Samba 4.3.13 logon oddity on Solaris 10
Bernd Markgraf
bernd.markgraf at med.ovgu.de
Tue Jun 19 09:12:11 UTC 2018
Hi,
I just finished building Samba 4.3.13 on a Solaris 10 box and
successfully joined it to a domain. DC is Samba 4.3.13 on FreeBSD.
The OS itself uses LDAP+Kerberos to authenticate users on the Unix
level and that works just fine. The DC has rfc2307bis schema in place
and user records have uidnumber and gidnumber properly set.
The trouble is when users try to logon to a Samba share on this machine
the first attempt fails and while the second try succeeds. Providing
the password on the command line to smbclient rules out typos when
entering the password.
Attached are logs with debug level 5 for the failed logon attempt and
for the successful login.
All looks good in the fail log up to around line 535. pop_sec_ctx is
the last thing in both logs before things start to differ.
The failure occurs at
../source3/auth/token_util.c:430(add_local_groups)
SID S-1-5-21-823329394-1231227920-234269439-1202 -> getpwuid(4294967295) failed
This looks funny. 4294967295 is a strange UID, in fact it's -1 printed
as unsigned. I've followed the source back to sid_to_uid which seems to
fail and leaves uid set -1.
On a side note - Solaris 10 still has uid_t typedef'd to int (or long
depending on the platform/ABI used)...
The second try to logon a second or two later succeeds. My guess is
that it somehow fails on the first attempt, but on the second try the
needed information seems to be present in the cache.
Interstingly wbinfo -i also reports 4294967295 as uid and gid numbers
and never report the proper numbers regardsless how often I run wbinfo.
How Do I best proceed to investigate and resolve that issue?
Thanks,
Bernd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 172.21.80.17-fail.log
Type: text/x-log
Size: 30710 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180619/1ff6277a/172.21.80.17-fail.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 172.21.80.17-success.log
Type: text/x-log
Size: 40452 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180619/1ff6277a/172.21.80.17-success.bin>
More information about the samba-technical
mailing list