Hello All, I am currently having an issue with my samba PDC. I have recently updated to 3.6.5 Samba, and have made what i believe to be the correct changes in my config to account for the changes to the idmap system. My setup is as follows, SAMBA PDC on RHEL 6.2, which authenticates passwords through Kerberos, and Deals with user profiles via LDAP. I had about 25 Windows clients which were able to connect, receive their profiles and have full access to their personal and group shares. Recently I have had complaints that no users are able to access their group shares. Upon troubleshooting I notice the winbind daemon had failed.
It will not restart, I do not see any configuration issues that would be causing problems. I had thoroughly tested for about a month in a lab environment, this issue never arross. I began using winbind to allow for direct accessing of posix account values in LDAP from samba, without the need for the smbldap-tools scripts. I am able to join machines to the domain, add users, remove users and machines etc. I am not sure what could be causing the issue which does not allow users to access group shares, but even more importantly I cannot figure out what is wrong with winbind. Attached to this email I have the winbind stack trace, winbind daemon stdout which is shown on terminal, and my samba config. I feel it also important to note that this PDC replace a much older 3.5.3 PDC, which utilized the 3rd party smbldap tools scripts and did not need winbind. This is new territory for me. I am sure there is something that I am missing, though i am not sure what. If anyone could please take a look and if possible shed a bit of light on what it might be i would greatly appreciate it. If anymore information is needed, please let me know and I shall provide it. Thank You -- Anthony Boccia Afilias Canada Corp Systems Administrator Production Control - Infrastructure
=============================================================== INTERNAL ERROR: Signal 11 in pid 1493 (3.6.5-1.el6) Please read the Trouble-Shooting section of the Samba3-HOWTO From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf =============================================================== PANIC (pid 1493): internal error BACKTRACE: 13 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7f6fc31b120a] #1 winbindd(smb_panic+0x2b) [0x7f6fc31b12db] #2 winbindd(+0x1940a4) [0x7f6fc31a20a4] #3 /lib64/libc.so.6(+0x31fbc32900) [0x7f6fc0402900] #4 winbindd(dom_sid_compare+0x28) [0x7f6fc31dd7c8] #5 winbindd(add_sid_to_array_unique+0x43) [0x7f6fc31df7a3] #6 winbindd(create_token_from_username+0x563) [0x7f6fc3134a83] #7 winbindd(create_local_token+0x55) [0x7f6fc3132285] #8 winbindd(make_serverinfo_from_username+0x80) [0x7f6fc3132700] #9 winbindd(init_system_info+0x5e) [0x7f6fc31330de] #10 winbindd(main+0x5ab) [0x7f6fc30dd48b] #11 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f6fc03eecdd] #12 winbindd(+0xccf19) [0x7f6fc30daf19] dumping core in /var/log/samba/cores/winbindd Aborted (core dumped)
pm_process() returned Yes adding IPC service Substituting charset 'UTF-8' for LOCALE added interface eth0 ip=fe80::250:56ff:fe9a:d14%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: added interface eth0 ip=10.10.32.88 bcast=10.10.39.255 netmask=255.255.248.0 Netbios name list:- my_netbios_names[0]="SAMBA" added interface eth0 ip=fe80::250:56ff:fe9a:d14%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: added interface eth0 ip=10.10.32.88 bcast=10.10.39.255 netmask=255.255.248.0 TimeInit: Serverzone is 0 initialize_winbindd_cache: clearing cache and re-creating with version number 2 Overriding messaging pointer for type 1 - private_data=(nil) Added domain BUILTIN S-1-5-32 Added domain domain S-1-5-21-408791004-3275982270-559079837 Finding user sambaadmin Trying _Get_Pwnam(), username as lowercase is sambaadmin Get_Pwnam_internals did find user [sambaadmin]! Finding user sambaadmin Trying _Get_Pwnam(), username as lowercase is sambaadmin Get_Pwnam_internals did find user [sambaadmin]! Opening cache file at /var/lib/samba/gencache.tdb Opening cache file at /var/lib/samba/gencache_notrans.tdb gid_to_sid: winbind failed to find a sid for gid 0 Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend IPA_ldapsam Successfully added passdb backend 'IPA_ldapsam' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend wbc_sam Successfully added passdb backend 'wbc_sam' Attempting to find a passdb backend to match ldapsam:"ldap://kerberos-ldap-server ldap://ldapserver1 ldap://ldapserver2 " (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=domain))] smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(objectClass=sambaDomain)(sambaDomainName=domain))], scope => [2] Substituting charset 'UTF-8' for LOCALE The connection to the LDAP server was closed StartTLS issued: using a TLS connection smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server The LDAP server is successfully connected pdb backend ldapsam:"ldap://kerberos-ldap-server ldap://ldapserver1 ldap://ldapserver2 " has a valid init smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one Forcing Primary Group to 'Domain Users' for sambaadmin smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(objectClass=posixGroup)(|(memberUid=sambaadmin)(gidNumber=0)))], scope => [2] primary group of [sambaadmin] not found smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(uid=sambaadmin)(objectclass=sambaSamAccount))], scope => [2] init_sam_from_ldap: Entry found for user: sambaadmin smbldap_search_ext: base => [sambaDomainName=domain,dc=domain,dc=info], filter => [(objectClass=sambaDomain)], scope => [0] gid_to_sid: winbind failed to find a sid for gid 0 smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one gid_to_sid: winbind failed to find a sid for gid 0 smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one Forcing Primary Group to 'Domain Users' for sambaadmin Opening cache file at /var/lib/samba/login_cache.tdb smbldap_search_ext: base => [sambaDomainName=domain,dc=domain,dc=info], filter => [(objectClass=sambaDomain)], scope => [0] smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(sambaSID=S-1-5-21-408791004-3275982270-559079837-500)(objectclass=sambaSamAccount))], scope => [2] init_sam_from_ldap: Entry found for user: sambaadmin gid_to_sid: winbind failed to find a sid for gid 0 smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one gid_to_sid: winbind failed to find a sid for gid 0 smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(gidNumber=0)(objectClass=sambaGroupMapping))], scope => [2] ERROR: Got 0 entries for gid 0, expected one Forcing Primary Group to 'Domain Users' for sambaadmin smbldap_search_ext: base => [dc=domain,dc=info], filter => [(&(objectClass=posixGroup)(|(memberUid=sambaadmin)(gidNumber=0)))], scope => [2] primary group of [sambaadmin] not found ===============================================================
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba