thr3ads.net - samba - Samba 2.2.2 / PAM / Winbind [Jan 2002]

If this information is useful, please help other people find it:
Share via:

Josh Konkol

2002-Jan-08 13:24 UTC

Samba 2.2.2 / PAM / Winbind

We are running Suse 7.3 on an s/390 and trying to get the combination of 
Samba 2.2.2 / PAM / Winbind to work.  I have multiple instances setup and I 
have one that is working.  Problem is I can't get any other ones to work.  I
have followed the exact same procedure yet I'm missing something.  I have 
been struggling with this for some time and hope someone out there can help.

I have compared the two instances and the ONLY difference I'm seeing is when
the client tries to connect.

In the log.smbd on the working instance I get the following:

  Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 
5.0]
[2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[$ejwk]
[2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(927)
  Using unix username PRFMSTR2+$ejwk
[2002/01/08 09:16:58, 3] libsmb/namequery.c:resolve_lmhosts(749)
  resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>

In the log.smbd on the NOT working instance i get:

  Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 
5.0]
[2002/01/08 19:24:30, 3] smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[$ejwk]
[2002/01/08 19:24:30, 3] libsmb/namequery.c:resolve_lmhosts(749)
  resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>

To simplify this, in the working instance I can see it translating the 
username to unix username PRFMSTR2+$ejwk, but this step is skipped in the 
broken one.

I suspect this is a PAM or NSSWITCH problem ?? I know it's something I 
did/didn't do.  

ANY help is appreciated!!

Josh Konkol, CNE MCSE

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

MCCALL,DON (HP-USA,ex1)

2002-Jan-08 14:30 UTC

head link

Samba 2.2.2 / PAM / Winbind

Hi Josh;
Check your /etc/nsswitch.conf on the working system and the broken system,
and make sure that both have winbind as a method for looking up passwd and
group.
Verify that this part is working by 
doing a getpwent prfmstr2+ejwk; it should come back with information about
the user.
Make sure that the winbindd daemon is actually running.
Also make sure that you copied the appropriate libnss_winbind.so to the
/usr/lib/... for your system.

Finally, you may want to stop nmbd smbd and winbindd, and remove and
recreate the machine account in your PRFMSTR2 domain for the non working
samba installation, and then use smbpasswd -j prfmstr2 -r pdc-name  to
rejoin the domain, and try again.

Hope this helps,
Don


-----Original Message-----
From: Josh Konkol [mailto:susesambaboy@yahoo.com]
Sent: Tuesday, January 08, 2002 4:25 PM
To: Samba List
Subject: Samba 2.2.2 / PAM / Winbind


We are running Suse 7.3 on an s/390 and trying to get the combination of 
Samba 2.2.2 / PAM / Winbind to work.  I have multiple instances setup and I 
have one that is working.  Problem is I can't get any other ones to work.  I

have followed the exact same procedure yet I'm missing something.  I have 
been struggling with this for some time and hope someone out there can help.

I have compared the two instances and the ONLY difference I'm seeing is when

the client tries to connect.

In the log.smbd on the working instance I get the following:

  Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000

5.0]
[2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[$ejwk]
[2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(927)
  Using unix username PRFMSTR2+$ejwk
[2002/01/08 09:16:58, 3] libsmb/namequery.c:resolve_lmhosts(749)
  resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>

In the log.smbd on the NOT working instance i get:

  Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000

5.0]
[2002/01/08 19:24:30, 3] smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[$ejwk]
[2002/01/08 19:24:30, 3] libsmb/namequery.c:resolve_lmhosts(749)
  resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>

To simplify this, in the working instance I can see it translating the 
username to unix username PRFMSTR2+$ejwk, but this step is skipped in the 
broken one.

I suspect this is a PAM or NSSWITCH problem ?? I know it's something I 
did/didn't do.  

ANY help is appreciated!!

