-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello list
This was not a issue with Samba. My apologize for writing to the wrong list. This was an issue with nss_ldap lib. For the record to the people using Samba with a OpenLDAP backend: Do NOT use nss_ldap 226! Revert to 220, which is stable. How did I figure this out? I used another servers ldap as backend instead of localhost and the answer was correct every single time. For the record I have 3 OpenLDAP servers which are replicating each other. Cheers, - Jacob Jacob Nielsen wrote: > Hello list > > Recently I have discovered that my users are getting > \\fileserver\userdrive mapped as homedir instead of > \\fileserver\userdrive\<username>. I played around abit and > discovered the following: > > g-file samba # smbclient -L localhost -U jrnielsen%<mypassword> > Domain=[NORDIC] OS=[Unix] Server=[Samba 3.0.11] > > Sharename Type Comment --------- ---- ------- > BrennTag Disk BrennTag Nordic Files userdrive > Disk Personal Employee Files IPC$ IPC IPC > Service (Samba G-FILE Server) ADMIN$ IPC IPC Service > (Samba G-FILE Server) session setup failed: Call returned zero > bytes (EOF) NetBIOS over TCP disabled -- no workgroup available > g-file samba # > > And sometimes I see: > > g-file samba # smbclient -L localhost -U jrnielsen%<mypassword> > session setup failed: Call returned zero bytes (EOF) g-file samba # > > > Very strange, because it doesn't do this all the time. But I bet > this is where the problem is. > > My setup (or the intention of it) is like this. I have 2 servers. > Both are running Samba. One PDC and one fileserver. Backend is > OpenLDAP. I have configured my fileserver as a ROLE_DOMAIN_BDC. 2 > reasons for this. First of all, I wanted the server to talk to its > own replicate of the ldap database instead of the PDCs, and second > of all, I wanted the server to be backup for the PDC. This has > worked like charm before. I don't know actually about the BDC part, > because my PDC never went down :-) > > Here is my fileserver conf: [global] dos charset = 850 unix charset > = ISO8859-1 workgroup = NORDIC server string = Samba G-FILE Server > interfaces = 10.17.151.3 passdb backend = "ldapsam:ldap://127.0.0.1 > ldap://10.17.151.7" username map = /etc/samba/smbusers log level = > auth:10 syslog = 0 log file = /var/log/samba/log.%m max log size = > 1000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 load printers = No logon script = %U.cmd logon path > = logon drive = X: logon home = \\g-file\userdrive\%U domain logons > = Yes os level = 65 preferred master = Yes domain master = No wins > support = Yes ldap admin dn = cn=Manager,dc=brenntag,dc=com ldap > group suffix = ou=Groups ldap idmap suffix = ou=Users ldap machine > suffix = ou=Computers ldap passwd sync = Yes ldap suffix = > dc=brenntag,dc=com ldap ssl = no ldap user suffix = ou=Users > > > Here is my PDC conf: [global] dos charset = 850 unix charset = > ISO8859-1 workgroup = NORDIC server string = Samba G-PDC Server > interfaces = 10.17.151.2 passdb backend = > "ldapsam:ldap://10.17.151.7/ ldap://127.0.0.1" passwd program = > /usr/share/samba/scripts/smbldap-passwd "%u" username map = > /etc/samba/smbusers syslog = 0 log file = /var/log/samba/log.%m max > log size = 1000 time server = Yes socket options = TCP_NODELAY > SO_RCVBUF=8192 SO_SNDBUF=8192 logon path = logon drive = X: logon > home = \\g-file\userdrive\%U domain logons = Yes os level = 65 > preferred master = Yes domain master = Yes wins support = Yes ldap > admin dn = cn=Manager,dc=brenntag,dc=com ldap group suffix = > ou=Groups ldap idmap suffix = ou=Users ldap machine suffix = > ou=Computers ldap passwd sync = Yes ldap suffix = > dc=brenntag,dc=com ldap ssl = no ldap user suffix = ou=Users > > [netlogon] comment = User Logonscripts path = > /etc/samba/netlogon/loginscripts write list = +Domain_Admins read > only = No root preexec = /etc/samba/netlogon/logon.pl %u %S %m %I > > > g-file samba # net getlocalsid SID for domain G-FILE is: > S-1-5-21-1085925401-2644674693-3850062157 g-file samba # net rpc > getsid Storing SID S-1-5-21-37219092-51916769-100405358 for Domain > NORDIC in secrets.tdb g-file samba # > > I wasn't sure if the SIDs are important but here they are. I have > joined the NORDIC domain with the fileserver. > > g-file samba # net join NORDIC root's password: [2005/04/16 > 01:57:51, 0] utils/net_ads.c:ads_startup(186) ads_connect: No > results returned Joined domain NORDIC. > > g-file samba # cat /var/log/samba/log.nmbd [2005/04/16 01:38:42, 0] > nmbd/nmbd.c:main(668) Netbios nameserver version 3.0.11 started. > Copyright Andrew Tridgell and the Samba Team 1994-2004 [2005/04/16 > 01:38:43, 0] nmbd/asyncdns.c:start_async_dns(149) started asyncdns > process 14125 [2005/04/16 01:38:43, 0] > nmbd/nmbd_logonnames.c:add_logon_names(163) add_domain_logon_names: > Attempting to become logon server for workgroup NORDIC on subnet > 10.17.151.3 [2005/04/16 01:38:43, 0] > nmbd/nmbd_logonnames.c:add_logon_names(163) add_domain_logon_names: > Attempting to become logon server for workgroup NORDIC on subnet > UNICAST_SUBNET [2005/04/16 01:38:43, 0] > nmbd/nmbd_logonnames.c:become_logon_server_success(124) > become_logon_server_success: Samba is now a logon server for > workgroup NORDIC on subnet UNICAST_SUBNET [2005/04/16 01:38:47, 0] > nmbd/nmbd_logonnames.c:become_logon_server_success(124) > become_logon_server_success: Samba is now a logon server for > workgroup NORDIC on subnet 10.17.151.3 > > Also I see this in my log.g-file when trying to establish > connection with the smbclient to localhost (g-file): > > [2005/04/16 01:53:08, 0] lib/fault.c:fault_report(36) > =============================================================== > [2005/04/16 01:53:08, 0] lib/fault.c:fault_report(37) INTERNAL > ERROR: Signal 11 in pid 14222 (3.0.11) Please read the appendix > Bugs of the Samba HOWTO collection [2005/04/16 01:53:08, 0] > lib/fault.c:fault_report(39) > =============================================================== > [2005/04/16 01:53:08, 0] lib/util.c:smb_panic2(1495) PANIC: > internal error [2005/04/16 01:53:08, 0] lib/util.c:smb_panic2(1503) > BACKTRACE: 37 stack frames: #0 /usr/sbin/smbd(.smb_panic2+0x88) > [0x10202ef8] #1 /usr/sbin/smbd [0x101ea290] #2 [0x1ffffff8ea8] #3 > /usr/lib/libldap-2.2.so.7 [0x800003a488] #4 > /usr/lib/libldap-2.2.so.7(.ldap_result+0x390) [0x800003b214] #5 > /usr/lib/libnss_ldap.so.2 [0x800074684c] #6 > /usr/lib/libnss_ldap.so.2 [0x8000747290] #7 > /usr/lib/libnss_ldap.so.2 [0x8000747a7c] #8 > /usr/lib/libnss_ldap.so.2 [0x800074a444] #9 > /usr/lib/libnss_ldap.so.2 [0x800074721c] #10 > /usr/lib/libnss_ldap.so.2 [0x8000747a7c] #11 > /usr/lib/libnss_ldap.so.2 [0x800074a5dc] #12 /lib/libc.so.6 > [0x8000390118] #13 /lib/libc.so.6 [0x80003904b0] #14 /usr/sbin/smbd > [0x101e23a0] #15 /usr/sbin/smbd(.getgroups_user+0x8c) [0x101e2680] > #16 /usr/sbin/smbd(.pdb_default_enum_group_memberships+0x54) > [0x101e2860] #17 /usr/sbin/smbd [0x101d7800] #18 /usr/sbin/smbd > [0x101cab68] #19 /usr/sbin/smbd(.pdb_enum_group_memberships+0x90) > [0x101ccf74] #20 /usr/sbin/smbd [0x1024b028] #21 /usr/sbin/smbd > [0x1024cb70] #22 /usr/sbin/smbd(.make_server_info_sam+0x16c) > [0x1024d03c] #23 /usr/sbin/smbd [0x1024617c] #24 /usr/sbin/smbd > [0x10246e2c] #25 /usr/sbin/smbd [0x10243ed0] #26 /usr/sbin/smbd > [0x1024e9d4] #27 /usr/sbin/smbd [0x1010a5c4] #28 > /usr/sbin/smbd(.ntlmssp_update+0x1d4) [0x10109a40] #29 > /usr/sbin/smbd(.auth_ntlmssp_update+0x30) [0x1024ee24] #30 > /usr/sbin/smbd [0x1009f648] #31 > /usr/sbin/smbd(.reply_sesssetup_and_X+0x8b8) [0x100a09d0] #32 > /usr/sbin/smbd [0x100cad4c] #33 /usr/sbin/smbd(.process_smb+0x1d0) > [0x100cb32c] #34 /usr/sbin/smbd(.smbd_process+0x18c) [0x100cc294] > #35 /usr/sbin/smbd(.main+0x760) [0x10287914] #36 /lib/libc.so.6 > [0x8000317fa4] [2005/04/16 01:57:32, 5] > auth/auth_util.c:make_user_info_map(225) make_user_info_map: > Mapping user [NORDIC]\[root] from workstation [G-FILE] [2005/04/16 > 01:57:32, 5] auth/auth_util.c:is_trusted_domain(1516) > is_trusted_domain: Checking for domain trust with [NORDIC] > [2005/04/16 01:57:32, 5] auth/auth_util.c:make_user_info(133) > > I really hope someone has a clue of why this is happening and maybe > knows what to do. > > Thanks in advanced, and let me know if I should supply more info. > > Cheers, > > - Jacob -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCYMHGSSL82UX7ZUwRArpYAJ9i4v3kg41R5zUP2AI8Ec8Hkb+9gACffWsj n5zlBRCl8qFaQnnaKGuMC1E= =u4MU -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba