[Samba] temporary winbindd issue
Andrea Cucciarre'
acucciarre at cloudian.com
Mon Dec 28 09:39:11 UTC 2020
Hello,
my Samba share was working perfectly and then suddenly was not available
to windows client.
The Samba server is a Domain member and the command "wbinfo -u" and
"getent passwd" returned no AD users.
The service has been recovered merely by restarting the winbindd service
We are running Samba 4.9.5 and my smb.conf is as below, I have also
pasted some (relevant?) logs
Are you aware of any known issue or miss-configuration?
[global]
client ldap sasl wrapping = plain
dedicated keytab file = /etc/krb5.keytab
disable spoolss = yes
host msdfs = no
idmap config * : backend = tdb
idmap config * : range = 30000-40000
idmap config * : schema_mode = rfc2307
idmap config MERCURIA : backend = rid
idmap config MERCURIA : range = 1000000-20000000
idmap config MERCURIA : schema_mode = rfc2307
kerberos method = secrets and keytab
load printers = no
local master = no
log file = /opt/samba/log/%m.log
log level = 5
map acl inherit = Yes
map to guest = bad user
max log size = 100000
preferred master = no
printcap name = /dev/null
realm = mercuria.met
security = ads
server string = Data %h
store dos attributes = Yes
vfs objects = zfsacl
winbind enum groups = yes
winbind enum users = yes
winbind expand groups = 10
winbind nested groups = yes
winbind normalize names = no
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind use default domain = no
workgroup = MERCURIA
[2020/12/28 08:45:54.785608, 3]
../source3/winbindd/winbindd_pam.c:1495(winbind_samlogon_retry_loop)
Could not open handle to NETLOGON pipe (error:
NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND, attempts: 0)
[2020/12/28 08:45:54.785887, 3]
../source3/winbindd/winbindd_pam.c:1525(winbind_samlogon_retry_loop)
The connection to netlogon failed, retrying
[2020/12/28 08:45:54.785898, 3]
../source3/winbindd/winbindd_pam.c:1495(winbind_samlogon_retry_loop)
Could not open handle to NETLOGON pipe (error:
NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND, attempts: 1)
[2020/12/28 08:45:54.785911, 3]
../source3/winbindd/winbindd_pam.c:1501(winbind_samlogon_retry_loop)
This is again a problem for this particular call, forcing the close
of this connection
...
2020/12/28 09:36:35.257954, 3]
../source3/winbindd/winbindd_pam.c:1495(winbind_samlogon_retry_loop)
Could not open handle to NETLOGON pipe (error:
NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND, attempts: 3)
[2020/12/28 09:36:35.257964, 3]
../source3/winbindd/winbindd_pam.c:1501(winbind_samlogon_retry_loop)
This is again a problem for this particular call, forcing the close
of this connection
[2020/12/28 09:36:35.257974, 3]
../source3/winbindd/winbindd_pam.c:1515(winbind_samlogon_retry_loop)
This is the third problem for this particular call, adding DC to the
negative cache list: MERCURIA CHGVA-DC22.mercuria.met
[2020/12/28 09:36:35.257992, 2]
../source3/winbindd/winbindd_pam.c:2395(winbind_dual_SamLogon)
NTLM CRAP authentication for user [MERCURIA]\[rvenkatesh] returned
NT_STATUS_NO_LOGON_SERVERS
[2020/12/28 09:36:35.258006, 4]
../source3/winbindd/winbindd_dual.c:1605(child_handler)
Finished processing child request 14
[2020/12/28 09:36:35.362413, 5]
../source3/winbindd/winbindd_cm.c:162(msg_try_to_go_online)
msg_try_to_go_online: received for domain MERCURIA.
