Clive.Elsum@csiro.au
2002-Nov-10 10:15 UTC
[Samba] Trying to join a Solaris 8 box to Windows 2000 AD.
I am having major problems with SAMBA samba-3.0alpha20 in trying to connect
to
Windows 2000 AD. I have attached info if that helps. Any help you can give
me
would be greatly appreciated.
Thanks in advance
Clive Elsum
I can get samba-3.0alpha20 working if I include reference to our NT PDC
in the smb.conf file and do a net rpc join command.
This joins our NT PDC domain which has a trust relationship with the
Windows 2000 ADS.
The "joined domian XXX" message appears and a wbinfo -m shows the
Windows 2000 AD domain "YYYYY" as a trusted-domain.
I can then login using domain/userid and everything works correctly.
The working smb.conf relvant bits are
workgroup = xxx
security = server
encrypt passwords = yes
stat cache = false
winbind separator = /
winbind uid = 10000-30000
winbind gid = 10000-30000
winbind use default domain = true
winbind enum groups = yes
winbind enum users = yes
security = server
template shell = /bin/tcsh
However with the imminent departure of the local NT PDC I will be forced
to use the net ads join command which at present fails.
The kinit command works correctly (password entered prompt returned)
The klist command appears to do the right thing.
Suggesting that kerberos is set up OK.
I have samba-3.0alpha20 version installed on Solaris 8. It was configured
with
./configure --with-ads --with-ldap --with-krb5=/usr/local/kerberos
--with-pam --with-winbind
The include/config.h file shows
#define HAVE_KRB5 1
#define HAVE_GSSAPI 1
#define WITH_ADS 1
#define HAVE_LDAP_H 1
I am using GCC Version 3.2; Kerberos krb5-1.2.6; LDAP openldap-2.1.8; on a
Solaris 8 platform.
I have modified the Makefile so as to overcome errors in compiling e.g
passdb/pdb_ldap.c
CFLAGS=-O -I/usr/local/kerberos/include -I/usr/local/openldap/include
CPPFLAGS= -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
-I/usr/local/kerberos/include -I/usr/local/openldap/include
LDFLAGS= -L/usr/local/kerberos/lib -L/usr/local/openldap/lib
LDSHFLAGS=-G -L/usr/local/kerberos/lib -L/usr/local/openldap/lib -O
-I/usr/local/kerberos/include -I/usr/local/openldap/includ
e
During compilation the following warnings show:
lib/util_str.c: In function `str_list_make':
lib/util_str.c:1160: warning: passing arg 3 of `next_token' discards
qualifiers from pointer target type
auth/pampass.c: In function `smb_setup_pam_conv':
auth/pampass.c:422: warning: assignment from incompatible pointer type
libads/ldap.c: In function `ads_do_paged_search':
libads/ldap.c:405: warning: passing arg 2 of `str_list_copy' from
incompatible pointer type
libads/ldap.c: In function `ads_do_search':
libads/ldap.c:631: warning: passing arg 2 of `str_list_copy' from
incompatible pointer type
libads/ldap_printer.c: In function `ads_mod_printer_entry':
libads/ldap_printer.c:80: warning: passing arg 4 of `ads_mod_strlist' from
incompatible pointer type
libads/ldap_printer.c:96: warning: passing arg 4 of `ads_mod_strlist' from
incompatible pointer type
libads/ldap_printer.c:99: warning: passing arg 4 of `ads_mod_strlist' from
incompatible pointer type
libads/kerberos.c: In function `kerberos_kinit_password':
libads/kerberos.c:80: warning: passing arg 6 of
`krb5_get_init_creds_password' discards qualifiers from pointer target type
utils/net.c: In function `net_getlocalsid':
utils/net.c:348: warning: passing arg 1 of `secrets_fetch_domain_sid'
discards qualifiers from pointer target type
utils/net_ads.c: In function `net_ads_printer_info':
utils/net_ads.c:722: warning: passing arg 4 of `ads_find_printer_on_server'
discards qualifiers from pointer target type
utils/net_ads.c: In function `net_ads_printer_publish':
utils/net_ads.c:774: warning: assignment discards qualifiers from pointer
target type
utils/net_ads.c: In function `net_ads_printer_remove':
utils/net_ads.c:812: warning: assignment discards qualifiers from pointer
target type
utils/net_rpc_join.c: In function `net_rpc_join_ok':
utils/net_rpc_join.c:65: warning: passing arg 1 of
`secrets_fetch_trust_account_password' discards qualifiers from pointer
target type
nsswitch/pam_winbind.c: In function `converse':
nsswitch/pam_winbind.c:67: warning: passing arg 3 of `pam_get_item' from
incompatible pointer type
nsswitch/pam_winbind.c:70: warning: passing arg 2 of pointer to function
from incompatible pointer type
nsswitch/pam_winbind.c: In function `_make_remark':