Josh Konkol, CNE MCSE

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

MCCALL,DON (HP-USA,ex1)

2002-Jan-09 08:24 UTC

head link

Samba 2.2.2 / PAM / Winbind

Hi Josh,
If getent is showing your NT domain users as well as your local
ones, then the libnss_winbind.so IS working.  So that part
apparently is ok.
Try using wbinfo -u
and wbinfo -g
to make sure that it also gives you your NT users and groups.
then try 
wbinfo -a prfmstr2+ejwk%<whatever your password is>
and see what that gives you.
Don

-----Original Message-----
From: Josh Konkol [mailto:susesambaboy@yahoo.com]
Sent: Wednesday, January 09, 2002 8:38 AM
To: MCCALL,DON (HP-USA,ex1); Samba List
Subject: Re: Samba 2.2.2 / PAM / Winbind


Thank you for your reply,

You are thinking along the same lines I am.  I am suspicious of the 
NSSWITCH.CONF file also.  I have verified that they are exactly the same.  I

have even gone as far as to take the file from the working instance and copy

it to the broken one.  After re-starting the daemons, no luck still.

I get an error when I run getpwent prfmstr2+$ejwk that says command not 
found.  However, I am able to run getent passwd and getent group, both
return 
local and domain users and groups.

I have verified the libnss_winbind.so file was copied to /lib and I have
even 
re-compiled and copied the new one. (they ended up to be the same size so I 
know they're the same thing)

I have re-joined the domain a couple of different ways.  The way that is 
working for me is to:

Create local account using  ./smbpasswd -a -m LINUX20$
Use Server Manager to add account to PRFMSTR2
Join domain and sync Machine passwords using  ./smbpasswd -j PRFMSTR2 -r 
GIGDC1

ANY other ideas ??

TIA

Josh Konkol


On Tuesday 08 January 2002 16:26, MCCALL,DON (HP-USA,ex1)
wrote:> Hi Josh;
> Check your /etc/nsswitch.conf on the working system and the broken system,
> and make sure that both have winbind as a method for looking up passwd and
> group.
> Verify that this part is working by
> doing a getpwent prfmstr2+ejwk; it should come back with information about
> the user.
> Make sure that the winbindd daemon is actually running.
> Also make sure that you copied the appropriate libnss_winbind.so to the
> /usr/lib/... for your system.
>
> Finally, you may want to stop nmbd smbd and winbindd, and remove and
> recreate the machine account in your PRFMSTR2 domain for the non working
> samba installation, and then use smbpasswd -j prfmstr2 -r pdc-name  to
> rejoin the domain, and try again.
>
> Hope this helps,
> Don
>
>
> -----Original Message-----
> From: Josh Konkol [mailto:susesambaboy@yahoo.com]
> Sent: Tuesday, January 08, 2002 4:25 PM
> To: Samba List
> Subject: Samba 2.2.2 / PAM / Winbind
>
>
> We are running Suse 7.3 on an s/390 and trying to get the combination of
> Samba 2.2.2 / PAM / Winbind to work.  I have multiple instances setup and
I> have one that is working.  Problem is I can't get any other ones to
work.
> I
>
> have followed the exact same procedure yet I'm missing something.  I
have
> been struggling with this for some time and hope someone out there can
> help.
>
> I have compared the two instances and the ONLY difference I'm seeing is
> when
>
> the client tries to connect.
>
> In the log.smbd on the working instance I get the following:
>
>   Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows
> 2000
>
> 5.0]
> [2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(866)
>   sesssetupX:name=[$ejwk]
> [2002/01/08 09:16:58, 3] smbd/reply.c:reply_sesssetup_and_X(927)
>   Using unix username PRFMSTR2+$ejwk
> [2002/01/08 09:16:58, 3] libsmb/namequery.c:resolve_lmhosts(749)
>   resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>
>
> In the log.smbd on the NOT working instance i get:
>
>   Domain=[PRFMSTR2]  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows
> 2000
>
> 5.0]
> [2002/01/08 19:24:30, 3] smbd/reply.c:reply_sesssetup_and_X(866)
>   sesssetupX:name=[$ejwk]
> [2002/01/08 19:24:30, 3] libsmb/namequery.c:resolve_lmhosts(749)
>   resolve_lmhosts: Attempting lmhosts lookup for name GIGDC1<0x20>
>
> To simplify this, in the working instance I can see it translating the
> username to unix username PRFMSTR2+$ejwk, but this step is skipped in the
> broken one.
>
> I suspect this is a PAM or NSSWITCH problem ?? I know it's something I
> did/didn't do.
>
> ANY help is appreciated!!
>
> Josh Konkol, CNE MCSE
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

samba - Jan 2002 - Samba 2.2.2 / PAM / Winbind

Samba 2.2.2 / PAM / Winbind

Samba 2.2.2 / PAM / Winbind

Samba 2.2.2 / PAM / Winbind