Sven Schwedas
2017-Nov-13 12:40 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
On 2017-11-13 13:31, Rowland Penny wrote:> On Mon, 13 Nov 2017 13:18:20 +0100 > Sven Schwedas via samba <samba at lists.samba.org> wrote: > >> Could we please not waste a week poking at random unrelated stuff this >> time? These "I try the same stuff no matter what the problem is" >> boilerplate emails become really grating after the first few times. :/ > > No problem Sven, I will not waste one more moment on your problem. > I was just trying to give you advice based on what I know works and > from what you posted.It's hard to convey tone on the internet, I know. But blindly fiddling with config settings that don't seem to be related to the problem at all – after all, both kerberos and DNS worked fine during the join, as the debug info clearly states –, and don't seem to make problems on other servers, just looks pointless. *Why* would these configuration changes help here? Looking at the winbindd log at maximum debug level, there doesn't seem to be even an *attempt* to find the domain, much less errors from failing to do so. -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 -------------- next part -------------- [2017/11/13 13:19:34.303725, 3, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3739(lp_load_ex) lp_load_ex: refreshing parameters [2017/11/13 13:19:34.303806, 5, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1312(free_param_opts) Freeing parametrics: [2017/11/13 13:19:34.303872, 3, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:542(init_globals) Initialising global parameters [2017/11/13 13:19:34.303912, 2, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:314(max_open_files) rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) [2017/11/13 13:19:34.304003, 3, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2668(lp_do_section) Processing section "[global]" doing parameter log level = 10 [2017/11/13 13:19:34.304056, 5, pid=8133, effective(0, 0), real(0, 0)] ../lib/util/debug.c:642(debug_dump_status) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 scavenger: 10 dns: 10 ldb: 10 tevent: 10 doing parameter workgroup = AD doing parameter realm = AD.TAO.AT doing parameter security = ADS doing parameter idmap config * : backend = tdb doing parameter idmap config * : range = 60000-61000 doing parameter idmap config AD : backend = ad doing parameter idmap config AD : range = 4500-50000 doing parameter idmap config AD : schema_mode = rfc2307 doing parameter winbind nss info = rfc2307 doing parameter winbind enum users = yes doing parameter winbind enum groups = yes doing parameter winbind use default domain = yes doing parameter winbind offline logon = yes doing parameter winbind max domain connections = 32 doing parameter winbind expand groups = 4 doing parameter winbind refresh tickets = yes doing parameter state directory = /var/cache/samba/ doing parameter cache directory = /var/cache/samba/ doing parameter lock directory = /var/cache/samba/ doing parameter template homedir = /home/%U doing parameter template shell = /bin/bash doing parameter winbind reconnect delay = 5 doing parameter winbind cache time = 30 doing parameter load printers = no doing parameter unix extensions = no doing parameter include = /etc/samba/site.conf [2017/11/13 13:19:34.305007, 3, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2668(lp_do_section) Processing section "[global]" doing parameter netbios name = villach-file doing parameter server string = Netzlaufwerke Villach doing parameter max stat cache size = 4096 doing parameter client max protocol = SMB2 doing parameter deadtime = 2 doing parameter unix extensions = no doing parameter local master = no doing parameter read only = No doing parameter acl group control = Yes doing parameter create mask = 0770 doing parameter force create mode = 0660 doing parameter directory mask = 0770 doing parameter force directory mode = 02770 doing parameter inherit permissions = Yes doing parameter inherit acls = Yes doing parameter inherit owner = Yes doing parameter aio read size = 16384 doing parameter aio write size = 16384 doing parameter map acl inherit = Yes doing parameter block size = 4096 doing parameter use sendfile = Yes doing parameter map archive = No doing parameter map readonly = no doing parameter store dos attributes = Yes doing parameter ldap timeout = 5 doing parameter winbind reconnect delay = 2 doing parameter winbind refresh tickets = yes doing parameter winbind request timeout = 5 doing parameter load printers = yes [2017/11/13 13:19:34.305745, 4, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3780(lp_load_ex) pm_process() returned Yes [2017/11/13 13:19:34.305788, 7, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4096(lp_servicenumber) lp_servicenumber: couldn't find homes [2017/11/13 13:19:34.305972, 2, pid=8133, effective(0, 0), real(0, 0)] ../source3/lib/interface.c:345(add_interface) added interface host0 ip=192.168.16.214 bcast=192.168.16.255 netmask=255.255.255.0 [2017/11/13 13:19:34.306020, 1, pid=8133, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.306067, 5, pid=8133, effective(0, 0), real(0, 0)] ../source3/lib/util_names.c:152(init_names) Netbios name list:- my_netbios_names[0]="VILLACH-FILE" [2017/11/13 13:19:34.306181, 2, pid=8133, effective(0, 0), real(0, 0)] ../source3/lib/interface.c:345(add_interface) added interface host0 ip=192.168.16.214 