samba - Dec 2005 - Problem with Winbind on Solaris for Samba 3.0.21rc2.

Hello again, I have been testing Samba 3.0.21rc2 with Windows ADS support
on SPARC/Solaris 8 and 9 and am experiencing problems with winbind for 
nsswitch.

Firstly, can anyone confirm this configuration this works at all?

Secondly, how did you get it to work?

I am aware of various difficulties with winbind/nsswitch on Solaris and I 
thought I had done everything necessary to solve that.

My specific problem is that Samba seems to work as expected when
winbind/nsswitch
is enabled but there is a side effect where any new SSH sessions are
disconnected
after a couple of minutes by the server. Here is an example from log file:

|Dec  5 12:51:07 numbat sshd[7356]: [ID 800047 auth.info] Accepted publickey for
mewtwo from 192.168.1.101 port 34809 ssh2
|Dec  5 12:53:02 numbat sshd[7356]: [ID 800047 auth.crit] fatal: Timeout before
authentication for 192.168.1.101

I am using a very basic smb.conf file too:

# Samba config file.

[global]
         workgroup = PERTH
         realm = PERTH.LOCALDOMAIN
         security = ADS
         encrypt passwords = yes
         client use spnego = yes
         winbind cache time = 10
         winbind enum users = yes
         winbind enum groups = yes
         idmap uid = 10000-20000
         idmap gid = 10000-20000
         template shell = /usr/bin/sh
         template homedir = /home/%U

[homes]
         guest ok = no
         read only = no

And here is the nsswitch.conf file:

passwd:     files nis winbind
group:      files nis winbind


-- 
___________________________________________________
Play 100s of games for FREE! http://games.mail.com/

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 7 Dec 2005, Security Officer wrote:
> Hello again, I have been testing Samba 3.0.21rc2 with Windows ADS support
> on SPARC/Solaris 8 and 9 and am experiencing problems with winbind for 
> nsswitch.
> 
> Firstly, can anyone confirm this configuration this works at all?
Yes.  I test on Solaris 9.
> Secondly, how did you get it to work?
> 
> I am aware of various difficulties with winbind/nsswitch on Solaris and 
> I thought I had done everything necessary to solve that.
> 
> My specific problem is that Samba seems to work as expected when 
> winbind/nsswitch is enabled but there is a side effect where any new SSH 
> sessions are disconnected after a couple of minutes by the server. Here 
> is an example from log file:
> 
> |Dec  5 12:51:07 numbat sshd[7356]: [ID 800047 auth.info] Accepted
publickey for mewtwo from 192.168.1.101 port 34809 ssh2
> |Dec  5 12:53:02 numbat sshd[7356]: [ID 800047 auth.crit] fatal: Timeout
before authentication for 192.168.1.101
Sun's ssh or OpenSSH ?
> I am using a very basic smb.conf file too:
> 
> # Samba config file.
> 
> [global]
>          workgroup = PERTH
>          realm = PERTH.LOCALDOMAIN
>          security = ADS
>          encrypt passwords = yes
>          client use spnego = yes
>          winbind cache time = 10
>          winbind enum users = yes
>          winbind enum groups = yes
Try turning these 2 parameters off.




cheers, jerry
====================================================================Alleviating
the pain of Windows(tm)      ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"There's an anonymous coward in all of us."              
--anonymous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQFDoBk2IR7qMdg1EfYRAlKrAKC/hTizyBoPLhfMdzOvHUIX/39BcQCeLMkC
tFPZ/iNHJVEv7KBtehNWKcY=iYzI
-----END PGP SIGNATURE-----