nsswitch/pam_winbind.c:85: warning: assignment discards qualifiers from
pointer target type
nsswitch/pam_winbind.c: In function `_winbind_read_password':
nsswitch/pam_winbind.c:278: warning: passing arg 3 of `pam_get_item' from
incompatible pointer type
nsswitch/pam_winbind.c:311: warning: assignment discards qualifiers from
pointer target type
nsswitch/pam_winbind.c:319: warning: assignment discards qualifiers from
pointer target type
nsswitch/pam_winbind.c:325: warning: assignment discards qualifiers from
pointer target type
nsswitch/pam_winbind.c:383: warning: passing arg 3 of `pam_get_item' from
incompatible pointer type
nsswitch/pam_winbind.c: In function `pam_sm_authenticate':
nsswitch/pam_winbind.c:409: warning: passing arg 2 of `pam_get_user' from
incompatible pointer type
nsswitch/pam_winbind.c: In function `pam_sm_acct_mgmt':
nsswitch/pam_winbind.c:463: warning: passing arg 2 of `pam_get_user' from
incompatible pointer type
nsswitch/pam_winbind.c: In function `pam_sm_chauthtok':
nsswitch/pam_winbind.c:540: warning: passing arg 2 of `pam_get_user' from
incompatible pointer type
nsswitch/pam_winbind.c:617: warning: passing arg 3 of `pam_get_item' from
incompatible pointer type
I then do a make install and copy relevant files with relevant links:
cp pam_winbind.so /lib/security
cp libnss_winbind.so /lib/nss_winbind.so
Relevant bits from smb.conf:
workgroup = OUR
realm = OUR.2000AD.DOMAIN
security = ADS
encrypt passwords = yes
stat cache = false
winbind separator = /
winbind uid = 10000-30000
winbind gid = 10000-30000
winbind use default domain = true
winbind enum groups = yes
winbind enum users = yes
ads server = <IP ADDRESS of ads server>
template shell = /bin/tcsh
WINBINDD adds the AD DOMAIN and relevant machines in lookup sequence but
then
aborts with:
convert_string: Required 1521, available 2048
==============================================================INTERNAL ERROR:
Signal 11 in pid 25953 (3.0alpha20)
Please read the file BUGS.txt in the distribution
==============================================================PANIC: internal
error
Abort (core dumped)
Obviously the command net ads join also fails with:
[2002/11/10 20:36:44, 0] libads/kerberos.c:ads_kinit_password(122)
kerberos_kinit_password user@OUR.2000AD.DOMAIN failed: Preauthentication
failed
[2002/11/10 20:36:44, 1] utils/net_ads.c:ads_startup(148)
ads_connect: Invalid credentials
Log output of winbindd:
[2002/11/10 20:11:56, 1] nsswitch/winbindd_util.c:add_trusted_domain(131)
Added domain WORKGROUP
[2002/11/10 20:11:56, 0] lib/charcnv.c:convert_string(147)
convert_string: Required 1521, available 2048
[2002/11/10 20:12:01, 0] lib/fault.c:fault_report(36)
==============================================================[2002/11/10
20:12:01, 0] lib/fault.c:fault_report(37)
INTERNAL ERROR: Signal 11 in pid 25893 (3.0alpha20)
Please read the file BUGS.txt in the distribution
[2002/11/10 20:12:01, 0] lib/fault.c:fault_report(39)
==============================================================[2002/11/10
20:12:01, 0] lib/util.c:smb_panic(1151)
PANIC: internal error
TRUSS of winbind shows:
truss ./winbindd
execve("winbindd", 0xFFBEFAEC, 0xFFBEFAF4) argc = 1
mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON,
-1, 0) = 0xFF3A0000
resolvepath("/usr/lib/ld.so.1", "/usr/lib/ld.so.1", 1023) =
16
open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT
open("/usr/local/lib/libsec.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libsec.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libsec.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libsec.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libsec.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libsec.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF390000
mmap(0x00000000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF370000
mmap(0xFF384000, 906, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED,
3, 16384) = 0xFF384000
munmap(0xFF374000, 65536) = 0
memcntl(0xFF370000, 2936, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libgen.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libgen.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libgen.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libgen.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libgen.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libgen.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF390000
mmap(0x00000000, 98304, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF350000
mmap(0xFF366000, 2335, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 24576) = 0xFF366000
munmap(0xFF356000, 65536) = 0
memcntl(0xFF350000, 6932, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libresolv.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libresolv.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libresolv.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libresolv.so.2", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libresolv.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libresolv.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF390000
mmap(0x00000000, 303104, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF300000
mmap(0xFF344000, 15564, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 212992) = 0xFF344000
mmap(0xFF348000, 2728, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFF348000
munmap(0xFF334000, 65536) = 0
memcntl(0xFF300000, 33536, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libsocket.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libsocket.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libsocket.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libsocket.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libsocket.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libsocket.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF390000
mmap(0x00000000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF2E0000
mmap(0xFF2FA000, 4365, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 40960) = 0xFF2FA000
munmap(0xFF2EA000, 65536) = 0
memcntl(0xFF2E0000, 14496, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libnsl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libnsl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libnsl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libnsl.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libnsl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libnsl.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF390000
mmap(0x00000000, 704512, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF200000
mmap(0xFF29C000, 32732, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 573440) = 0xFF29C000
mmap(0xFF2A4000, 30920, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFF2A4000
munmap(0xFF28C000, 65536) = 0
memcntl(0xFF200000, 82236, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libdl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libdl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libdl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libdl.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libdl.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libdl.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF390000
close(3) = 0
open("/usr/local/lib/libkrb5.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libkrb5.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libkrb5.so.3", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF2D0000
mmap(0x00000000, 638976, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF100000
mmap(0xFF196000, 17064, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 548864) = 0xFF196000
munmap(0xFF188000, 57344) = 0
memcntl(0xFF100000, 60620, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libcom_err.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libcom_err.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libcom_err.so.3", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 73728, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF1E0000
mmap(0xFF1F0000, 5236, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 0) = 0xFF1F0000
munmap(0xFF1E2000, 57344) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON,
-1, 0) = 0xFF2C0000
memcntl(0xFF1E0000, 1916, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libk5crypto.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libk5crypto.so.3", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libk5crypto.so.3", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF1B0000
mmap(0xFF1D8000, 9812, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 98304) = 0xFF1D8000
munmap(0xFF1CA000, 57344) = 0
memcntl(0xFF1B0000, 8772, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libgssapi_krb5.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libgssapi_krb5.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libgssapi_krb5.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 172032, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF0D0000
