Hi I use winbind on Linux for authentication (using ADS acounts) on many servers and it works very well on all of them. I use the same configuration and the same Domain Controllers etc.. I have 4 new servers which are all in a special network segment (behind a load balancer). On all of them I have the problem, that when I try to logon with my Active Diretory Account, it says "permission denied". If I try it again it works. Always! After that I can logon and logoff as many times as i want, it always works without problems. If i (and also non if the other users) do not logon for some hours, it starts again: first logon does not work, all following logons work without problems. winbindd.log: (...) write_socket: Error writing 270 bytes to socket 18: ERRNO = Connection reset by peer [2008/12/03 18:26:03, 0] libsmb/clientgen.c:cli_send_smb(189) Error writing 270 bytes to client. -1 (Connection reset by peer) [2008/12/03 18:26:03, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine mydc pipe \lsarpc fnum 0x4004returned critical error. Error was Write error: Connection reset by peer [2008/12/03 18:26:03, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(519) group myservergroup in domain mydomain does not exist [2008/12/03 18:26:03, 1] libsmb/clientgen.c:cli_rpc_pipe_close(387) cli_rpc_pipe_close: cli_close failed on pipe \lsarpc, fnum 0x4004 to machine mydc. Error was Write error: Success ADS administrators told me they have no entry in theyr log for the faild logon. Any ideas? I am actually not sure if this is the right place for these kind of questions. So feel free to redirect me elsewhere if my question has landed in the wrong place. Urs
On Sat, Dec 06, 2008 at 05:47:34PM +0100, Urs Golla wrote:> Hi > > I use winbind on Linux for authentication (using ADS acounts) on many > servers and it works very well on all of them. I use the same configuration > and the same Domain Controllers etc.. > > I have 4 new servers which are all in a special network segment (behind a > load balancer). On all of them I have the problem, that when I try to logon > with my Active Diretory Account, it says "permission denied". If I try it > again it works. Always! After that I can logon and logoff as many times as i > want, it always works without problems. If i (and also non if the other > users) do not logon for some hours, it starts again: first logon does not > work, all following logons work without problems.What version of Samba/winbindd ?> (...) > write_socket: Error writing 270 bytes to socket 18: ERRNO = Connection > reset by peer > [2008/12/03 18:26:03, 0] libsmb/clientgen.c:cli_send_smb(189) > Error writing 270 bytes to client. -1 (Connection reset by peer) > [2008/12/03 18:26:03, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) > rpc_api_pipe: Remote machine mydc pipe \lsarpc fnum 0x4004returned > critical error. Error was Write error: Connection reset by peer > [2008/12/03 18:26:03, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(519) > group myservergroup in domain mydomain does not exist > [2008/12/03 18:26:03, 1] libsmb/clientgen.c:cli_rpc_pipe_close(387) > cli_rpc_pipe_close: cli_close failed on pipe \lsarpc, fnum 0x4004 to > machine mydc. Error was Write error: SuccessStrange, looks like the server is closing the connect. Jeremy.