On Wed, 12 Oct 2005, Stefan Kerkemeier wrote:> ok you`re using 'security=domain' and a windows 2003 sp1 DC. Well recent > security updates for Windows2003 (especially SP1) have changed the > several RPC mechanisms to obtain group and user lists form DCs.Yes, I know, but I was hoping for a workaround. If Samba/Winbind doesn't work with 2003SP1 in domain mode, and no fix is available, then we have a pretty sad situation, I think.> Please consult the release notes of samba 3.0.20a for further informations.I have done so. It recommends using "wbinfo --set-auth-user". I've tried this as well, but it doesn't help. (Another strange thing is that "wbinfo -A" isn't the same thing as --set-user, it seems. Even so, the manpage refers to -A under --get-auth-user, and it doesn't mention --set-user. What is going on here, does "wbinfo -A" mean something different nowadays?) Regards,>>> -------- Original Message -------- >>> Subject: [Samba] Winbind is DISCONNECTED after restart (12-Okt-2005 10:08) >>> From: Peter ?strand <astrand@cendio.se> >>> To: samba@lists.samba.org >>> >>>> >>>> >>>> I'm experiencing a strange problem on one RHEL4 system with Samba 3.0. >> 20a. >>>> After restarting the Samba and Winbind services, the domain connection >>>> doesn't work any longer: >>>> >>>> # wbinfo --sequence >>>> HA02 : 1 >>>> BUILTIN : 1 >>>> CRT : DISCONNECTED >>>> >>>> Before restarting, I got: >>>> >>>> # wbinfo --sequence >>>> CRT : 254 >>>> >>>> The strange thing is that if I remove /etc/samba/secrets.tdb before >>>> (re)starting Samba, this problem goes away. Another really strange thing >>>> is that things works correctly on an identical machine. The PDC is >> running >>>> "Windows Server 2003 3790 Service Pack 1". >>>> >>>> Any ideas? Our smb.conf looks like: >>>> >>>> [global] >>>> workgroup = CRT >>>> password server = * >>>> security = domain >>>> template shell = /bin/bash >>>> winbind use default domain = yes >>>> winbind separator = + >>>> encrypt passwords = yes >>>> log level = 2 >>>> idmap uid = 16777216-33554431 >>>> idmap gid = 16777216-33554431-- Peter ?strand Chief Developer Cendio www.thinlinc.com Teknikringen 3 www.cendio.se 583 30 Link?ping Phone: +46-13-21 46 00
Gerald (Jerry) Carter
2005-Oct-13 13:08 UTC
Re-2: [Samba] Winbind is DISCONNECTED after restart
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter ?strand wrote: | (Another strange thing is that "wbinfo -A" isn't the | same thing as --set-user, it seems. Even so, the | manpage refers to -A under --get-auth-user, and it | doesn't mention --set-user. What is going on | here, does "wbinfo -A" mean something different nowadays?) we were trying to deprecate the --set-auth-user option to wbinfo. But then these windows updates threw a temporary monkey in the machine. The option is still there. Probably just a problem with the man page. ciao, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDTlx7IR7qMdg1EfYRAiJpAKCb0VcTYOzNGz0O/J7oGxvM3hAcVgCg7pMm V4Nm/fR73t34xTVho/66F6s=Cy+X -----END PGP SIGNATURE-----