samba - Jul 2008 - Samba winbind under Solaris 8 and Bash shell

Dear All,

for several weeks and with several attempts using different versions and
compilers etc. I'm trying to get Samba winbind running on a Solaris 8
workstation. I compiled Samba winbind with Sun studio 11 compiler and I really
don't believe it has something to do with the compilation process.

The problem I'm facing is that I can join our Win2k3 domain fine. I can
lookup all the users and groups. That all is working fine and also at an
acceptable speed. It improved a lot when I changed the log level from 10 to 3. I
switched it to 10 to debug the problem.

For testing I only configured the "other" section in /etc/pam.conf. I
added:

other sufficient pam_winbind.so.1 to the top of the "auth" and
"account" sections. I can login with an AD user account. But whenever
I switch to the bash shell i can't run any commands. Running a command
results in the command beeing put into background immediately. This only occurs
when I'm running the bash shell. Any other shell works just fine. But even
here I get disconnect after a few minutes. I checked all the logs and this is
all I get:

Jul  9 07:22:34 suse8 nmbd[447]: [ID 702911 daemon.error] [2008/07/09 07:22:34,
0] nmbd/nmbd.c:(742)
Jul  9 07:22:34 suse8 nmbd[447]: [ID 702911 daemon.error]   standard input is no
t a socket, assuming -D option
Jul  9 07:22:35 suse8 smbd[449]: [ID 702911 daemon.error] [2008/07/09 07:22:35,
0] smbd/server.c:(986)
Jul  9 07:22:35 suse8 smbd[449]: [ID 702911 daemon.error]   standard input is no
t a socket, assuming -D option
Jul  9 07:22:36 suse8 winbindd[455]: [ID 702911 daemon.error] [2008/07/09 07:22:
36, 0] nsswitch/winbindd_cache.c:(2229)
Jul  9 07:22:36 suse8 winbindd[455]: [ID 702911 daemon.error]   initialize_winbi
ndd_cache: clearing cache and re-creating with version number 1
Jul  9 07:22:45 suse8 smbd[452]: [ID 702911 daemon.error] [2008/07/09 07:22:45,
0] auth/auth_util.c:(792)
Jul  9 07:22:45 suse8 smbd[452]: [ID 702911 daemon.error]   create_builtin_admin
istrators: Failed to create Administrators
Jul  9 07:22:45 suse8 smbd[452]: [ID 702911 daemon.error] [2008/07/09 07:22:45,
0] auth/auth_util.c:(758)
Jul  9 07:22:45 suse8 smbd[452]: [ID 702911 daemon.error]   create_builtin_users
: Failed to create Users
Jul  9 07:22:54 suse8 ntpdate[180]: [ID 398266 daemon.notice] waiting 300 second
s before trying again
Jul  9 07:23:11 suse8 sshd[466]: [ID 129890 auth.error] pam_winbind(sshd): reque
st failed: No such user, PAM error was No account present for user (13), NT erro
r was NT_STATUS_NO_SUCH_USER

Strange is that the NT_STATUS_NO_SUCH_USER appears after i successfully logged
in via ssh and logged out.

The Pam module is in place:

 ls -alrt /usr/lib/security/pam_winbind*
-rw-r--r--   1 root     other     102364 Jul  8 14:53
/usr/lib/security/pam_winbind.so.1

and also the nss module:

bash-2.03# ls -alrt /usr/lib/nss_*
-rwxr-xr-x   1 root     bin        14564 Jan  5  2000 /usr/lib/nss_xfn.so.1
-rwxr-xr-x   1 root     bin        13476 Jun 13  2005 /usr/lib/nss_user.so.1
-rwxr-xr-x   1 root     bin        26296 Oct 20  2005 /usr/lib/nss_compat.so.1
-rwxr-xr-x   1 root     bin        54900 May 13 17:20 /usr/lib/nss_nisplus.so.1
-rwxr-xr-x   1 root     bin        46180 May 13 17:20 /usr/lib/nss_nis.so.1
-rwxr-xr-x   1 root     bin        89644 May 13 17:20 /usr/lib/nss_ldap.so.1
-rwxr-xr-x   1 root     bin        44836 May 13 17:20 /usr/lib/nss_files.so.1
-rwxr-xr-x   1 root     bin        24540 Jun 10 16:35 /usr/lib/nss_dns.so.1
-rw-r--r--   1 root     other      74372 Jul  8 14:19 /usr/lib/nss_winbind.so.1
-rw-r--r--   1 root     other    1842164 Jul  8 14:20 /usr/lib/nss_wins.so.1

I haven't changed any permissions on the files that were installed by the
"make install" script. Maybe there is something wrong?

Or am I missing an important patch?

bash-2.03# uname -a
SunOS suse8 5.8 Generic_117350-55 sun4u sparc SUNW,Ultra-5_10

my smb.conf:

[global]
        netbios name = suse8
        realm = VEGAGROUP.NET
        workgroup = VEGA
        security = ADS
        encrypt passwords = yes
        password server = gedacv7 gedacv8
        os level = 8
        socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
        idmap backend = ad
        idmap config VEGA:schema_mode = sfu
        winbind nss info = sfu
        allow trusted domains = no
        winbind enum users = yes
        winbind enum groups = yes
        preferred master = no
        #winbind nested groups = Yes
        winbind use default domain = Yes
        log level = 3
        max log size = 50
        log file = /var/log/samba/log.%m
        dns proxy = no
        wins server = 172.20.205.7 172.20.205.8
        client use spnego = Yes
        #use kerberos keytab = true
        #winbind offline logon = no

First I thought this problem could be related to the idmap_rid module that
I'm using. But even switching to idmap_ad didn't solve it. I'm
really lost and don't know what else I could do to analyze the problem. Any
help would be much appreciated.

Kind Regards,
Oliver
-- 
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal f?r Modem und ISDN: http://www.gmx.net/de/go/smartsurfer