Hi Jay/Samba peeps,
Emailing in reference to
http://lists.samba.org/archive/samba/2011-April/162277.html
I have seen a very similar issue with a similar setup.
Users fail to be verified with:
getent passwd username
Entry in the log at same time is:
[2012/01/23 16:58:53.159761, 3]
winbindd/winbindd_misc.c:352(winbindd_interface_version)
[18510]: request interface version
[2012/01/23 16:58:53.159966, 3]
winbindd/winbindd_misc.c:385(winbindd_priv_pipe_dir)
[18510]: request location of privileged pipe
[2012/01/23 16:58:53.160214, 3]
winbindd/winbindd_getpwnam.c:55(winbindd_getpwnam_send)
getpwnam username
[2012/01/23 16:58:53.162493, 5]
winbindd/winbindd_getpwnam.c:138(winbindd_getpwnam_recv)
Could not convert sid
S-1-5-21-1117850145-1682116191-196506527-126617: NT_STATUS_PIPE_BROKEN
Restarting winbindd solves the problem temporarily.
I've attached a copy of the smb.conf.
OS: Debian Squeeze 6.0.3
Kernel: 2.6.32-5-686-bigmem
samba 2:3.5.6~dfsg-3squeeze5
winbind 2:3.5.6~dfsg-3squeeze5
Jay did you find a solution to your problem? Has anyone else on the list
seen similar issues or have any ideas of what might be happening?
Any advice or pointers would be very much appreciated.
Thanks,
Matt
--
Matthew Baker :: Senior Systems Administrator :: University of Bristol
[global]
workgroup = WORKGROUP
server string = %h server (Samba %v)
netbios name = ou-hostname
hosts allow = 192.168.1.0/255.255.255.0, 127.0.0.1
dns proxy = no
log file = /var/log/samba/log.%m
log level = 1 winbind:5 idmap:5 auth:5 sam:5
max log size = 10000
; syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = ADS
realm = KERBEROS.EXAMPLE.ORG
kerberos method = secrets and keytab
password server = *
local master = no
restrict anonymous = 1
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
winbind enum users = no
winbind enum groups = no
winbind separator = .
winbind nested groups = Yes
winbind use default domain = Yes
template shell = /bin/bash
template homedir = /home/%U
; store the idmap for local non-AD accounts
idmap backend = tdb
idmap uid = 1000000000-10000000000
idmap gid = 1000000000-10000000000
; use the readonly stored version in AD (I1110-4800)
idmap config UOB : backend = ad
idmap config UOB : range = 100-999999999
idmap config UOB : schema_mode = rfc2307
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0700
directory mask = 0700
include = /etc/samba/shares.conf
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
