, pid=707, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_dual.c:1632(fork_domain_child)
Child process 707
[2018/03/28 10:24:31.821385, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/wb_sids2xids.c:113(wb_sids2xids_send)
SID 0: S-1-5-21-2280622806-4116776946-4167826043-513
[2018/03/28 10:24:31.821530, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_util.c:1467(find_lookup_domain_from_sid)
find_lookup_domain_from_sid: SID
[S-1-5-21-2280622806-4116776946-4167826043-513]
[2018/03/28 10:24:31.821585, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_util.c:1512(find_lookup_domain_from_sid)
calling find_our_domain
[2018/03/28 10:24:31.826194, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4802(wcache_store_ndr)
could not fetch seqnum for domain TEST
[2018/03/28 10:24:31.828528, 5, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd_getpwnam.c:128(winbindd_getpwnam_recv)
Could not convert sid S-1-5-21-2280622806-4116776946-4167826043-1108:
NT_STATUS_NO_SUCH_USER
[2018/03/28 10:24:31.829171, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd.c:757(wb_request_done)
wb_request_done[706:GETPWNAM]: NT_STATUS_NO_SUCH_USER
[2018/03/28 10:24:31.829219, 10, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd.c:825(winbind_client_response_written)
winbind_client_response_written[706:GETPWNAM]: delivered response to
client
[2018/03/28 10:24:31.829328, 6, pid=699, effective(0, 0), real(0, 0),
class=winbind]
../source3/winbindd/winbindd.c:930(winbind_client_request_read)
closing socket 25, client exited
root at files:/var/log/samba# net ads testjoin
Join is OK
root at files:/var/log/samba# net ads info
LDAP server: 10.157.0.19
LDAP server name: dc-test.test.com
Realm: TEST.COM
Bind Path: dc=TEST,dc=COM
LDAP port: 389
Server time: Wed, 28 Mar 2018 10:42:57 EDT
KDC server: 10.157.0.19
Server time offset: 0
Last machine account password change: Tue, 27 Mar 2018 17:19:46 EDT
root at files:/var/log/samba# wbinfo -p
Ping to winbindd succeeded
root at files:/var/log/samba# wbinfo --ping-dc
checking the NETLOGON for domain[TEST] dc connection to
"dc-test.test.com" succeeded
root at files:~# wbinfo -u
krbtgt
dns-dc-test
guest
administrator
bthomas
root at files:~# wbinfo -g
denied rodc password replication group
domain admins
domain guests
schema admins
allowed rodc password replication group
domain computers
enterprise read-only domain controllers
read-only domain controllers
ras and ias servers
test domain admin
group policy creator owners
domain controllers
dnsadmins
cert publishers
domain users
enterprise admins
dnsupdateproxy
Any help would be greatly apprceated as always.
Thank You, Bob Thomas
More information about the samba
mailing list