mmap(0xFF0F6000, 10792, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 90112) = 0xFF0F6000
munmap(0xFF0E8000, 57344) = 0
memcntl(0xFF0D0000, 16732, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/liblber.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/liblber.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/liblber.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/liblber.so.2", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/liblber.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF0B0000
mmap(0xFF0CA000, 2896, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 40960) = 0xFF0CA000
munmap(0xFF0BC000, 57344) = 0
memcntl(0xFF0B0000, 8716, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libldap.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libldap.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libldap.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libldap.so.2", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libldap.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 1114112, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFEF80000
mmap(0xFF07C000, 69400, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 966656) = 0xFF07C000
mmap(0xFF08E000, 5216, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFF08E000
munmap(0xFF06E000, 57344) = 0
memcntl(0xFEF80000, 190348, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libpam.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libpam.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libpam.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libpam.so.1", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libpam.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libpam.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 98304, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFEF60000
mmap(0xFEF76000, 2839, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 24576) = 0xFEF76000
munmap(0xFEF66000, 65536) = 0
memcntl(0xFEF60000, 6660, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libc.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libc.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libc.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libc.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/local/openldap/lib/libc.so.1", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libc.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 794624, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFEE80000
mmap(0xFEF3A000, 24692, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 696320) = 0xFEF3A000
munmap(0xFEF2A000, 65536) = 0
memcntl(0xFEE80000, 113380, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libmp.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/ssl/lib/libmp.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/kerberos/lib/libmp.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/local/BerkeleyDB.4.1/lib/libmp.so.2", O_RDONLY) Err#2
ENOENT
open("/usr/local/openldap/lib/libmp.so.2", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libmp.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFEE60000
mmap(0xFEE74000, 865, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED,
3, 16384) = 0xFEE74000
munmap(0xFEE64000, 65536) = 0
memcntl(0xFEE60000, 3124, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/local/lib/libgcc_s.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF224) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 106496, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFEE40000
mmap(0xFEE56000, 8452, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 24576) = 0xFEE56000
munmap(0xFEE48000, 57344) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON,
-1, 0) = 0xFF0A0000
memcntl(0xFEE40000, 5796, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEF0B4) = 0
mmap(0xFF2D0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
0xFF2D0000
mmap(0x00000000, 16384, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFEF50000
close(3) = 0
munmap(0xFF2D0000, 8192) = 0
brk(0x001364C0) = 0
brk(0x001384C0) = 0
sysconfig(_CONFIG_STACK_PROT) = 7
sigfillset(0xFEF40910) = 0
sigaction(SIGUSR1, 0xFFBEF548, 0xFFBEF5C8) = 0
sigaction(SIGUSR2, 0xFFBEF548, 0xFFBEF5C8) = 0
sigaction(SIGSEGV, 0xFFBEF4D8, 0xFFBEF558) = 0
