Hello,
i am trying to establish a trust from SAMBA 3.0.7 (RedHat AS3U4; same
result with 3.0.9 from RedHat AS3-U5) with a NT4 domain controller.
Here is the problem:
[root@etoile root]# net rpc trustdom establish DOM
Password:
Could not connect to server POMEROL
[2005/06/22 09:44:11, 0] rpc_parse/parse_prs.c:prs_mem_get(537)
prs_mem_get: reading data of size 4 would overrun buffer.
[2005/06/22 09:44:11, 0] utils/net_rpc.c:rpc_trustdom_establish(4377)
WksQueryInfo call failed.
Both servers are on the same network, netbios name and domain controller
are correctly resolved.
People had already get this problem: i found a patch proposed by Jerry
(http://lists.samba.org/archive/samba/2005-March/101572.html), but it
should not be a problem for my versions.
I also tried with the 3.0.13 release from samba.org and get the same
result.
I can't see where the problem come from as the trust can be established
with another NT4 server, but NT4 administrator told me that both NT4
servers are with the same level security, same configurations (other than
network)...
Has anyone an idea ?
Thanks !
--
Jerome
Gerald (Jerry) Carter
2005-Jun-27 15:05 UTC
[Samba] rpc trust gives WksQueryInfo call failed
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 J?r?me Tournier wrote:> Hello, > i am trying to establish a trust from SAMBA 3.0.7 (RedHat > AS3U4; same result with 3.0.9 from RedHat AS3-U5) with > a NT4 domain controller. > Here is the problem: > [root@etoile root]# net rpc trustdom establish DOM > Password: > Could not connect to server POMEROL > [2005/06/22 09:44:11, 0] rpc_parse/parse_prs.c:prs_mem_get(537) > prs_mem_get: reading data of size 4 would overrun buffer. > [2005/06/22 09:44:11, 0] utils/net_rpc.c:rpc_trustdom_establish(4377) > WksQueryInfo call failed.J?r?me, would you send me a level10 debug log from the net client and a raw ethereal trace? Thanks. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCwBWmIR7qMdg1EfYRAiupAKCHqIAnx4+K7iJsPyiXx8OHYITcXACbBR/I m8ifXqcTp839xhYPAMNfTVk=dEQH -----END PGP SIGNATURE-----
Le Tue, Jun 28, 2005 at 08:46:20AM +0200, Gerald (Jerry) Carter a ecrit:> would you send me a level10 debug log from the net client and a > raw ethereal trace? Thanks.Well, i found the problem reading this bugzilla page: https://bugzilla.samba.org/show_bug.cgi?id=2438 I tested the proposed patch and i was then able to make the trust relation. The problem is that we can't patch samba because of redhat support :-( As the bug report talk about restrictanonymous, i asked a NT administrator to look at the following parameter : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\RestrictAnonymous. It was set to 1. When changed to 0 (with a reboot), all work fine. We'll then keep this solution ... Thanks for your support :) -- Jerome