[2020/12/28 09:36:35.362449, 3]
../source3/winbindd/winbindd_cm.c:2146(connection_ok)
connection_ok: Connection to CHGVA-DC22.mercuria.met for domain
MERCURIA is not connected
[2020/12/28 09:36:35.362509, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "MERCURIA" domain
[2020/12/28 09:36:35.362540, 5]
../source3/libads/sitename_cache.c:104(sitename_fetch)
sitename_fetch: Returning sitename for realm 'mercuria.met': "Geneva"
[2020/12/28 09:36:35.362560, 4]
../source3/libsmb/namequery_dc.c:78(ads_dc_name)
ads_dc_name: domain=MERCURIA
[2020/12/28 09:36:35.362577, 5]
../source3/libads/sitename_cache.c:104(sitename_fetch)
sitename_fetch: Returning sitename for realm 'mercuria.met': "Geneva"
[2020/12/28 09:36:35.362597, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
[2020/12/28 09:36:35.362609, 3]
../source3/libsmb/namequery.c:3111(get_dc_list)
get_dc_list: preferred server list: ", *"
[2020/12/28 09:36:35.362625, 5]
../source3/libsmb/namecache.c:165(namecache_fetch)
name mercuria.met#1C found.
[2020/12/28 09:36:35.362712, 4]
../source3/libsmb/namequery.c:3256(get_dc_list)
get_dc_list: returning 7 ip addresses in an ordered list
[2020/12/28 09:36:35.362724, 4]
../source3/libsmb/namequery.c:3257(get_dc_list)
get_dc_list: 10.41.10.247:389 10.41.10.144:389 10.41.10.123:389
10.41.10.55:389 10.41.10.155:389 10.41.11.127:389 10.41.10.246:389
[2020/12/28 09:36:35.362743, 5]
../source3/libads/ldap.c:255(ads_try_connect)
ads_try_connect: sending CLDAP request to 10.41.10.247 (realm:
mercuria.met)
[2020/12/28 09:36:35.363201, 3] ../source3/libads/ldap.c:636(ads_connect)
Successfully contacted LDAP server 10.41.10.247
[2020/12/28 09:36:35.363224, 5]
../source3/libads/sitename_cache.c:104(sitename_fetch)
sitename_fetch: Returning sitename for realm 'mercuria.met': "Geneva"
[2020/12/28 09:36:35.363256, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
[2020/12/28 09:36:35.363269, 3]
../source3/libsmb/namequery.c:3111(get_dc_list)
get_dc_list: preferred server list: ", *"
[2020/12/28 09:36:35.363282, 5]
../source3/libsmb/namequery.c:2411(resolve_ads)
resolve_ads: Attempting to resolve KDCs for mercuria.met using DNS
[2020/12/28 09:36:35.388566, 4]
../lib/addns/dnsquery.c:435(ads_dns_lookup_srv)
ads_dns_lookup_srv: 8 records returned in the answer section.
[2020/12/28 09:36:35.614535, 4]
../source3/libsmb/namequery.c:3256(get_dc_list)
get_dc_list: returning 7 ip addresses in an ordered list
[2020/12/28 09:36:35.614557, 4]
../source3/libsmb/namequery.c:3257(get_dc_list)
get_dc_list: 10.41.10.55:88 10.41.10.155:88 10.41.11.127:88
10.41.10.246:88 10.41.10.247:88 10.41.10.144:88 10.41.10.123:88
[2020/12/28 09:36:35.614578, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
[2020/12/28 09:36:35.614591, 3]
../source3/libsmb/namequery.c:3111(get_dc_list)
get_dc_list: preferred server list: ", *"
[2020/12/28 09:36:35.614604, 5]
../source3/libsmb/namequery.c:2411(resolve_ads)
resolve_ads: Attempting to resolve KDCs for mercuria.met using DNS
[2020/12/28 09:36:35.845185, 4]
../lib/addns/dnsquery.c:435(ads_dns_lookup_srv)
ads_dns_lookup_srv: 25 records returned in the answer section.
