Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration. From: justin joseph To: Date: Monday, 14/06/2010 6:21 AM t...@tms3.com wrote: SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? I get the below pasted response: r...@enpaqadserver.com:/etc/samba# net ads testjoin Enter enp...@enpaqadserver.com's password: [2010/06/14 18:47:09, 0] libads/kerberos.c:333(ads_kinit_password) kerberos_kinit_password enp...@enpaqadserver.com failed: Clients credentials have been revoked Join to domain is not valid: Access denied r...@enpaqadserver.com:/etc/samba# Rejoin the domain. I am unable to join the domain. I thought the service winbind had to start before one can join, is it not right? r...@enpaqadserver.com:/etc/samba# net ads join -S enpaqadserver.com -U Administrator Enter Administrator's password: [2010/06/15 13:17:14, 0] libnet/libnet_join.c:1062(libnet_join_ok) libnet_join_ok: failed to get schannel session key from server enpaqadserver.com for domain ENPAQADSERVER. Error was NT_STATUS_INVALID_COMPUTER_NAME Failed to join domain: failed to verify domain membership after joining: Invalid computer name r...@enpaqadserver.com:/etc/samba# Cheers, Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
t...@tms3.com wrote: SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? I get the below pasted response: r...@enpaqadserver.com:/etc/samba# net ads testjoin Enter enp...@enpaqadserver.com's password: [2010/06/14 18:47:09, 0] libads/kerberos.c:333(ads_kinit_password) kerberos_kinit_password enp...@enpaqadserver.com failed: Clients credentials have been revoked Join to domain is not valid: Access denied r...@enpaqadserver.com:/etc/samba# ps: sorry, replied to reponder without CC-ing list. Posting once more. Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind not starting in AD member(samba joining domain)configuration.
SNIP Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? SNIP What does net ads testjoin say? Cheers, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind not starting in AD member(samba joining domain) configuration.
Hello Facing an issue with winbind not starting with below error log(taken from /var/log/syslog): Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0] param/loadparm.c:6767(service_ok) Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service printers - making it unavailable! Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) Jun 14 15:48:33 enpaq winbindd[15942]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd_util.c:782(init_domain_list) Jun 14 15:48:33 enpaq winbindd[15942]: Could not fetch our SID - did we join? Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14 15:48:33, 0] winbindd/winbindd.c:1393(main) Jun 14 15:48:33 enpaq winbindd[15942]: unable to initialize domain list the version installed is Version 3.4.7(lucid packages), the configuration files (given below) were working as is on Ubundy hardy, the winbind issue started only when I migrated to lucid. knit works and smbd and nmbd processes starts up as well: r...@enpaqadserver.com:/etc/samba# kinit administra...@enpaqadserver.com Password for administra...@enpaqadserver.com: r...@enpaqadserver.com:/etc/samba# klist -e Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administra...@enpaqadserver.com Valid starting ExpiresService principal 06/14/10 16:01:11 06/15/10 01:59:00 krbtgt/enpaqadserver@enpaqadserver.com renew until 06/15/10 16:01:11, Etype (skey, tkt): ArcFour with HMAC/md5, ArcFour with HMAC/md5 r...@enpaqadserver.com:/etc/samba# Configurations files below: r...@enpaqadserver.com:/etc/samba# cat /etc/krb5.conf [libdefaults] default_realm = ENPAQADSERVER.COM dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h [realms] ENPAQADSERVER.COM = { kdc = winserver.enpaqadserver.com:88 admin_server = winserver.enpaqadserver.com:749 default_domain = enpaqadserver.com } [domain_realm] .enpaqadserver.com = ENPAQADSERVER.COM enpaqadserver.com = ENPAQADSERVER.COM r...@enpaqadserver.com:/etc/samba# cat smb.conf # Global parameters [global] workgroup = ENPAQADSERVER realm = ENPAQADSERVER.COM password server = ENPAQADSERVER.COM preferred master = no domain master = false local master = no server string = Samba file and print server security = ADS encrypt passwords = true log level = 3 log file = /var/log/samba/%m max log size = 50 winbind separator = / winbind enum users = yes winbind enum groups = yes winbind use default domain = yes printcap name = cups printing = cups idmap uid = 1-2 idmap gid = 1-2 [homes] comment = Home Directories path= /opt/samba/data/share valid users = %S read only = No browseable = No [printers] comment = All Printers browseable = no printable = yes guest ok = yes The same adserver and these same configuration files, including the same DNS settings on the samba machine works fine when I were using Ubuntu hardy distribution. I tried googling for this issue and tried on my own but could not resolve this. Thanks in advance justin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba