Sven Schwedas
2017-Nov-13 11:05 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
/etc/hostname:villach-file /etc/hosts:# The following lines are desirable for IPv6 capable hosts /etc/hosts:::1 localhost ip6-localhost ip6-loopback /etc/hosts:ff02::1 ip6-allnodes /etc/hosts:ff02::2 ip6-allrouters /etc/hosts:127.0.0.1 localhost /etc/hosts:192.168.16.214 villach-file /etc/krb5.conf:[libdefaults] /etc/krb5.conf: default_realm = AD.TAO.AT /etc/krb5.conf: dns_lookup_realm = true /etc/krb5.conf: dns_lookup_kdc = true /etc/krb5.conf: default_keytab_name = FILE:/etc/krb5.keytab /etc/krb5.conf:[domain_realm] /etc/krb5.conf: .ad.tao.at = AD.TAO.AT /etc/krb5.conf: ad.tao.at = AD.TAO.AT /etc/krb5.conf: .tao.at = AD.TAO.AT /etc/krb5.conf: tao.at = AD.TAO.AT /etc/resolv.conf:nameserver 192.168.16.1 /etc/resolv.conf:domain ad.tao.at On 2017-11-13 12:01, Rowland Penny wrote:> On Mon, 13 Nov 2017 11:02:48 +0100 > Sven Schwedas via samba <samba at lists.samba.org> wrote: > >> We did, in fact, join mere seconds ago, but for some reason, winbind >> still can't find itself. ADUC etc meanwhile have no trouble finding >> the newly added computer account. >> >> Wiping /var/{lib,cache}/samba/ (and the computer account) makes no >> difference, the error persists. >> >> How do I proceed? >> > > Can you post /etc/hostname /etc/hosts /etc/krb5.conf /etc/resolv.conf > > Rowland >-- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20171113/487b3ffd/signature.sig>
Rowland Penny
2017-Nov-13 11:33 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
On Mon, 13 Nov 2017 12:05:33 +0100 Sven Schwedas <sven.schwedas at tao.at> wrote:> /etc/hostname:villach-file > /etc/hosts:# The following lines are desirable for IPv6 capable hosts > /etc/hosts:::1 localhost ip6-localhost ip6-loopback > /etc/hosts:ff02::1 ip6-allnodes > /etc/hosts:ff02::2 ip6-allrouters > /etc/hosts:127.0.0.1 localhost > /etc/hosts:192.168.16.214 villach-fileI would change the above line to: 192.168.16.214 villach-file.ad.tao.at villach-file> /etc/krb5.conf:[libdefaults] > /etc/krb5.conf: default_realm = AD.TAO.AT > /etc/krb5.conf: dns_lookup_realm = true > /etc/krb5.conf: dns_lookup_kdc = true > /etc/krb5.conf: default_keytab_name = FILE:/etc/krb5.keytab > /etc/krb5.conf:[domain_realm] > /etc/krb5.conf: .ad.tao.at = AD.TAO.AT > /etc/krb5.conf: ad.tao.at = AD.TAO.AT > /etc/krb5.conf: .tao.at = AD.TAO.AT > /etc/krb5.conf: tao.at = AD.TAO.AT/etc/krb5.conf only needs to contain this: [libdefaults] default_realm = AD.TAO.AT dns_lookup_realm = false dns_lookup_kdc = true> /etc/resolv.conf:nameserver 192.168.16.1 > /etc/resolv.conf:domain ad.tao.at >I would change 'domain ad.tao.at' to 'search ad.tao.at' Rowland
Sven Schwedas
2017-Nov-13 12:18 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
On 2017-11-13 12:33, Rowland Penny via samba wrote:> On Mon, 13 Nov 2017 12:05:33 +0100 > Sven Schwedas <sven.schwedas at tao.at> wrote: > >> /etc/hostname:villach-file >> /etc/hosts:# The following lines are desirable for IPv6 capable hosts >> /etc/hosts:::1 localhost ip6-localhost ip6-loopback >> /etc/hosts:ff02::1 ip6-allnodes >> /etc/hosts:ff02::2 ip6-allrouters >> /etc/hosts:127.0.0.1 localhost >> /etc/hosts:192.168.16.214 villach-file > > I would change the above line to: > > 192.168.16.214 villach-file.ad.tao.at villach-fileChanged (bringing the config file in line with others), makes no difference, even after wiping samba config/cache and re-joining.>> /etc/krb5.conf:[libdefaults] >> /etc/krb5.conf: default_realm = AD.TAO.AT >> /etc/krb5.conf: dns_lookup_realm = true >> /etc/krb5.conf: dns_lookup_kdc = true >> /etc/krb5.conf: default_keytab_name = FILE:/etc/krb5.keytab >> /etc/krb5.conf:[domain_realm] >> /etc/krb5.conf: .ad.tao.at = AD.TAO.AT >> /etc/krb5.conf: ad.tao.at = AD.TAO.AT >> /etc/krb5.conf: .tao.at = AD.TAO.AT >> /etc/krb5.conf: tao.at = AD.TAO.AT > > /etc/krb5.conf only needs to contain this: > > [libdefaults] > default_realm = AD.TAO.AT > dns_lookup_realm = false > dns_lookup_kdc = trueSame krb5.conf works on a dozen other servers. How would changing it make a difference?>> /etc/resolv.conf:nameserver 192.168.16.1 >> /etc/resolv.conf:domain ad.tao.at >> > > I would change 'domain ad.tao.at' to 'search ad.tao.at'Same resolv.conf works on a dozen other servers. How would changing it make a difference? Could we please not waste a week poking at random unrelated stuff this time? These "I try the same stuff no matter what the problem is" boilerplate emails become really grating after the first few times. :/ -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20171113/85d6d542/signature.sig>