bcast=192.168.16.255 netmask=255.255.255.0 [2017/11/13 13:19:34.307203, 8, pid=8134, effective(0, 0), real(0, 0)] ../lib/util/util.c:390(fcntl_lock) fcntl_lock 13 6 0 1 1 [2017/11/13 13:19:34.307328, 8, pid=8134, effective(0, 0), real(0, 0)] ../lib/util/util.c:425(fcntl_lock) fcntl_lock: Lock call successful [2017/11/13 13:19:34.307418, 4, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/time.c:266(TimeInit) TimeInit: Serverzone is -3600 [2017/11/13 13:19:34.307706, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:142(msg_dgm_ref_destructor) msg_dgm_ref_destructor: refs=(nil) [2017/11/13 13:19:34.308006, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:76(messaging_dgm_ref) messaging_dgm_ref: messaging_dgm_init returned Success [2017/11/13 13:19:34.308055, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:105(messaging_dgm_ref) messaging_dgm_ref: unique = 14504610787473704759 [2017/11/13 13:19:34.308155, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4305(winbindd_validate_cache) winbindd_validate_cache: replacing panic function [2017/11/13 13:19:34.308327, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4329(winbindd_validate_cache) Fresh database [2017/11/13 13:19:34.308472, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:195(tdb_validate_open) tdb_validate_open called for tdb '/var/cache/samba/winbindd_cache.tdb' [2017/11/13 13:19:34.308540, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:112(tdb_validate) tdb_validate called for tdb '/var/cache/samba/winbindd_cache.tdb' [2017/11/13 13:19:34.308575, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:118(tdb_validate) tdb_validate: forking to let child do validation. [2017/11/13 13:19:34.309049, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:135(tdb_validate) tdb_validate: fork succeeded, child PID = 8135 [2017/11/13 13:19:34.309103, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:137(tdb_validate) tdb_validate: waiting for child to finish... [2017/11/13 13:19:34.309122, 10, pid=8135, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:122(tdb_validate) tdb_validate (validation child): created [2017/11/13 13:19:34.309249, 10, pid=8135, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:124(tdb_validate) tdb_validate (validation child): calling tdb_validate_child [2017/11/13 13:19:34.309957, 10, pid=8135, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:68(tdb_validate_child) tdb_validate_child: tdb /var/cache/samba/winbindd_cache.tdb freelist has 1 entries [2017/11/13 13:19:34.310059, 10, pid=8135, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4122(validate_cache_version) validate_cache_version: WINBINDD_CACHE_VERSION ok [2017/11/13 13:19:34.310142, 10, pid=8135, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:81(tdb_validate_child) tdb_validate_child: tdb /var/cache/samba/winbindd_cache.tdb is good with 1 entries [2017/11/13 13:19:34.310191, 10, pid=8135, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:85(tdb_validate_child) tdb_validate_child: summary of validation status: * tdb error: no * bad freelist: no * bad entry: no * unknown key: no => overall success: yes [2017/11/13 13:19:34.312503, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:155(tdb_validate) tdb_validate: validating child returned. [2017/11/13 13:19:34.312566, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:158(tdb_validate) tdb_validate: child exited, code 0. [2017/11/13 13:19:34.312598, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:179(tdb_validate) tdb_validate returning code '0' for tdb '/var/cache/samba/winbindd_cache.tdb' [2017/11/13 13:19:34.312643, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:480(tdb_validate_and_backup) tdb '/var/cache/samba/winbindd_cache.tdb' is valid [2017/11/13 13:19:34.312685, 3, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:379(rename_file_with_suffix) file '/var/cache/samba/winbindd_cache.tdb.bak' does not exist - so not moved [2017/11/13 13:19:34.313087, 10, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:332(tdb_backup) tdb_backup: successfully copied 1 entries [2017/11/13 13:19:34.337404, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/tdb_validate.c:490(tdb_validate_and_backup) Created backup '/var/cache/samba/winbindd_cache.tdb.bak' of tdb '/var/cache/samba/winbindd_cache.tdb' [2017/11/13 13:19:34.337475, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4362(winbindd_validate_cache) winbindd_validate_cache: restoring panic function [2017/11/13 13:19:34.337782, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:159(dbwrap_check_lock_order) check lock order 2 for /var/cache/samba/serverid.tdb [2017/11/13 13:19:34.337839, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:114(debug_lock_order) lock order: 1:<none> 2:/var/cache/samba/serverid.tdb 3:<none> [2017/11/13 13:19:34.337889, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key C61F000000000000FFFF [2017/11/13 13:19:34.337937, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x55d6657460d0 [2017/11/13 13:19:34.338092, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key C61F000000000000FFFF [2017/11/13 13:19:34.338148, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:127(dbwrap_lock_order_state_destructor) release lock order 2 for /var/cache/samba/serverid.tdb [2017/11/13 13:19:34.338194, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:114(debug_lock_order) lock order: 1:<none> 2:<none> 