[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Did you link libnss_winbind correctly? http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ winbind.html#id412579 Cheers, henrik 23 maj 2007 kl. 00:02 skrev David Lee: Thanks for the suggestion, but these are already set. I am not making any progress on this. David Lee On Friday 18 May 2007 08:53, Alex Crow wrote: In smb.conf, do you have winbind enum groups = yes winbind enum users = yes ? I got stumped by this myself but these seem now to be off by default and need to be added for nsswitch to enumerate users/groups. Cheers Alex On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote: Hi Rune I have passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis and am now wondering what the netgroup entry is doing. Other than that, it looks OK to me. Removing the netgroup entry does not help. David Lee -- Forwarded Message -- Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users Date: Thursday 17 May 2007 01:20 From: Rune Tønnesen Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune Tønnesen Venlig Hilsen/Best Regards I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2 (461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba --- -- David Lee Living Stones, Flore, UK -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Thanks for the suggestion, but these are already set. I am not making any progress on this. David Lee On Friday 18 May 2007 08:53, Alex Crow wrote: > In smb.conf, do you have > winbind enum groups = yes > winbind enum users = yes ? > > I got stumped by this myself but these seem now to be off by default and > need to be added for nsswitch to enumerate users/groups. > > Cheers > > Alex > > On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote: > > Hi Rune > > I have > > > > passwd: compat winbind > > group: compat winbind > > shadow: compat > > > > hosts: files dns > > networks: files > > > > protocols: db files > > services: db files > > ethers: db files > > rpc:db files > > > > netgroup: nis > > > > and am now wondering what the netgroup entry is doing. > > Other than that, it looks OK to me. > > > > Removing the netgroup entry does not help. > > > > David Lee > > > > -- Forwarded Message -- > > > > Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives > > local users > > Date: Thursday 17 May 2007 01:20 > > From: Rune Tønnesen > > > > Hi' David > > > > have you checked your setup in the /etc/nsswitch.conf file? > > -- > > Rune Tønnesen > > Venlig Hilsen/Best Regards > > > > > I only have limited Samba experience, and expect this is a silly > > > mistake, but have been unable to find a solution > > > > > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > > > (SPARKSTONELX), aiming to unify logins with other windows machines > > > accessing the PDC, again samba/Debian, with tdbsam password backend. > > > All is well, joining the domain, and getting account details using > > > wbinfo -u, but getent passwd only gives the local account details. > > > > > > The log file on the PDC (FILESTONE) reports > > > > > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > > > get_md4pw: Workstation SPARKSTONELX$: no account in domain > > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > > > _net_auth2: failed to get machine password for account SPARKSTONELX$: > > > NT_STATUS_ACCESS_DENIED > > > > > > [2007/05/15 22:31:52, 1] > > > nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in > > > domain STONES does not exist > > > > > > and on the Linux desktop > > > > > > [2007/05/15 22:30:18, 1] > > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > > > cli_pipe_validate_current_pdu: RPC fault code > > > DCERPC_FAULT_OP_RNG_ERROR received from remo > > > te machine FILESTONE pipe \lsarpc fnum 0x767a! > > > [2007/05/15 22:30:18, 1] > > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > > > cli_pipe_validate_current_pdu: Bind NACK received from remote > > > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > > > STONES > > > sparkstonelx:/var/log/samba# wbinfo -t > > > checking the trust secret via RPC calls succeeded > > > sparkstonelx:/var/log/samba# wbinfo -D stones > > > Name : STONES > > > Alt_Name : > > > SID : S-1-5-21-835963941-2627181251-1431239077 > > > Active Directory : No > > > Native: No > > > Primary : Yes > > > Sequence : 1179266454 > > > FILESTONE pipe \samr > > > fnum 0x767b! > > > [2007/05/15 22:30:18, 0] > > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > > > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with > > > error NT_STATUS_NETWORK_ > > > ACCESS_DENIED > > > [2007/05/15 22:30:18, 1] > > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > > > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > > > FILESTONE pipe \lsar > > > pc fnum 0x767e! > > > [2007/05/15 22:30:18, 0] > > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > > > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with > > > error NT_STATUS_NETWORK_ > > > ACCESS_DENIED > > > > > > but > > > > > > sparkstonelx:/var/log/samba# wbinfo --own-domain > > > STONES > > > sparkstonelx:/var/log/samba# wbi
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
David, Did my advice help? I think this should probably go into the "Interdomain Trusts" section of "By Example" as I was banging my head against a brick wall for ages until I realised that you need these args on the *trusting* domain's PDC to be able to log on to the trusted domain (unless you add local accounts on the trusted DC). Thanks Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
In smb.conf, do you have winbind enum groups = yes winbind enum users = yes ? I got stumped by this myself but these seem now to be off by default and need to be added for nsswitch to enumerate users/groups. Cheers Alex On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote: > Hi Rune > I have > > passwd: compat winbind > group: compat winbind > shadow: compat > > hosts: files dns > networks: files > > protocols: db files > services: db files > ethers: db files > rpc:db files > > netgroup: nis > > and am now wondering what the netgroup entry is doing. > Other than that, it looks OK to me. > > Removing the netgroup entry does not help. > > David Lee > > -- Forwarded Message ------ > > Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives > local users > Date: Thursday 17 May 2007 01:20 > From: Rune Tønnesen > > Hi' David > > have you checked your setup in the /etc/nsswitch.conf file? > -- > Rune Tønnesen > Venlig Hilsen/Best Regards > > > I only have limited Samba experience, and expect this is a silly mistake, > > but have been