Hi,
I have some problems running Samba and Winbind 3.0.22 in a AD, kerberos
environment.
I have seen previous posts on several forums about this problem but
haven't found any solution for it yet.
I have no problem with the default Samba package that comes with Ubuntu,
3.0.14a.
But I do wan't to upgrade and the only option in that case seems to be
to compile it.
I compiled it with the following options:
./configure --with-winbind --with-configdir=/etc/samba
--with-logfilebase=/var/log/samba --with-pam_smbpass --with-pam
net rpc join and net ads join added the computer successfully to the AD.
net ads status and such commands give successful results and the
kerberos connection works.
But, when starting winbind I do get this:
[2006/04/11 14:24:19, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.0.16 bcast=192.168.0.255 nmask=255.255.255.0
[2006/04/11 14:24:19, 5] lib/util.c:init_names(260)
Netbios name list:-
my_netbios_names[0]=
[2006/04/11 14:24:19, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.0.XXX bcast=192.168.0.255 nmask=255.255.255.0
[2006/04/11 14:24:19, 5] lib/gencache.c:gencache_init(59)
Opening cache file at /usr/local/samba/var/locks/gencache.tdb
[2006/04/11 14:24:19, 5] libsmb/namecache.c:namecache_enable(58)
namecache_enable: enabling netbios namecache, timeout 660 seconds
[2006/04/11 14:24:19, 5] sam/idmap.c:smb_register_idmap(91)
smb_register_idmap: Successfully added idmap backend 'ldap'
[2006/04/11 14:24:19, 5] sam/idmap.c:smb_register_idmap(91)
smb_register_idmap: Successfully added idmap backend 'tdb'
[2006/04/11 14:24:19, 10] sam/idmap_tdb.c:db_idmap_init(500)
db_idmap_init: Opening tdbfile
/usr/local/samba/var/locks/winbindd_idmap.tdb
[2006/04/11 14:24:19, 8] lib/util.c:fcntl_lock(1820)
fcntl_lock 8 13 0 1 1
[2006/04/11 14:24:19, 8] lib/util.c:fcntl_lock(1855)
fcntl_lock: Lock call successful
[2006/04/11 14:24:19, 4] lib/time.c:TimeInit(142)
TimeInit: Serverzone is -7200
[2006/04/11 14:24:19, 2] lib/tallocmsg.c:register_msg_pool_usage(61)
Registered MSG_REQ_POOL_USAGE
[2006/04/11 14:24:19, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71)
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
[2006/04/11 14:24:19, 0] lib/util.c:smb_panic2(1554)
PANIC: Could not fetch our SID - did we join?
[2006/04/11 14:24:19, 0] lib/util.c:smb_panic2(1562)
BACKTRACE: 6 stack frames:
#0 /usr/local/samba/sbin/winbindd(smb_panic2+0x17f) [0x80099c82]
#1 /usr/local/samba/sbin/winbindd(smb_panic+0x1d) [0x80099afb]
#2 /usr/local/samba/sbin/winbindd(init_domain_list+0x78) [0x80038721]
#3 /usr/local/samba/sbin/winbindd(main+0x531) [0x8003274e]
#4 /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xd2) [0xb7d92ec2]
#5 /usr/local/samba/sbin/winbindd [0x800308c1]
Where do Winbind look for the SID?
net getlocalsid shows the SID number.
None of the wbinfo commands works.
wbinfo -t:
checking the trust secret via RPC calls failed
error code was (0x0)
Could not check secret
Part of my smb.conf, everything but the shares.:
--
use kerberos keytab = true
realm = XXX.XXX.XXX
workgroup = SWEDEN
security = ADS
netbios name = XXX
password server = XXX.XXX.XXX.XXX
domain master = no
#
# Winbind uses the default domain mapping so this isn't strictly
# needed for user data, but we want it to map Administrator = root
#
username map = /etc/samba/smbusers
#
# Winbind settings.
#
winbind cache time = 15
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = no
encrypt passwords = true
idmap uid = 1-2
idmap gid = 1-2
nt acl support = yes
wins support = yes
remote browse sync = XXX.XXX.XXX.XXX
log file = /var/log/samba/log.%m
max log size = 50
load printers = no
socket options = TCP_NODELAY
dead time = 15
getwd cache = yes
---
It's running on Ubuntu 5.10 with 2.6.12-10-386 kernel.
Cheers
Linus
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