[2020/12/28 09:36:35.845361, 4]
../source3/libsmb/namequery.c:3256(get_dc_list)
get_dc_list: returning 25 ip addresses in an ordered list
[2020/12/28 09:36:35.845373, 4]
../source3/libsmb/namequery.c:3257(get_dc_list)
get_dc_list: 10.224.75.227:88 10.224.75.226:88 10.41.10.247:88
10.17.140.100:88 10.16.140.14:88 10.16.211.11:88 10.1.12.15:88
10.1.12.16:88 10.16.140.13:88 10.178.10.23:88 10.41.10.144:88
10.41.10.55:88 10.41.10.123:88 10.41.10.155:88 10.32.10.100:88
10.41.10.246:88 10.224.11.44:88 10.226.10.12:88 10.226.10.11:88
10.227.70.150:88 10.44.11.27:88 10.44.11.171:88 10.49.11.55:88
10.49.11.14:88 10.34.10.16:88
[2020/12/28 09:36:35.846776, 5]
../source3/libads/kerberos.c:741(create_local_private_krb5_conf_for_domain)
create_local_private_krb5_conf_for_domain: wrote file
/opt/samba/var/lock/smb_krb5/krb5.conf.MERCURIA with realm MERCURIA.MET
KDC list = kdc = 10.41.10.247
kdc = 10.41.10.55
kdc = 10.41.10.155
kdc = 10.41.11.127
[2020/12/28 09:36:35.846811, 4]
../source3/libsmb/namequery_dc.c:152(ads_dc_name)
ads_dc_name: using server='CHGVA-DC22.MERCURIA.MET' IP=10.41.10.247
[2020/12/28 09:36:35.846834, 5]
../source3/libads/sitename_cache.c:104(sitename_fetch)
sitename_fetch: Returning sitename for realm 'mercuria.met': "Geneva"
[2020/12/28 09:36:35.846851, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
[2020/12/28 09:36:35.846863, 3]
../source3/libsmb/namequery.c:3111(get_dc_list)
get_dc_list: preferred server list: ", *"
[2020/12/28 09:36:35.846878, 5]
../source3/libsmb/namecache.c:165(namecache_fetch)
name mercuria.met#1C found.
[2020/12/28 09:36:35.846934, 4]
../source3/libsmb/namequery.c:3256(get_dc_list)
get_dc_list: returning 7 ip addresses in an ordered list
[2020/12/28 09:36:35.846945, 4]
../source3/libsmb/namequery.c:3257(get_dc_list)
get_dc_list: 10.41.10.247:389 10.41.10.144:389 10.41.10.123:389
10.41.10.55:389 10.41.10.155:389 10.41.11.127:389 10.41.10.246:389
[2020/12/28 09:36:35.846986, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
[2020/12/28 09:36:35.846998, 3]
../source3/libsmb/namequery.c:3111(get_dc_list)
get_dc_list: preferred server list: ", *"
[2020/12/28 09:36:35.847011, 5]
../source3/libsmb/namecache.c:165(namecache_fetch)
name mercuria.met#1C found.
[2020/12/28 09:36:35.847059, 4]
../source3/libsmb/namequery.c:3256(get_dc_list)
get_dc_list: returning 7 ip addresses in an ordered list
[2020/12/28 09:36:35.847069, 4]
../source3/libsmb/namequery.c:3257(get_dc_list)
get_dc_list: 10.41.10.247:389 10.41.10.144:389 10.41.10.123:389
10.41.10.55:389 10.41.10.155:389 10.41.11.127:389 10.41.10.246:389
[2020/12/28 09:36:35.847130, 3]
../source3/lib/util_sock.c:515(open_socket_out_send)
Connecting to 10.41.10.247 at port 445
[2020/12/28 09:36:35.847297, 5]
../source3/libads/ldap.c:255(ads_try_connect)
ads_try_connect: sending CLDAP request to 10.41.10.247 (realm:
mercuria.met)
[2020/12/28 09:36:35.847661, 3] ../source3/libads/ldap.c:636(ads_connect)
Successfully contacted LDAP server 10.41.10.247
[2020/12/28 09:36:35.847677, 5]
../source3/libsmb/namecache.c:78(namecache_store)
namecache_store: storing 1 address for CHGVA-DC22.mercuria.met#20:
10.41.10.247
[2020/12/28 09:36:35.847766, 5]
../source3/libads/sitename_cache.c:104(sitename_fetch)
sitename_fetch: Returning sitename for realm 'MERCURIA.MET': "Geneva"
[2020/12/28 09:36:35.847798, 5]
../source3/libsmb/namequery.c:212(saf_fetch)
saf_fetch: failed to find server for "mercuria.met" domain
--
Regards
Andrea Cucciarre'
More information about the samba
mailing list