Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration. From: justin joseph To: Date: Monday, 14/06/2010 6:21 AM t...@tms3.com wrote: SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? I get the below pasted response: r...@enpaqadserver.com:/etc/samba# net ads testjoin Enter enp...@enpaqadserver.com's password: [2010/06/14 18:47:09, 0] libads/kerberos.c:333(ads_kinit_password) kerberos_kinit_password enp...@enpaqadserver.com failed: Clients credentials have been revoked Join to domain is not valid: Access denied r...@enpaqadserver.com:/etc/samba# Rejoin the domain. I am unable to join the domain. I thought the service winbind had to start before one can join, is it not right? r...@enpaqadserver.com:/etc/samba# net ads join -S enpaqadserver.com -U Administrator Enter Administrator's password: [2010/06/15 13:17:14, 0] libnet/libnet_join.c:1062(libnet_join_ok) libnet_join_ok: failed to get schannel session key from server enpaqadserver.com for domain ENPAQADSERVER. Error was NT_STATUS_INVALID_COMPUTER_NAME Failed to join domain: failed to verify domain membership after joining: Invalid computer name r...@enpaqadserver.com:/etc/samba# Cheers, Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
t...@tms3.com wrote: SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? I get the below pasted response: r...@enpaqadserver.com:/etc/samba# net ads testjoin Enter enp...@enpaqadserver.com's password: [2010/06/14 18:47:09, 0] libads/kerberos.c:333(ads_kinit_password) kerberos_kinit_password enp...@enpaqadserver.com failed: Clients credentials have been revoked Join to domain is not valid: Access denied r...@enpaqadserver.com:/etc/samba# ps: sorry, replied to reponder without CC-ing list. Posting once more. Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind not starting in AD member(samba joining domain) configuration.
Hello
Facing an issue with winbind not starting with below error log(taken
from /var/log/syslog):
Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0]
param/loadparm.c:6767(service_ok)
Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service
printers - making it unavailable!
Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0]
winbindd/winbindd_cache.c:2578(initialize_winbindd_cache)
Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache:
clearing cache and re-creating with version number 1
Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0]
winbindd/winbindd_util.c:782(init_domain_list)
Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did
we join?
Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0]
winbindd/winbindd.c:1393(main)
Jun 14 15:48:33 enpaq winbindd[15942]: unable to initialize domain list
the version installed is Version 3.4.7(lucid packages), the
configuration files (given below) were working
as is on Ubundy hardy, the winbind issue started only when I migrated to
lucid.
knit works and smbd and nmbd processes starts up as well:
r...@enpaqadserver.com:/etc/samba# kinit administra...@enpaqadserver.com
Password for administra...@enpaqadserver.com:
r...@enpaqadserver.com:/etc/samba# klist -e
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administra...@enpaqadserver.com
Valid starting ExpiresService principal
06/14/10 16:01:11 06/15/10 01:59:00
krbtgt/enpaqadserver@enpaqadserver.com
renew until 06/15/10 16:01:11, Etype (skey, tkt): ArcFour with
HMAC/md5, ArcFour with HMAC/md5
r...@enpaqadserver.com:/etc/samba#
Configurations files below:
r...@enpaqadserver.com:/etc/samba# cat /etc/krb5.conf
[libdefaults]
default_realm = ENPAQADSERVER.COM
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
[realms]
ENPAQADSERVER.COM = {
kdc = winserver.enpaqadserver.com:88
admin_server = winserver.enpaqadserver.com:749
default_domain = enpaqadserver.com
}
[domain_realm]
.enpaqadserver.com = ENPAQADSERVER.COM
enpaqadserver.com = ENPAQADSERVER.COM
r...@enpaqadserver.com:/etc/samba# cat smb.conf
# Global parameters
[global]
workgroup = ENPAQADSERVER
realm = ENPAQADSERVER.COM
password server = ENPAQADSERVER.COM
preferred master = no
domain master = false
local master = no
server string = Samba file and print server
security = ADS
encrypt passwords = true
log level = 3
log file = /var/log/samba/%m
max log size = 50
winbind separator = /
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
printcap name = cups
printing = cups
idmap uid = 1-2
idmap gid = 1-2
[homes]
comment = Home Directories
path= /opt/samba/data/share
valid users = %S
read only = No
browseable = No
[printers]
comment = All Printers
browseable = no
printable = yes
guest ok = yes
The same adserver and these same configuration files, including the same
DNS settings on
the samba machine works fine when I were using Ubuntu hardy
distribution. I tried googling
for this issue and tried on my own but could not resolve this.
Thanks in advance
justin
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