sigaction(SIGBUS, 0xFFBEF4D8, 0xFFBEF558) = 0
getuid() = 0 [0]
getgid() = 1 [1]
umask(022) = 022
open64("/usr/local/samba/var/log.winbindd", O_WRONLY|O_APPEND|O_CREAT,
0644)
= 3
umask(022) = 022
fcntl(3, F_DUP2FD, 0x00000002) = 2
time() = 1036921984
open("/usr/share/lib/zoneinfo/Australia/Victoria", O_RDONLY) = 4
read(4, " T Z i f\0\0\0\0\0\0\0\0".., 8192) = 785
close(4) = 0
brk(0x001384C0) = 0
brk(0x0013A4C0) = 0
getuid() = 0 [0]
write(3, " [ 2 0 0 2 / 1 1 / 1 0 ".., 55) = 55
getuid() = 0 [0]
write(3, " w i n b i n d d v".., 39) = 39
getuid() = 0 [0]
write(3, " C o p y r i g h t ".., 37) = 37
umask(022) = 022
open64("/usr/local/samba/var/log.winbindd", O_WRONLY|O_APPEND|O_CREAT,
0644)
= 4
close(3) = 0
umask(022) = 022
fcntl(4, F_DUP2FD, 0x00000002) = 2
open64("/usr/local/samba/lib/upcase.dat", O_RDONLY) = 3
fstat64(3, 0xFFBECEE8) = 0
brk(0x0013A4C0) = 0
brk(0x0015A4C0) = 0
read(3, "\0\001\002\003\004\005\0".., 131072) = 131072
close(3) = 0
open64("/usr/local/samba/lib/lowcase.dat", O_RDONLY) = 3
fstat64(3, 0xFFBECEE8) = 0
brk(0x0015A4C0) = 0
brk(0x0017A4C0) = 0
read(3, "\0\001\002\003\004\005\0".., 131072) = 131072
close(3) = 0
open64("/usr/local/samba/lib/valid.dat", O_RDONLY) = 3
fstat64(3, 0xFFBECE78) = 0
brk(0x0017A4C0) = 0
brk(0x0018A4C0) = 0
read(3, "\0\0\0\0\0\0\0\0\0\0\0\0".., 65536) = 65536
close(3) = 0
stat64("/usr/local/samba/lib/smb.conf", 0xFFBEE820) = 0
open64("/usr/local/samba/lib/smb.conf", O_RDONLY) = 3
fstat64(3, 0xFFBEE740) = 0
brk(0x0018A4C0) = 0
brk(0x0018C4C0) = 0
read(3, " # T h i s i s t h".., 7062) = 7062
close(3) = 0
time() = 1036921984
getuid() = 0 [0]
fstat64(4, 0xFFBEE670) = 0
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 49) = 49
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 46) = 46
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 47) = 47
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 49) = 49
brk(0x0018C4C0) = 0
brk(0x0018E4C0) = 0
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 46) = 46
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 47) = 47
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 46) = 46
time() = 1036921984
getuid() = 0 [0]
write(4, " [ 2 0 0 2 / 1 1 / 1 0 ".., 54) = 54
getuid() = 0 [0]
write(4, " C o n v e r s i o n".., 46) = 46
umask(022) = 022
open64("/usr/local/samba/var/log.winbindd", O_WRONLY|O_APPEND|O_CREAT,
0644)
= 3
close(4) = 0
umask(022) = 022
fcntl(3, F_DUP2FD, 0x00000002) = 2
so_socket(2, 1, 0, "", 1) = 4
ioctl(4, 0xC0086914, 0xFFBEE0A8) = 0
ioctl(4, 0xC020690D, 0xFFBEC0C8) = 0
ioctl(4, 0xC0206911, 0xFFBEC0C8) = 0
ioctl(4, 0xC0206919, 0xFFBEC0C8) = 0
ioctl(4, 0xC020690D, 0xFFBEC0A8) = 0
ioctl(4, 0xC0206911, 0xFFBEC0A8) = 0
ioctl(4, 0xC0206919, 0xFFBEC0A8) = 0
close(4) = 0
uname(0xFFBEEC30) = 1
fork() = 26003
_exit(0)
Many thanks in advance ,
---------------------------------------------------------------------
Clive Elsum BAppSc, RHCE
Systems Engineer - Information Technology Group
CSIRO Atmospheric Research
PMB 1, Aspendale, Victoria, Australia 3195
Phone : (+61 3) 9239 4509
Fax: (+61 3) 9239 4444
E-mail Clive.Elsum@csiro.au
---------------------------------------------------------------------
Andrew Bartlett
2002-Nov-10 12:39 UTC
[Samba] Re: Trying to join a Solaris 8 box to Windows 2000 AD.
On Sun, 2002-11-10 at 21:13, Clive.Elsum@csiro.au wrote:> I am having major problems with SAMBA samba-3.0alpha20 in trying to connect > to > Windows 2000 AD. I have attached info if that helps. Any help you can give > me > would be greatly appreciated. > > Thanks in advance > > Clive Elsum > > I can get samba-3.0alpha20 working if I include reference to our NT PDC > in the smb.conf file and do a net rpc join command. > This joins our NT PDC domain which has a trust relationship with the > Windows 2000 ADS. > The "joined domian XXX" message appears and a wbinfo -m shows the > Windows 2000 AD domain "YYYYY" as a trusted-domain. > I can then login using domain/userid and everything works correctly. > The working smb.conf relvant bits are > workgroup = xxx > security = server > encrypt passwords = yes > stat cache = false > winbind separator = / > winbind uid = 10000-30000 > winbind gid = 10000-30000 > winbind use default domain = true > winbind enum groups = yes > winbind enum users = yes > security = server > template shell = /bin/tcsh > > > However with the imminent departure of the local NT PDC I will be forced > to use the net ads join command which at present fails.There isn't a 'forced' here - you should still be able to 'net rpc join' a Win2k domain. But that doesn't solve your real problem.> The kinit command works correctly (password entered prompt returned) > The klist command appears to do the right thing. > Suggesting that kerberos is set up OK. > > I have samba-3.0alpha20 version installed on Solaris 8. It was configured > with > ./configure --with-ads --with-ldap --with-krb5=/usr/local/kerberos > --with-pam --with-winbind > > The include/config.h file shows > #define HAVE_KRB5 1 > #define HAVE_GSSAPI 1 > #define WITH_ADS 1 > #define HAVE_LDAP_H 1 > > > I am using GCC Version 3.2; Kerberos krb5-1.2.6; LDAP openldap-2.1.8; on a > Solaris 8 platform. > > I have modified the Makefile so as to overcome errors in compiling e.g > passdb/pdb_ldap.cWhat were they, btw?> I then do a make install and copy relevant files with relevant links: > cp pam_winbind.so /lib/security > cp libnss_winbind.so /lib/nss_winbind.so > > > Relevant bits from smb.conf: > workgroup = OUR > realm = OUR.2000AD.DOMAIN > security = ADS > encrypt passwords = yes > stat cache = false > winbind separator = / > winbind uid = 10000-30000 > winbind gid = 10000-30000 > winbind use default domain = true > winbind enum groups = yes > winbind enum users = yes > ads server = <IP ADDRESS of ads server> > template shell = /bin/tcsh > > WINBINDD adds the AD DOMAIN and relevant machines in lookup sequence but > then > aborts with: > > convert_string: Required 1521, available 2048 > ==============================================================> INTERNAL ERROR: Signal 11 in pid 25953 (3.0alpha20) > Please read the file BUGS.txt in the distribution > ==============================================================> PANIC: internal error > Abort (core dumped)Any chance of recompiling --enable-krb5developer and getting us a gdb backtrace? See 'panic action' in the smb.conf> Obviously the command net ads join also fails with: > [2002/11/10 20:36:44, 0] libads/kerberos.c:ads_kinit_password(122) > kerberos_kinit_password user@OUR.2000AD.DOMAIN failed: Preauthentication > failed > [2002/11/10 20:36:44, 1] utils/net_ads.c:ads_startup(148) > ads_connect: Invalid credentialsWhy is this 'obviously'? Anyway, a backtrace of this would be good. Anyway, if you can get that, and also try the lastest 3.0 CVS (pserver.samba.org), that will help us to chase it down. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20021110/26482355/attachment.bin
Clive.Elsum@csiro.au
2002-Nov-12 23:35 UTC
[Samba] RE: Trying to join a Solaris 8 box to Windows 2000 AD.
Hi Andrew,
Finally got back to this after locating a machine with more disk space!
The dbg output was:
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.8"...
/11715: No such file or directory.
Attaching to program `/proc/11715/object/a.out', process 11715
Reading symbols from /usr/lib/libsec.so.1...done.
Loaded symbols for /usr/lib/libsec.so.1
Reading symbols from /usr/lib/libgen.so.1...done.
Loaded symbols for /usr/lib/libgen.so.1
Reading symbols from /usr/lib/libresolv.so.2...done.
Loaded symbols for /usr/lib/libresolv.so.2
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/local/krb5/lib/libkrb5.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libkrb5.so.3
Reading symbols from /usr/local/krb5/lib/libcom_err.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libcom_err.so.3
Reading symbols from /usr/local/krb5/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libk5crypto.so.3
Reading symbols from /usr/local/krb5/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/local/krb5/lib/libgssapi_krb5.so.2
Reading symbols from /usr/local/ldap/lib/liblber.so.2...done.
Loaded symbols for /usr/local/ldap/lib/liblber.so.2
Reading symbols from /usr/local/ldap/lib/libldap.so.2...done.
Loaded symbols for /usr/local/ldap/lib/libldap.so.2
Reading symbols from /usr/lib/libpam.so.1...done.
Loaded symbols for /usr/lib/libpam.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/local/lib/libgcc_s.so.1...done.
Loaded symbols for /usr/local/lib/libgcc_s.so.1
Reading symbols from /usr/local/ssl/lib/libssl.so.0.9.6...done.
Loaded symbols for /usr/local/ssl/lib/libssl.so.0.9.6
Reading symbols from /usr/local/ssl/lib/libcrypto.so.0.9.6...done.
Loaded symbols for /usr/local/ssl/lib/libcrypto.so.0.9.6
Reading symbols from /usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1...done.