unable to find a solution > > > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > > (SPARKSTONELX), aiming to unify logins with other windows machines > > accessing the PDC, again samba/Debian, with tdbsam password backend. All is > > well, joining the domain, and getting account details using wbinfo -u, but > > getent passwd only gives the local account details. > > > > The log file on the PDC (FILESTONE) reports > > > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > > get_md4pw: Workstation SPARKSTONELX$: no account in domain > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > > _net_auth2: failed to get machine password for account SPARKSTONELX$: > > NT_STATUS_ACCESS_DENIED > > > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > > group sparkstonelx$ in domain STONES does not exist > > > > and on the Linux desktop > > > > [2007/05/15 22:30:18, 1] > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > > received from remo > > te machine FILESTONE pipe \lsarpc fnum 0x767a! > > [2007/05/15 22:30:18, 1] > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > > cli_pipe_validate_current_pdu: Bind NACK received from remote > > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > > STONES > > sparkstonelx:/var/log/samba# wbinfo -t > > checking the trust secret via RPC calls succeeded > > sparkstonelx:/var/log/samba# wbinfo -D stones > > Name : STONES > > Alt_Name : > > SID : S-1-5-21-835963941-2627181251-1431239077 > > Active Directory : No > > Native: No > > Primary : Yes > > Sequence : 1179266454 > > FILESTONE pipe \samr > > fnum 0x767b! > > [2007/05/15 22:30:18, 0] > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > > NT_STATUS_NETWORK_ > > ACCESS_DENIED > > [2007/05/15 22:30:18, 1] > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > > FILESTONE pipe \lsar > > pc fnum 0x767e! > > [2007/05/15 22:30:18, 0] > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > > NT_STATUS_NETWORK_ > > ACCESS_DENIED > > > > but > > > > sparkstonelx:/var/log/samba# wbinfo --own-domain > > STONES > > sparkstonelx:/var/log/samba# wbinfo -t > > checking the trust secret via RPC calls succeeded > > sparkstonelx:/var/log/samba# wbinfo -D stones > > Name : STONES > > Alt_Name : > > SID : S-1-5-21-835963941-2627181251-1431239077 > > Active Directory : No > > Native: No > > Primary : Yes > > Sequence : 1179266454 > > > > Any ideas? > > > > My network is about 6 machines in a Christian community, some being XP > > home, which limits my possible security settings! > > -- > > David Lee > > > > Living Stones, Flore, UK > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > --- > > -- > David Lee > > Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi Rune I have passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis and am now wondering what the netgroup entry is doing. Other than that, it looks OK to me. Removing the netgroup entry does not help. David Lee -- Forwarded Message -- Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users Date: Thursday 17 May 2007 01:20 From: Rune Tønnesen Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune Tønnesen Venlig Hilsen/Best Regards > I only have limited Samba experience, and expect this is a silly mistake, > but have been unable to find a solution > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > (SPARKSTONELX), aiming to unify logins with other windows machines > accessing the PDC, again samba/Debian, with tdbsam password backend. All is > well, joining the domain, and getting account details using wbinfo -u, but > getent passwd only gives the local account details. > > The log file on the PDC (FILESTONE) reports > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > get_md4pw: Workstation SPARKSTONELX$: no account in domain > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > _net_auth2: failed to get machine password for account SPARKSTONELX$: > NT_STATUS_ACCESS_DENIED > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > group sparkstonelx$ in domain STONES does not exist > > and on the Linux desktop > > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > received from remo > te machine FILESTONE pipe \lsarpc fnum 0x767a! > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > FILESTONE pipe \samr > fnum 0x767b! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > FILESTONE pipe \lsar > pc fnum 0x767e! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > > but > > sparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > > Any ideas? > > My network is about 6 machines in a Christian community, some being XP > home, which limits my possible security settings! > -- > David Lee > > Living Stones, Flore, UK > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba --- -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune Tønnesen Venlig Hilsen/Best Regards > > I only have limited Samba experience, and expect this is a silly mistake, but > have been unable to find a solution > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > (SPARKSTONELX), aiming to unify logins with other windows machines accessing > the PDC, again samba/Debian, with tdbsam password backend. All is well, > joining the domain, and getting account details using wbinfo -u, but getent > passwd only gives the local account details. > > The log file on the PDC (FILESTONE) reports > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > get_md4pw: Workstation SPARKSTONELX$: no account in domain > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > _net_auth2: failed to get machine password for account SPARKSTONELX$: > NT_STATUS_ACCESS_DENIED > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > group sparkstonelx$ in domain STONES does not exist > > and on the Linux desktop > > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > received from remo > te machine FILESTONE pipe \lsarpc fnum 0x767a! > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > FILESTONE pipe \samr > fnum 0x767b! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > FILESTONE pipe \lsar > pc fnum 0x767e! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > > but > > sparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native: No > Primary : Yes > Sequence : 1179266454 > > Any ideas? > > My network is about 6 machines in a Christian community, some being XP home, > which limits my possible security settings! > -- > David Lee > > Living Stones, Flore, UK > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native: No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee Living Stones, Flore, UK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
