David Lee
2007-May-16 17:07 UTC
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native : No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native : No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee ---------------------------- Living Stones, Flore, UK
Rune Tønnesen
2007-May-17 00:21 UTC
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune T?nnesen Venlig Hilsen/Best Regards> > I only have limited Samba experience, and expect this is a silly mistake, but > have been unable to find a solution > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > (SPARKSTONELX), aiming to unify logins with other windows machines accessing > the PDC, again samba/Debian, with tdbsam password backend. All is well, > joining the domain, and getting account details using wbinfo -u, but getent > passwd only gives the local account details. > > The log file on the PDC (FILESTONE) reports > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > get_md4pw: Workstation SPARKSTONELX$: no account in domain > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > _net_auth2: failed to get machine password for account SPARKSTONELX$: > NT_STATUS_ACCESS_DENIED > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > group sparkstonelx$ in domain STONES does not exist > > and on the Linux desktop > > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > received from remo > te machine FILESTONE pipe \lsarpc fnum 0x767a! > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native : No > Primary : Yes > Sequence : 1179266454 > FILESTONE pipe \samr > fnum 0x767b! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > FILESTONE pipe \lsar > pc fnum 0x767e! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > > but > > sparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native : No > Primary : Yes > Sequence : 1179266454 > > Any ideas? > > My network is about 6 machines in a Christian community, some being XP home, > which limits my possible security settings! > -- > David Lee > ---------------------------- > Living Stones, Flore, UK > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
David Lee
2007-May-17 17:31 UTC
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
Hi Rune I have passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis and am now wondering what the netgroup entry is doing. Other than that, it looks OK to me. Removing the netgroup entry does not help. David Lee ---------- Forwarded Message ---------- Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd only gives local users Date: Thursday 17 May 2007 01:20 From: Rune T?nnesen Hi' David have you checked your setup in the /etc/nsswitch.conf file? -- Rune T?nnesen Venlig Hilsen/Best Regards> I only have limited Samba experience, and expect this is a silly mistake, > but have been unable to find a solution > > I have installed Samba and Winbind on my desktop Linux (Debian) machine > (SPARKSTONELX), aiming to unify logins with other windows machines > accessing the PDC, again samba/Debian, with tdbsam password backend. All is > well, joining the domain, and getting account details using wbinfo -u, but > getent passwd only gives the local account details. > > The log file on the PDC (FILESTONE) reports > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) > get_md4pw: Workstation SPARKSTONELX$: no account in domain > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) > _net_auth2: failed to get machine password for account SPARKSTONELX$: > NT_STATUS_ACCESS_DENIED > > [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) > group sparkstonelx$ in domain STONES does not exist > > and on the Linux desktop > > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) > cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR > received from remo > te machine FILESTONE pipe \lsarpc fnum 0x767a! > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote > machinesparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native : No > Primary : Yes > Sequence : 1179266454 > FILESTONE pipe \samr > fnum 0x767b! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > [2007/05/15 22:30:18, 1] > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) > cli_pipe_validate_current_pdu: Bind NACK received from remote machine > FILESTONE pipe \lsar > pc fnum 0x767e! > [2007/05/15 22:30:18, 0] > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) > cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error > NT_STATUS_NETWORK_ > ACCESS_DENIED > > but > > sparkstonelx:/var/log/samba# wbinfo --own-domain > STONES > sparkstonelx:/var/log/samba# wbinfo -t > checking the trust secret via RPC calls succeeded > sparkstonelx:/var/log/samba# wbinfo -D stones > Name : STONES > Alt_Name : > SID : S-1-5-21-835963941-2627181251-1431239077 > Active Directory : No > Native : No > Primary : Yes > Sequence : 1179266454 > > Any ideas? > > My network is about 6 machines in a Christian community, some being XP > home, which limits my possible security settings! > -- > David Lee > ---------------------------- > Living Stones, Flore, UK > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba------------------------------------------------------- -- David Lee ---------------------------- Living Stones, Flore, UK
David Lee
2007-May-25 16:14 UTC
[Samba] Winbind - wbinfo -u works, getent passwd only gives local users
I only have limited Samba experience, and expect this is a silly mistake, but have been unable to find a solution I have installed Samba and Winbind on my desktop Linux (Debian) machine (SPARKSTONELX), aiming to unify logins with other windows machines accessing the PDC, again samba/Debian, with tdbsam password backend. All is well, joining the domain, and getting account details using wbinfo -u, but getent passwd only gives the local account details. The log file on the PDC (FILESTONE) reports [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242) get_md4pw: Workstation SPARKSTONELX$: no account in domain [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461) _net_auth2: failed to get machine password for account SPARKSTONELX$: NT_STATUS_ACCESS_DENIED [2007/05/15 22:31:52, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in domain STONES does not exist and on the Linux desktop [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remo te machine FILESTONE pipe \lsarpc fnum 0x767a! [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machinesparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native : No Primary : Yes Sequence : 1179266454 FILESTONE pipe \samr fnum 0x767b! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED [2007/05/15 22:30:18, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601) cli_pipe_validate_current_pdu: Bind NACK received from remote machine FILESTONE pipe \lsar pc fnum 0x767e! [2007/05/15 22:30:18, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ ACCESS_DENIED but sparkstonelx:/var/log/samba# wbinfo --own-domain STONES sparkstonelx:/var/log/samba# wbinfo -t checking the trust secret via RPC calls succeeded sparkstonelx:/var/log/samba# wbinfo -D stones Name : STONES Alt_Name : SID : S-1-5-21-835963941-2627181251-1431239077 Active Directory : No Native : No Primary : Yes Sequence : 1179266454 Any ideas? My network is about 6 machines in a Christian community, some being XP home, which limits my possible security settings! -- David Lee ---------------------------- Living Stones, Flore, UK