samba - May 2008 - Samba 3.0.28 failing to authenticate on Win2003 Server Active Directory

I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora
yum package version).  I have successfully joined the server to the AD
realm of a Win2003 server on the office network.

Configuration was done following this guide:

   http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3

However Authentication against the AD server does not work.  When I test
winbind with:

   # wbinfo -u

I get:

   Error looking up domain users

I have also found the following output in /var/log/messages/  It is
generated each time Samba is started (note: date and time have been
removed for clarity)


srv winbindd[6850]: [2008/05/06 11:18:14, 0]
param/loadparm.c:service_ok(3031)
srv winbindd[6850]:   WARNING: No path in service public - making it
unavailable!
srv winbindd[6851]: [2008/05/06 11:18:14, 0]
nsswitch/winbindd_cache.c:initialize_winbindd_cache(2222)
srv winbindd[6851]:   initialize_winbindd_cache: clearing cache and
re-creating with version number 1
srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(41)
srv winbindd[6853]:
==============================================================srv
winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(42)
srv winbindd[6853]:   INTERNAL ERROR: Signal 11 in pid 6853 (3.0.28a-0.fc8)
srv winbindd[6853]:   Please read the Trouble-Shooting section of the
Samba3-HOWTO
srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(44)
srv winbindd[6853]:
srv winbindd[6853]:   From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(45)
srv winbindd[6853]:
==============================================================srv
winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655)
srv winbindd[6853]:   PANIC (pid 6853): internal error
srv winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/util.c:log_stack_trace(1759)
srv winbindd[6853]:   BACKTRACE: 19 stack frames:
srv winbindd[6853]:    #0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d]
srv winbindd[6853]:    #1 winbindd(smb_panic+0x5d) [0xb7d5dfcd]
srv winbindd[6853]:    #2 winbindd [0xb7d48a4a]
srv winbindd[6853]:    #3 [0x12d420]
srv winbindd[6853]:    #4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638]
srv winbindd[6853]:    #5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6]
srv winbindd[6853]:    #6 winbindd [0xb7cea8f9]
srv winbindd[6853]:    #7 winbindd [0xb7ced6e7]
srv winbindd[6853]:    #8 winbindd [0xb7cd2649]
srv winbindd[6853]:    #9 winbindd [0xb7cd2d29]
srv winbindd[6853]:    #10 winbindd [0xb7cd31a8]
srv winbindd[6853]:    #11
winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008]
srv winbindd[6853]:    #12 winbindd [0xb7cf3622]
srv winbindd[6853]:    #13 winbindd(init_child_connection+0x19a)
[0xb7ccfdaa]
srv winbindd[6853]:    #14 winbindd(async_domain_request+0xb6) [0xb7cf4f86]
srv winbindd[6853]:    #15 winbindd(rescan_trusted_domains+0x110)
[0xb7cd03f0]
srv winbindd[6853]:    #16 winbindd(main+0x75d) [0xb7cc5e0d]
srv winbindd[6853]:    #17 /lib/libc.so.6(__libc_start_main+0xe0) [0x2e3390]
srv winbindd[6853]:    #18 winbindd [0xb7cc42a1]
srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181)
srv winbindd[6853]:   dumping core in /var/log/samba/cores/winbindd
srv winbindd[6853]:


The Samba config file /etc/samba/smb.conf

   [global]
     log file = /var/log/samba/log.%m
     workgroup = SLA
     realm = SLA.COM.AU
     preferred master = no
     server string = Merit1
     security = ADS
     encrypt passwords = yes
     log level = 3
     max log size = 50
     printcap name = cups
     printing = cups
     winbind enum users = Yes
     winbind enum groups = Yes
     winbind use default domain = Yes
     winbind nested groups = Yes
     winbind separator = +
     idmap uid = 600-20000
     idmap gid = 600-20000
     template shell = /bin/bash
     template homedir = /home/domain/%D/%U

   [homes]
     comment = Home Direcotries
     valid users = %S
     read only = No
     browseable = No

   [netlogon]
     comment = Network Logon Service
     path = /var/lib/samba/netlogon
     guest ok = yes
     writable = no
     share modes = no

I have used Samba in small workgroups for some years, but this is the
first time that I have tried anything with Active Directory, so I am way
out of my depth.

Can anyone recommend how I should go about troubleshooting this issue?
if you require more information please let me know.

Regards,
Langdon

> http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3
I believe these directions are for setting up Samba as an NT4 style
PDC.
>From your description it sounds like you want the samba server to be a
domain member server in a Win2003 AD and use winbind to authenticate
users. If that's the case and you followed the directions on that
website, then your samba config is definitely not going to work for you.

I suggest reading chapters 3 and 6 here if you haven't already:
http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/

Here's some good troubleshooting tips:
http://us3.samba.org/samba/docs/using_samba/ch12.html#samba2-CHP-12-SECT
-2.5.3

Matt

-----Original Message-----
From: samba-bounces+matt.humrick=advatechpacific.com@lists.samba.org
[mailto:samba-bounces+matt.humrick=advatechpacific.com@lists.samba.org]
On Behalf Of Langdon Stevenson
Sent: Sunday, May 11, 2008 11:36 PM
To: samba@lists.samba.org
Subject: [Samba] Samba 3.0.28 failing to authenticate on Win2003
ServerActive Directory

I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora
yum package version).  I have successfully joined the server to the AD
realm of a Win2003 server on the office network.

Configuration was done following this guide:

   http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3

However Authentication against the AD server does not work.  When I test
winbind with:

   # wbinfo -u

I get:

   Error looking up domain users

I have also found the following output in /var/log/messages/  It is
generated each time Samba is started (note: date and time have been
removed for clarity)


srv winbindd[6850]: [2008/05/06 11:18:14, 0]
param/loadparm.c:service_ok(3031)
srv winbindd[6850]:   WARNING: No path in service public - making it
unavailable!
srv winbindd[6851]: [2008/05/06 11:18:14, 0]
nsswitch/winbindd_cache.c:initialize_winbindd_cache(2222)
srv winbindd[6851]:   initialize_winbindd_cache: clearing cache and
re-creating with version number 1
srv winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/fault.c:fault_report(41)
srv winbindd[6853]:
==============================================================srv
winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/fault.c:fault_report(42)
srv winbindd[6853]:   INTERNAL ERROR: Signal 11 in pid 6853
(3.0.28a-0.fc8)
srv winbindd[6853]:   Please read the Trouble-Shooting section of the
Samba3-HOWTO
srv winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/fault.c:fault_report(44)
srv winbindd[6853]:
srv winbindd[6853]:   From:
http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
srv winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/fault.c:fault_report(45)
srv winbindd[6853]:
==============================================================srv
winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655)
srv winbindd[6853]:   PANIC (pid 6853): internal error
srv winbindd[6853]: [2008/05/06 11:18:14, 0]
lib/util.c:log_stack_trace(1759)
srv winbindd[6853]:   BACKTRACE: 19 stack frames:
srv winbindd[6853]:    #0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d]
srv winbindd[6853]:    #1 winbindd(smb_panic+0x5d) [0xb7d5dfcd]
srv winbindd[6853]:    #2 winbindd [0xb7d48a4a]
srv winbindd[6853]:    #3 [0x12d420]
srv winbindd[6853]:    #4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638]
srv winbindd[6853]:    #5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6]
srv winbindd[6853]:    #6 winbindd [0xb7cea8f9]
srv winbindd[6853]:    #7 winbindd [0xb7ced6e7]
srv winbindd[6853]:    #8 winbindd [0xb7cd2649]
srv winbindd[6853]:    #9 winbindd [0xb7cd2d29]
srv winbindd[6853]:    #10 winbindd [0xb7cd31a8]
srv winbindd[6853]:    #11
winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008]
srv winbindd[6853]:    #12 winbindd [0xb7cf3622]
srv winbindd[6853]:    #13 winbindd(init_child_connection+0x19a)
[0xb7ccfdaa]
srv winbindd[6853]:    #14 winbindd(async_domain_request+0xb6)
[0xb7cf4f86]
srv winbindd[6853]:    #15 winbindd(rescan_trusted_domains+0x110)
[0xb7cd03f0]
srv winbindd[6853]:    #16 winbindd(main+0x75d) [0xb7cc5e0d]
srv winbindd[6853]:    #17 /lib/libc.so.6(__libc_start_main+0xe0)
[0x2e3390]
srv winbindd[6853]:    #18 winbindd [0xb7cc42a1]
srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181)
srv winbindd[6853]:   dumping core in /var/log/samba/cores/winbindd
srv winbindd[6853]:


The Samba config file /etc/samba/smb.conf

   [global]
     log file = /var/log/samba/log.%m
     workgroup = SLA
     realm = SLA.COM.AU
     preferred master = no
     server string = Merit1
     security = ADS
     encrypt passwords = yes
     log level = 3
     max log size = 50
     printcap name = cups
     printing = cups
     winbind enum users = Yes
     winbind enum groups = Yes
     winbind use default domain = Yes
     winbind nested groups = Yes
     winbind separator = +
     idmap uid = 600-20000
     idmap gid = 600-20000
     template shell = /bin/bash
     template homedir = /home/domain/%D/%U

   [homes]
     comment = Home Direcotries
     valid users = %S
     read only = No
     browseable = No

   [netlogon]
     comment = Network Logon Service
     path = /var/lib/samba/netlogon
     guest ok = yes
     writable = no
     share modes = no

I have used Samba in small workgroups for some years, but this is the
first time that I have tried anything with Active Directory, so I am way
out of my depth.

Can anyone recommend how I should go about troubleshooting this issue?
if you require more information please let me know.

Regards,
Langdon

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba