Дорофеев Михаил Сергеевич
2004-Jan-19 03:56 UTC
[Samba] W2K AD domain join success, wbinfo -t error - question
Hi all! I'm configuring Samba 3.0.1 on Solaris 9 (rel s9_58shwpl3) Sparc. Have successfully installed Ldap libs, Krb5 libs, and, finally - Samba. Trying to join W2KSP4 domain. net rpc join -S dc01 -U Administrator Gives bash-2.05# /usr/local/samba/bin/net rpc join -S dc01-tmn -U Administrator Password: Joined domain MYDOMAIN. Now i start winbindd. The smb.conf file is: WORKGROUP=MYDOMAIN security = domain winbind use default domain = yes winbind separator = + idmap uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /export/home/%D/%U template shell = /bin/bash Then wbinfo -g LISTS domain groups and wbinfo -u LISTS domain users. See below (bash-2.05# ./wbinfo -g Domain Admins Domain Users Domain Guests ..... about 100 groups) BUT wbinfo -t gives the error: bash-2.05# ./wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b) Could not check secret bash-2.05# And net rpc testjoin sais: bash-2.05# ./net rpc testjoin [2004/01/19 08:43:40, 0] utils/net_rpc_join.c:net_rpc_join_ok(73) Error in domain join verfication (fresh connection) Join to domain 'TMN' is not valid The log is: Jan 16 18:47:39 SAMBA_SERVER pam_winbind[9808]: [ID 467601 auth.error] request failed: No trusted SAM account, PAM error was 4, NT error was NT_STATUS_NO_TRUST_SAM_ACCOUNT Jan 16 18:47:39 SAMBA_SERVER pam_winbind[9808]: [ID 637597 auth.error] internal module error (retval = 4, user = `root' Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] [2004/01/17 12:59:12, 0] lib/util_sock.c:write_socket_data(388) Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] write_socket_data: write failure. Error = Broken pipe Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] [2004/01/17 12:59:12, 0] lib/util_sock.c:write_socket(413) Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] write_socket: Error writing 138 bytes to socket 14: ERRNO = Broken pipe Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] [2004/01/17 12:59:12, 0] libsmb/clientgen.c:cli_send_smb(155) Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] Error writing 138 bytes to client. -1 (Broken pipe) Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] [2004/01/17 12:59:12, 0] rpc_client/cli_pipe.c:rpc_api_pipe(424) Jan 17 12:59:12 SAMBA_SERVER winbindd[9713]: [ID 702911 daemon.error] cli_pipe: return critical error. Error was Write error: Broken pipe Jan 17 13:59:16 SAMBA_SERVER net[25311]: [ID 702911 user.error] [2004/01/17 13:59:16, 0] utils/net.c:net_getlocalsid(414) Jan 17 13:59:16 SAMBA_SERVER net[25311]: [ID 702911 user.error] Can't fetch domain SID for name: SAMBA_SERVER Jan 19 07:45:52 SAMBA_SERVER ftpd[25362]: [ID 484914 daemon.notice] gethostbyaddr: host136-5.pool8249.interbusiness.it. != 82.49.5.136 Jan 19 08:43:40 SAMBA_SERVER net[26014]: [ID 702911 user.error] [2004/01/19 08:43:40, 0] utils/net_rpc_join.c:net_rpc_join_ok(73) Jan 19 08:43:40 SAMBA_SERVER net[26014]: [ID 702911 user.error] Error in domain join verfication (fresh connection) (WHERE SAMBA_SERVER is the name of my Samba box I'm playing with - changed, BUT the original name of the samba server IS resolved from any of domain controllers) The patch 113476-05 IS applied (although it is needed for the nss mechanism to work properly). What am i doing wrong ? Help is really needed, since i,m playing with half-prodaction server hence can not play-and-change-and-reboot much :(. Thanks all in advance!!!
Reasonably Related Threads
- Telnet to samba box does NOT work: wb_getgrgid: failed to locate gid == 1000
- idmap uid range 10000-20000: pam_winbind does NOT work ?
- user granted access, but still no shell prompt
- idmap uid range 10000-20000: pam_winbind does NOT wor k ?
- Problems with the 2.0.6 release ....