We are currently working on a new systems design which is changing out our hardware, OSs and applications all at the same. This is our first crack at trying to get SOL 10 (1/06) and W2K3 server to play nice together and we can't get the Windows domain controller to pass the SID to our UNIX server. Any help would be greatly appreciated. We are currently required to use Samba 3.0.2.0b but we may be able to move to 3.0.2.3b if upgrading fixes our problem. Below is our smb,conf file: # Global parameters [global] workgroup = diego password server = diegogcsdc01 server string = Samba 3.0.20b on (%L) security = DOMAIN invalid users = root bin daemon adm sync shutdown halt mail news encrypt passwords = Yes printing = cups load printers = yes [ N1Share ] comment = N1SRV Data Share path = /n1data writeable = Yes create mode = 0750 directory mode = 0770 Here is our net join command and output: sysadmin-n1svr (8) ./net join -U administrator -S diegogcsdc01 -l -d 10 [2006/08/25 13:58:39, 5] lib/debug.c:(368) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 [2006/08/25 13:58:39, 3] param/loadparm.c:(4082) lp_load: refreshing parameters [2006/08/25 13:58:39, 3] param/loadparm.c:(1366) Initialising global parameters [2006/08/25 13:58:39, 3] param/params.c:(574) params.c:pm_process() - Processing configuration file "/h/COTS/CIFS/bin/Samba/lib/smb.conf" [2006/08/25 13:58:39, 3] param/loadparm.c:(3542) Processing section "[global]" doing parameter workgroup = diego doing parameter password server = diegogcsdc01 doing parameter server string = Samba 3.0.20b on (%L) doing parameter security = DOMAIN doing parameter invalid users = root bin daemon adm sync shutdown halt mail news doing parameter encrypt passwords = Yes doing parameter printing = cups doing parameter load printers = yes [2006/08/25 13:58:39, 4] param/loadparm.c:(4113) pm_process() returned Yes [2006/08/25 13:58:39, 7] param/loadparm.c:(4226) lp_servicenumber: couldn't find homes [2006/08/25 13:58:39, 10] param/loadparm.c:(4031) set_server_role: role = ROLE_DOMAIN_MEMBER [2006/08/25 13:58:39, 5] lib/iconv.c:(103) Attempting to register new charset UCS-2LE [2006/08/25 13:58:39, 5] lib/iconv.c:(111) Registered charset UCS-2LE [2006/08/25 13:58:39, 5] lib/iconv.c:(103) Attempting to register new charset UTF-16LE [2006/08/25 13:58:39, 5] lib/iconv.c:(111) Registered charset UTF-16LE <SNIP> Netbios name list:- my_netbios_names[0]="N1SVR" [2006/08/25 13:58:39, 2] lib/interface.c:(81) added interface ip=205.40.130.114 bcast=205.40.130.255 nmask=255.255.255.0 [2006/08/25 13:58:39, 2] lib/interface.c:(81) added interface ip=10.0.0.115 bcast=10.0.0.255 nmask=255.255.255.0 [2006/08/25 13:58:39, 10] libsmb/namequery.c:(1028) internal_resolve_name: looking up diegogcsdc01#20 [2006/08/25 13:58:39, 5] lib/gencache.c:(59) Opening cache file at /h/COTS/CIFS/bin/Samba/var/locks/gencache.tdb [2006/08/25 13:58:39, 10] lib/gencache.c:(263) Returning expired cache entry: key = NBT/DIEGOGCSDC01#20, value 192.1.1.20:0, timeout = Thu Aug 24 14:18:06 2006 [2006/08/25 13:58:39, 5] libsmb/namecache.c:(195) no entry for diegogcsdc01#20 found. [2006/08/25 13:58:39, 10] lib/gencache.c:(214) Deleting cache entry (key = NBT/DIEGOGCSDC01#20) [2006/08/25 13:58:39, 3] libsmb/namequery.c:(855) resolve_lmhosts: Attempting lmhosts lookup for name diegogcsdc01<0x20> [2006/08/25 13:58:39, 4] libsmb/namequery.c:(548) startlmhosts: Can't open lmhosts file /h/COTS/CIFS/bin/Samba/lib/lmhosts. Error was Permission denied [2006/08/25 13:58:39, 3] libsmb/namequery.c:(752) resolve_wins: Attempting wins lookup for name diegogcsdc01<0x20> [2006/08/25 13:58:39, 3] libsmb/namequery.c:(755) resolve_wins: WINS server resolution selected and no WINS servers listed. [2006/08/25 13:58:39, 3] libsmb/namequery.c:(917) resolve_hosts: Attempting host lookup for name diegogcsdc01<0x20> [2006/08/25 13:58:39, 10] libsmb/namequery.c:(320) remove_duplicate_addrs2: looking for duplicate address/port pairs [2006/08/25 13:58:39, 5] libsmb/namecache.c:(131) namecache_store: storing 1 address for diegogcsdc01#20: 192.1.1.20:0 [2006/08/25 13:58:39, 10] lib/gencache.c:(127) Adding cache entry with key = NBT/DIEGOGCSDC01#20; value 192.1.1.20:0 and timeout = Fri Aug 25 14:09:39 2006 (660 seconds ahead) [2006/08/25 13:58:39, 10] libsmb/namequery.c:(1145) internal_resolve_name: returning 1 addresses: 192.1.1.20:0 [2006/08/25 13:58:39, 3] libsmb/cliconnect.c:(1407) Connecting to host=diegogcsdc01 [2006/08/25 13:58:39, 3] lib/util_sock.c:(867) Connecting to 192.1.1.20 at port 445 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option SO_KEEPALIVE = 0 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option SO_REUSEADDR = 0 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option SO_BROADCAST = 0 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option TCP_NODELAY = 1 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option IPTOS_LOWDELAY = 0 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option IPTOS_THROUGHPUT = 0 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option SO_SNDBUF = 49152 [2006/08/25 13:58:39, 5] lib/util_sock.c:(203) socket option SO_RCVBUF = 49640 [2006/08/25 13:58:39, 5] lib/util_sock.c:(201) Could not test socket option SO_SNDLOWAT. [2006/08/25 13:58:39, 5] lib/util_sock.c:(201) Could not test socket option SO_RCVLOWAT. [2006/08/25 13:58:39, 5] lib/util_sock.c:(201) Could not test socket option SO_SNDTIMEO. [2006/08/25 13:58:39, 5] lib/util_sock.c:(201) Could not test socket option SO_RCVTIMEO. [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(132) write_socket(5,183) [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(135) write_socket(5,183) wrote 183 [2006/08/25 13:58:39, 10] lib/util_sock.c:(615) got smb length of 190 [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=190 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=55297 smb_tid=0 smb_pid=7277 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12807 (0x3207) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=23680 (0x5C80) smb_vwv[12]=61626 (0xF0BA) smb_vwv[13]=20033 (0x4E41) smb_vwv[14]=50888 (0xC6C8) smb_vwv[15]=57345 (0xE001) smb_vwv[16]= 1 (0x1) smb_bcc=121 [2006/08/25 13:58:39, 10] lib/util.c:(2053) <SNIP> [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=190 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=55297 smb_tid=0 smb_pid=7277 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12807 (0x3207) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=23680 (0x5C80) smb_vwv[12]=61626 (0xF0BA) smb_vwv[13]=20033 (0x4E41) smb_vwv[14]=50888 (0xC6C8) smb_vwv[15]=57345 (0xE001) smb_vwv[16]= 1 (0x1) smb_bcc=121 [2006/08/25 13:58:39, 10] lib/util.c:(2053) <SNIP> [2006/08/25 13:58:39, 4] lib/time.c:(125) Serverzone is 0 [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(132) write_socket(5,92) [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(135) write_socket(5,92) wrote 92 [2006/08/25 13:58:39, 10] lib/util_sock.c:(615) got smb length of 181 [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=181 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=55297 smb_tid=0 smb_pid=7277 smb_uid=28677 smb_mid=2 smt_wct=3 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 181 (0xB5) smb_vwv[ 2]= 0 (0x0) smb_bcc=140 [2006/08/25 13:58:39, 10] lib/util.c:(2053) <SNIP> [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=181 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=55297 smb_tid=0 smb_pid=7277 smb_uid=28677 smb_mid=2 smt_wct=3 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 181 (0xB5) smb_vwv[ 2]= 0 (0x0) smb_bcc=140 [2006/08/25 13:58:39, 10] lib/util.c:(2053) <SNIP> [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(132) write_socket(5,92) [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(135) write_socket(5,92) wrote 92 [2006/08/25 13:58:39, 10] lib/util_sock.c:(615) got smb length of 48 [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=48 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=55297 smb_tid=32774 smb_pid=7277 smb_uid=28677 smb_mid=3 smt_wct=3 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 1 (0x1) smb_bcc=7 [2006/08/25 13:58:39, 10] lib/util.c:(2053) [000] 49 50 43 00 00 00 00 IPC.... [2006/08/25 13:58:39, 10] libsmb/clientgen.c:(232) cli_init_creds: user domain [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(132) write_socket(5,104) [2006/08/25 13:58:39, 6] libsmb/clientgen.c:(135) write_socket(5,104) wrote 104 [2006/08/25 13:58:39, 10] lib/util_sock.c:(615) got smb length of 35 [2006/08/25 13:58:39, 5] lib/util.c:(454) [2006/08/25 13:58:39, 5] lib/util.c:(464) size=35 smb_com=0xa2 smb_rcls=34 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=55297 smb_tid=32774 smb_pid=7277 smb_uid=28677 smb_mid=4 smt_wct=0 smb_bcc=0 [2006/08/25 13:58:39, 0] rpc_client/cli_pipe.c:(1473) cli_nt_session_open: cli_nt_create failed on pipe \lsarpc to machine diegogcsdc01. Error was NT_STATUS_ACCESS_DENIED could not initialise lsa pipe could not obtain sid for domain Thanks,
Felipe Augusto van de Wiel
2006-Aug-31 15:02 UTC
[Samba] NET JOIN ERROR WITH SOL 10 and W2K3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/30/2006 11:58 AM, Slack, Leon escreveu:> We are currently working on a new systems design which is changing out > our hardware, OSs and applications all at the same. This is our first > crack at trying to get SOL 10 (1/06) and W2K3 server to play nice > together and we can't get the Windows domain controller to pass the SID > to our UNIX server. Any help would be greatly appreciated. We are > currently required to use Samba 3.0.2.0b but we may be able to move to > 3.0.2.3b if upgrading fixes our problem. Below is our smb,conf file:'net getsid' is not working? It should grab the domain SID and store it in your secrets.tdb. Using the latest version of Samba is always a good idea, specially with regards to recent versions of Microsoft Windows.> # Global parameters[...]> Here is our net join command and output: > sysadmin-n1svr (8) ./net join -U administrator -S diegogcsdc01 -l -d 10[...]> [2006/08/25 13:58:39, 5] lib/debug.c:(368)[...]> [2006/08/25 13:58:39, 4] libsmb/namequery.c:(548) > startlmhosts: Can't open lmhosts file > /h/COTS/CIFS/bin/Samba/lib/lmhosts. Error was Permission denied > [2006/08/25 13:58:39, 3] libsmb/namequery.c:(752) > resolve_wins: Attempting wins lookup for name diegogcsdc01<0x20> > [2006/08/25 13:58:39, 3] libsmb/namequery.c:(755) > resolve_wins: WINS server resolution selected and no WINS servers > listed.You should tell your samba about the WINS server in the network. [...]> [2006/08/25 13:58:39, 0] rpc_client/cli_pipe.c:(1473) > cli_nt_session_open: cli_nt_create failed on pipe \lsarpc to machine > diegogcsdc01. Error was NT_STATUS_ACCESS_DENIED > could not initialise lsa pipe > could not obtain sid for domainIf you are using AD, you could try to: ./net ads join <ADS-realm>> Thanks,Kind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFE9vn9Cj65ZxU4gPQRAvZVAJ9NFFepVEYG5SV7Fs9DN8Q7dz6JewCfQgaU n6TIyfvRjJFCQ+O/oza66W4=zxQ1 -----END PGP SIGNATURE-----
Possibly Parallel Threads
- Trouble joining AD 2008 Server
- Linux & Windows clients domain join - Error: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
- SMB Signature verification failed when establish trust with win2003 domain
- net rpc vampire problems
- problem with winbind (netlogon proxy only mode)