I have a Samba PDC in a one way trust relationship with a Windows Server 2003 DC such that Samba is the Trusting Domain. With Samba 3.0.23d I always used to leave winbindd running during a restart of smbd/nmbd. With 3.0.25, I have found that the domain "breaks" if I do this. Denote the Samba domain by SAMBA and the (trusted) Windows domain WINDOWS. When the domain "breaks", WINDOWS users, logged into a SAMBA workstation, receive the following when attempting to access a share on a Windows member server: "A device attached to the system is not functioning" or they are otherwise prompted for credentials when they shouldn't be (due to single sign on). Note that some users can connect once the domain "breaks" - but it seems to be quite intermittent. (Possibly because one/some of the winbindd processes become corrupted by the smbd/nmbd restart ?) If I kill all winbind processes and restart all samba daemons at the same time (i.e. smbd, nmbd and winbindd) then the problem is cleared. Regards, Patrick.
Gerald (Jerry) Carter
2007-May-23 11:42 UTC
[Samba] Samba 3.0.25, trusted domains and winbindd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick,> I have a Samba PDC in a one way trust relationship > with a Windows Server 2003 DC such that Samba is > the Trusting Domain. > > With Samba 3.0.23d I always used to leave winbindd running > during a restart of smbd/nmbd. > > With 3.0.25, I have found that the domain "breaks" if I do this. > > Denote the Samba domain by SAMBA and the (trusted) > Windows domain WINDOWS. > > When the domain "breaks", WINDOWS users, logged into > a SAMBA workstation, receive the following when attempting to > access a share on a Windows member server: > > "A device attached to the system is not functioning"The will equate to an NT_STATUS_UNSUCCESSFUL somewhere if you look at a level 10 debug long on the server.> or they are otherwise prompted for credentials when > they shouldn't be (due to single sign on). > > Note that some users can connect once the domain "breaks" - > but it seems to be quite intermittent. (Possibly because > one/some of the winbindd processes become corrupted > by the smbd/nmbd restart ?) > > If I kill all winbind processes and restart all > samba daemons at the same time (i.e. smbd, nmbd > and winbindd) then the problem is cleared.I'm guessing that this is might be related to some of the RPC parsing fixes that just went in for 3.0.25a. If you could, please check out the SAMBA_3_0_25 svn branch and retest. $ svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0_25 cheers, jerry ====================================================================Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGVChxIR7qMdg1EfYRAqH4AJ0T7Zy6X7iKLtvzZp5+e4Vx6dejLgCgu88l zXcfHWT8MJnk2tXkYkh8YNY=1Vlu -----END PGP SIGNATURE-----