Loaded symbols for /usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1
Retry #1:
Retry #2:
Retry #3:
Retry #4:
[New LWP 1]
Symbols already loaded for /usr/lib/libsec.so.1
Symbols already loaded for /usr/lib/libgen.so.1
Symbols already loaded for /usr/lib/libresolv.so.2
Symbols already loaded for /usr/lib/libsocket.so.1
Symbols already loaded for /usr/lib/libnsl.so.1
Symbols already loaded for /usr/lib/libdl.so.1
Symbols already loaded for /usr/local/krb5/lib/libkrb5.so.3
Symbols already loaded for /usr/local/krb5/lib/libcom_err.so.3
Symbols already loaded for /usr/local/krb5/lib/libk5crypto.so.3
Symbols already loaded for /usr/local/krb5/lib/libgssapi_krb5.so.2
Symbols already loaded for /usr/local/ldap/lib/liblber.so.2
Symbols already loaded for /usr/local/ldap/lib/libldap.so.2
Symbols already loaded for /usr/lib/libpam.so.1
Symbols already loaded for /usr/lib/libc.so.1
Symbols already loaded for /usr/lib/libmp.so.2
Symbols already loaded for /usr/local/lib/libgcc_s.so.1
Symbols already loaded for /usr/local/ssl/lib/libssl.so.0.9.6
Symbols already loaded for /usr/local/ssl/lib/libcrypto.so.0.9.6
Symbols already loaded for /usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1
0xff01b844 in _waitid () from /usr/lib/libc.so.1
#0 0xff01b844 in _waitid () from /usr/lib/libc.so.1
#1 0xfefd5d00 in _waitpid () from /usr/lib/libc.so.1
#2 0xff01113c in system () from /usr/lib/libc.so.1
#3 0x5fb58 in smb_panic (why=0xefb40 "internal error") at
lib/util.c:1142
#4 0x4e760 in fault_report (sig=11) at lib/fault.c:41
#5 0x4e7b8 in sig_fault (sig=11) at lib/fault.c:61
#6 <signal handler called>
#7 0xff0506bc in exit () from
/usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1
#8 0xff235554 in process_gethost () from /usr/lib/libnsl.so.1
#9 0xff235388 in _door_gethostbyname_r () from /usr/lib/libnsl.so.1
#10 0xff21af10 in _get_hostserv_inetnetdir_byname () from
/usr/lib/libnsl.so.1
#11 0xff2348d0 in gethostbyname_r () from /usr/lib/libnsl.so.1
#12 0x50a18 in sys_gethostbyname (name=0x19a6e0 "") at
lib/system.c:513
#13 0x5f708 in interpret_addr (str=0xffbeec48
"nxact1-bm.nexus.csiro.au")
at lib/util.c:832
#14 0x5f830 in interpret_addr2 (
str=0xffffffff <Address 0xffffffff out of bounds>) at lib/util.c:854
#15 0xe0048 in ads_try_dns (ads=0x199430) at libads/ldap.c:129
#16 0xe040c in ads_connect (ads=0x199430) at libads/ldap.c:227
#17 0x3d05c in ads_cached_connection (domain=0x18ed30)
at nsswitch/winbindd_ads.c:136
#18 0x3f3b0 in domain_sid (domain=0x18ed30, sid=0x18ef30)
at nsswitch/winbindd_ads.c:803
#19 0x36ec0 in domain_sid (domain=0x18ed30, sid=0x18ef30)
at nsswitch/winbindd_cache.c:892
#20 0x34d44 in init_domain_list () at nsswitch/winbindd_util.c:201
#21 0x2f3ac in winbind_setup_common () at nsswitch/winbindd.c:700
#22 0x2f878 in main (argc=1, argv=0xffbef95c) at nsswitch/winbindd.c:875
Any help on where to go on this would be greatly appreciated,
Clive
---------------------------------------------------------------------
Clive Elsum BAppSc, RHCE
Systems Engineer - Information Technology Group
CSIRO Atmospheric Research
PMB 1, Aspendale, Victoria, Australia 3195
Phone : (+61 3) 9239 4509
Fax: (+61 3) 9239 4444
E-mail Clive.Elsum@csiro.au
---------------------------------------------------------------------
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet@samba.org]
Sent: Sunday, 10 November 2002 11:39 PM
To: Clive.Elsum@csiro.au
Cc: samba@lists.samba.org; samba-technical@lists.samba.org
Subject: Re: Trying to join a Solaris 8 box to Windows 2000 AD.