3:<none> [2017/11/13 13:19:34.338237, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 33 - private_data=(nil) [2017/11/13 13:19:34.338283, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 13 - private_data=(nil) [2017/11/13 13:19:34.338325, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1028 - private_data=(nil) [2017/11/13 13:19:34.338367, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1027 - private_data=(nil) [2017/11/13 13:19:34.338408, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1029 - private_data=(nil) [2017/11/13 13:19:34.338450, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1036 - private_data=(nil) [2017/11/13 13:19:34.338492, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1035 - private_data=(nil) [2017/11/13 13:19:34.338533, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1280 - private_data=(nil) [2017/11/13 13:19:34.338575, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1032 - private_data=(nil) [2017/11/13 13:19:34.338616, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1033 - private_data=(nil) [2017/11/13 13:19:34.338658, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1034 - private_data=(nil) [2017/11/13 13:19:34.338700, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:356(messaging_register) Registering messaging pointer for type 1 - private_data=(nil) [2017/11/13 13:19:34.338742, 5, pid=8134, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:371(messaging_register) Overriding messaging pointer for type 1 - private_data=(nil) [2017/11/13 13:19:34.339017, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.339124, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/lib/samba/private/secrets.tdb): tdb_transaction_start: nesting 1 [2017/11/13 13:19:34.339171, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:159(dbwrap_check_lock_order) check lock order 1 for /var/lib/samba/private/secrets.tdb [2017/11/13 13:19:34.339214, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:114(debug_lock_order) lock order: 1:/var/lib/samba/private/secrets.tdb 2:<none> 3:<none> [2017/11/13 13:19:34.339260, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 534543524554532F5349 [2017/11/13 13:19:34.339305, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x55d6657473a0 [2017/11/13 13:19:34.339374, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 534543524554532F5349 [2017/11/13 13:19:34.339421, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:127(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lib/samba/private/secrets.tdb [2017/11/13 13:19:34.339464, 10, pid=8134, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:114(debug_lock_order) lock order: 1:<none> 2:<none> 3:<none> [2017/11/13 13:19:34.339508, 5, pid=8134, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/lib/samba/private/secrets.tdb): tdb_transaction_start: nesting 1 [2017/11/13 13:19:34.391460, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4727(wcache_tdc_add_domain) wcache_tdc_add_domain: Adding domain BUILTIN ((null)), SID S-1-5-32, flags = 0x0, attributes = 0x0, type = 0x0 [2017/11/13 13:19:34.391548, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4530(pack_tdc_domains) pack_tdc_domains: Packing 1 trusted domains [2017/11/13 13:19:34.391597, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4549(pack_tdc_domains) pack_tdc_domains: Packing domain BUILTIN (UNKNOWN) [2017/11/13 13:19:34.391671, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.391748, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.391793, 2, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) Added domain BUILTIN (null) S-1-5-32 [2017/11/13 13:19:34.391844, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend smbpasswd [2017/11/13 13:19:34.391893, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'smbpasswd' [2017/11/13 13:19:34.391933, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend tdbsam [2017/11/13 13:19:34.391972, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'tdbsam' [2017/11/13 13:19:34.392011, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend wbc_sam [2017/11/13 13:19:34.392049, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'wbc_sam' [2017/11/13 13:19:34.392087, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend samba_dsdb [2017/11/13 13:19:34.392132, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'samba_dsdb' [2017/11/13 13:19:34.392171, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend samba4 [2017/11/13 13:19:34.392209, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'samba4' [2017/11/13 13:19:34.392250, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend ldapsam [2017/11/13 13:19:34.392290, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'ldapsam' [2017/11/13 13:19:34.392328, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend NDS_ldapsam [2017/11/13 13:19:34.392367, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'NDS_ldapsam' [2017/11/13 13:19:34.392406, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:79(smb_register_passdb) Attempting to register passdb backend IPA_ldapsam [2017/11/13 13:19:34.392444, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:92(smb_register_passdb) Successfully added passdb backend 'IPA_ldapsam' [2017/11/13 13:19:34.392483, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:155(make_pdb_method_name) Attempting to find a passdb backend to match tdbsam (tdbsam) [2017/11/13 13:19:34.392522, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:176(make_pdb_method_name) Found pdb backend tdbsam [2017/11/13 13:19:34.392566, 5, pid=8134, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:187(make_pdb_method_name) pdb backend tdbsam has a valid init [2017/11/13 13:19:34.392610, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.392652, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4727(wcache_tdc_add_domain) wcache_tdc_add_domain: Adding domain VILLACH-FILE ((null)), SID S-1-5-21-482308548-2934895050-1723094000, flags = 0x0, attributes = 0x0, type = 0x0 [2017/11/13 13:19:34.392713, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4530(pack_tdc_domains) pack_tdc_domains: Packing 2 trusted domains [2017/11/13 13:19:34.392761, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4549(pack_tdc_domains) pack_tdc_domains: Packing domain BUILTIN (UNKNOWN) [2017/11/13 13:19:34.392802, 10, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4549(pack_tdc_domains) pack_tdc_domains: Packing domain VILLACH-FILE (UNKNOWN) [2017/11/13 13:19:34.392859, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.392907, 1, pid=8134, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1039(lp_winbind_max_domain_connections) offline logons active, restricting max domain connections to 1 [2017/11/13 13:19:34.392948, 2, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) Added domain VILLACH-FILE (null) S-1-5-21-482308548-2934895050-1723094000 [2017/11/13 13:19:34.392998, 0, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_util.c:902(init_domain_list) Could not fetch our SID - did we join? [2017/11/13 13:19:34.393101, 0, pid=8134, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd.c:1401(winbindd_register_handlers) unable to initialize domain list -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20171113/2b4b6579/signature.sig>
Sven Schwedas
2017-Nov-13 13:32 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
Making no additional changes to the configuration, using "net ads join" instead of "samba-tool domain join" immediately worked. I'd be really curious where's the difference between the two and why samba-tool pretends to not have run into any errors… On 2017-11-13 13:40, Sven Schwedas via samba wrote:> On 2017-11-13 13:31, Rowland Penny wrote: >> On Mon, 13 Nov 2017 13:18:20 +0100 >> Sven Schwedas via samba <samba at lists.samba.org> wrote: >> >>> Could we please not waste a week poking at random unrelated stuff this >>> time? These "I try the same stuff no matter what the problem is" >>> boilerplate emails become really grating after the first few times. :/ >> >> No problem Sven, I will not waste one more moment on your problem. >> I was just trying to give you advice based on what I know works and >> from what you posted. > > It's hard to convey tone on the internet, I know. But blindly fiddling > with config settings that don't seem to be related to the problem at all > – after all, both kerberos and DNS worked fine during the join, as the > debug info clearly states –, and don't seem to make problems on other > servers, just looks pointless. *Why* would these configuration changes > help here? > > > Looking at the winbindd log at maximum debug level, there doesn't seem > to be even an *attempt* to find the domain, much less errors from > failing to do so. > > >-- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20171113/09bcb6cb/signature.sig>
Rowland Penny
2017-Nov-13 13:55 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
On Mon, 13 Nov 2017 14:32:11 +0100 Sven Schwedas via samba <samba at lists.samba.org> wrote:> Making no additional changes to the configuration, using "net ads > join" instead of "samba-tool domain join" immediately worked. I'd be > really curious where's the difference between the two and why > samba-tool pretends to not have run into any errors… >This is the first time you mentioned that you used samba-tool to join the Unix domain member to the domain. Did you read this Samba wikipage: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Joining_the_Domain If you did, did you entirely miss the big fat warning in the middle of the page ??? The one that says: Do not provision or join a domain member using the samba-tool utility. These options are unsupported and can cause problems with your AD replication. Rowland PS, your configs are still wrong.
Andrew Bartlett
2017-Nov-16 22:05 UTC
[Samba] Winbind error "Could not fetch our SID - did we join?"
On Mon, 2017-11-13 at 14:32 +0100, Sven Schwedas via samba wrote:> Making no additional changes to the configuration, using "net ads join" > instead of "samba-tool domain join" immediately worked. I'd be really > curious where's the difference between the two and why samba-tool > pretends to not have run into any errors…Sorry about that. This is a leakage from the time when the project was split into two halves and the AD DC effort had duplicate tools. The problem is made more difficult by the fact that we do sync the other database records involved, so are missing only the domain SID. Sorry, Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba
Apparently Analagous Threads
- Winbind error "Could not fetch our SID - did we join?"
- Winbind error "Could not fetch our SID - did we join?"
- Winbind error "Could not fetch our SID - did we join?"
- Winbind error "Could not fetch our SID - did we join?"
- Winbind error "Could not fetch our SID - did we join?"