[Samba] Samba 4.17.2 and winbind issues
Leszek Szczepanowski
twinsen at mspanc.net
Wed Dec 7 16:00:42 UTC 2022
I was using Samba 4.16, all was ok.
My clustered Samba is joined to AD domain, all was working.
By mistake I updated servers to Samba 4.17.2
Now, just on winbind start, I'm receiving this:
[root at fs01 samba]# net ads testjoin
Join is OK
Dec 07 16:41:30 fs01.ams.optiva.com winbindd[82557]: [2022/12/07
16:41:30.246099, 1]
../../source3/rpc_client/cli_pipe.c:550(cli_pipe_validate_current_pdu)
Dec 07 16:41:30 fs01.ams.optiva.com winbindd[82557]:
../../source3/rpc_client/cli_pipe.c:550: RPC fault code
DCERPC_NCA_S_OP_RNG_ERROR received from host fs01!
Dec 07 16:41:33 fs01.ams.optiva.com winbindd[82555]: [2022/12/07
16:41:33.313098, 1]
../../source3/winbindd/wb_queryuser.c:402(wb_queryuser_got_gid)
Dec 07 16:41:33 fs01.ams.optiva.com winbindd[82555]: Returning
NT_STATUS_NO_SUCH_USER
Dec 07 16:41:33 fs01.ams.optiva.com winbindd[82555]: xid.type must be
ID_TYPE_UID or ID_TYPE_BOTH.
Dec 07 16:41:33 fs01.ams.optiva.com winbindd[82555]: [2022/12/07
16:41:33.313194, 1]
../../source3/winbindd/winbindd_getgroups.c:259(winbindd_getgroups_recv)
Dec 07 16:41:33 fs01.ams.optiva.com winbindd[82555]: Could not convert
sid S-1-5-21-76667877-53546716-1882380502-1000: NT_STATUS_NO_SUCH_USER
In general wbinfo -u and -g working.
id too:
[root at fs01 samba]# id "XXX\lszczepa"
uid=25360(XXX\lszczepa) gid=1315200513(XXX\domain users)
groups=1315200513(XXX\domain users),25360(XXX\lszczepa)
[root at fs01 samba]# net conf list
[global]
logging = syslog
log level = 1
clustering = yes
security = ads
realm = XXX.YYY.ZZZ
map acl inherit = yes
workgroup = XXX
kerberos method = secrets and keytab
idmap config * : range = 1000-7999
idmap config * : backend = tdb
ctdb:registry.tdb = yes
netbios name = FS
idmap config XXX: range = 100000-1999999999
idmap config XXX: backend = rid
[symptoms]
read only = no
inherit acls = yes
guest ok = no
browseable = yes
path = /mnt/glusterfs/symptoms/
[root at fs01 samba]# smbclient ////localhost//symptoms -U lszczepa
Password for [XXX\lszczepa]:
do_connect: Connection to failed (Error NT_STATUS_NOT_FOUND)
Because of this, I cannot login to the samba share using AD credentials :(
What is this S-1-5-21-76667877-53546716-1882380502-1000 ??
Actually, my user on this machine has uid=1000 and gid=1000
But I think it has nothing to do with that.
--
Leszek A. Szczepanowski
twinsen at mspanc.net
More information about the samba
mailing list