On Sun, 2002-11-10 at 21:13, Clive.Elsum@csiro.au wrote:> I am having major problems with SAMBA samba-3.0alpha20 in trying to
connect> to
> Windows 2000 AD. I have attached info if that helps. Any help you can
give> me
> would be greatly appreciated.
>
> Thanks in advance
>
> Clive Elsum
>
> I can get samba-3.0alpha20 working if I include reference to our NT PDC
> in the smb.conf file and do a net rpc join command.
> This joins our NT PDC domain which has a trust relationship with the
> Windows 2000 ADS.
> The "joined domian XXX" message appears and a wbinfo -m shows the
> Windows 2000 AD domain "YYYYY" as a trusted-domain.
> I can then login using domain/userid and everything works correctly.
> The working smb.conf relvant bits are
> workgroup = xxx
> security = server
> encrypt passwords = yes
> stat cache = false
> winbind separator = /
> winbind uid = 10000-30000
> winbind gid = 10000-30000
> winbind use default domain = true
> winbind enum groups = yes
> winbind enum users = yes
> security = server
> template shell = /bin/tcsh
>
>
> However with the imminent departure of the local NT PDC I will be forced
> to use the net ads join command which at present fails.
There isn't a 'forced' here - you should still be able to 'net
rpc join'
a Win2k domain. But that doesn't solve your real problem.
> The kinit command works correctly (password entered prompt returned)
> The klist command appears to do the right thing.
> Suggesting that kerberos is set up OK.
>
> I have samba-3.0alpha20 version installed on Solaris 8. It was configured
> with
> ./configure --with-ads --with-ldap --with-krb5=/usr/local/kerberos
> --with-pam --with-winbind
>
> The include/config.h file shows
> #define HAVE_KRB5 1
> #define HAVE_GSSAPI 1
> #define WITH_ADS 1
> #define HAVE_LDAP_H 1
>
>
> I am using GCC Version 3.2; Kerberos krb5-1.2.6; LDAP openldap-2.1.8; on
a> Solaris 8 platform.
>
> I have modified the Makefile so as to overcome errors in compiling e.g
> passdb/pdb_ldap.c
What were they, btw?
> I then do a make install and copy relevant files with relevant links:
> cp pam_winbind.so /lib/security
> cp libnss_winbind.so /lib/nss_winbind.so
>
>
> Relevant bits from smb.conf:
> workgroup = OUR
> realm = OUR.2000AD.DOMAIN
> security = ADS
> encrypt passwords = yes
> stat cache = false
> winbind separator = /
> winbind uid = 10000-30000
> winbind gid = 10000-30000
> winbind use default domain = true
> winbind enum groups = yes
> winbind enum users = yes
> ads server = <IP ADDRESS of ads server>
> template shell = /bin/tcsh
>
> WINBINDD adds the AD DOMAIN and relevant machines in lookup sequence but
> then
> aborts with:
>
> convert_string: Required 1521, available 2048
> ==============================================================> INTERNAL
ERROR: Signal 11 in pid 25953 (3.0alpha20)
> Please read the file BUGS.txt in the distribution
> ==============================================================> PANIC:
internal error
> Abort (core dumped)
Any chance of recompiling --enable-krb5developer and getting us a gdb
backtrace? See 'panic action' in the smb.conf
> Obviously the command net ads join also fails with:
> [2002/11/10 20:36:44, 0] libads/kerberos.c:ads_kinit_password(122)
> kerberos_kinit_password user@OUR.2000AD.DOMAIN failed: Preauthentication
> failed
> [2002/11/10 20:36:44, 1] utils/net_ads.c:ads_startup(148)
> ads_connect: Invalid credentials
Why is this 'obviously'? Anyway, a backtrace of this would be good.
Anyway, if you can get that, and also try the lastest 3.0 CVS
(pserver.samba.org), that will help us to chase it down.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net