Mark Taylor
2008-Dec-02 14:51 UTC
[Samba] Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"
Hi Samba Bods,
Sorry for re-posting this one but I got no response to my last post except
for a level 10 logs request which I uploaded last week.
I have been looking at numerous howtos and newsgroup postings and I cannot
spot what the issue is. I am sure its a simple config issue, but I am lost
..
I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using
"security = SERVER" in the smb.conf works fine, however I am having
some issues when using "security = ADS" ..
I have followed numerous HOWTOs and newsgroup listings and seem to be
going round in circles ..
I think I can authenticate ok against the domain win2k3 server, but
then Samba bombs out with the following errors fvrom smbclient on the
host:
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)
Also mapping from a windows system just gives the message "The mapped
network drive could not be created because the following error has
occured: The specified network name is no longer available."
Excuse the LIBPATH stuff it is to get around kinit and klist not
working if I set the variable permanently. I was originally using
3.0.28 pre-compiled from samba.org and got the same issues.
So, I think I am authenticating ok .. but where to go from here
because I get the "session setup failed: Call returned zero bytes
(EOF)" error and I can see the following errors in the
"smbd.log"
$ cat smbd.log
<snip>
[2008/11/25 14:49:43, 2] lib/messages_local.c:message_notify(270)
message to process 94214 failed - No such process
[2008/11/25 14:49:43, 2] lib/messages_local.c:messaging_tdb_send(358)
pid 94214 doesn't exist - deleting messages record
[2008/11/25 14:49:43, 2] lib/messages.c:traverse_fn(127)
pid 94214 doesn't exist - deleting connections -1 []
<snip>
###-----------------------------------------###
... some back ground and config ..
###----------------------------------------###
$ cat /etc/smb.conf
# Samba config file created using SWAT
# from ##.##.223.72 (##.##.223.72)
# Date: 2008/11/21 16:29:18
[global]
workgroup = UK
realm = UK.DOMAIN.NET
netbios name = myhostname
netbios aliases = MYHOSTNAME
server string = Samba: version %v, host %h
security = ADS
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 10
max log size = 2048
auth methods = winbind
password server = my_password_server.uk.domain.net
max log size = 2048
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
passdb backend = tdbsam
idmap backend = ad
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind nss info = rfc2307
winbind separator = +
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%U
template shell = /bin/ksh
ldap suffix = "dc=uk,dc=domain.net"
client use spnego = yes
client signing = yes
[sambatest]
path = /tmp/sambatest
valid users = UK+username
read only = No
writable=yes
browseable=yes
create mask = 0770
[homes]
comment = Home Directories
browseable = no
writeable = yes
create mask = 0640
$ cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = UK.DOMAIN.NET
default_tkt_enctypes = des-cbc-md5 des-cbc-crc
default_tgs_enctypes = des-cbc-md5 des-cbc-crc
[realms]
UK.DOMAIN.NET = {
kdc = my_password_server.uk.domain.net
admin_server = my_password_server.uk.domain.net
default_domain = uk.domain.net
}
[domain_realm]
.uk.domain.net = UK.DOMAIN.NET
uk.domain.net = UK.DOMAIN.NET
$ cat /usr/lib/security/methods.cfg
WINBIND:
program = /usr/lib/security/WINBIND
options = debug
KRB5A:
program = /usr/lib/security/KRB5A
options = authonly
KRB5Afiles:
options = db=BUILTIN,auth=KRB5A
## WINBIND copied in from /usr/local/samba/sbin
$ ls -l /usr/lib/security/WINBIND
-rwxr-xr-x 1 root system 9381212 25 Nov 09:57 /usr/lib/
security/WINBIND
$ grep -p WINBIND /etc/security/user
default:
admin = false
login = true
su = false
daemon = true
rlogin = false
sugroups = ALL
admgroups ttys = ALL
auth1 = SYSTEM
auth2 = NONE
tpath = nosak
umask = 027
expires = 0
SYSTEM = "WINBIND or compat"
logintimes pwdwarntime = 0
account_locked = false
loginretries = 5
histexpire = 0
histsize = 4
minage = 0
maxage = 12
maxexpired = -1
minalpha = 1
minother = 1
minlen = 8
mindiff = 0
maxrepeats = 4
dictionlist pwdchecks
$ echo password | kinit ad...@UK.DOMAIN.NET
Password for ad...@UK.DOMAIN.NET:
Done!
New ticket is stored in cache file //krb5cc_root
$ klist -e
Credentials cache: //krb5cc_root
Default principal: ad...@UK.DOMAIN.NET
Number of entries: 1
[1] Service principal: krbtgt/UK.DOMAIN....@UK.DOMAIN.NET
Valid starting: 26 November 2008 at 13:31:58
Expires: 26 November 2008 at 23:31:58
Encryption type: DES CBC mode with MD5
$ /etc/rc.d/init.d/samba start
Info: Starting Samba...
Info: /usr/sbin/nmbd [OK]
Info: /usr/sbin/smbd [OK]
Info: /usr/lib/security/WINBIND [OK]
$ /etc/rc.d/init.d/samba status
Info: Samba Running.
UID PID PPID C STIME TTY TIME CMD
root 299050 303186 0 13:34:09 - 0:00 /usr/sbin/smbd -D
UID PID PPID C STIME TTY TIME CMD
root 303186 1 5 13:34:09 - 0:00 /usr/sbin/smbd -D
UID PID PPID C STIME TTY TIME CMD
root 327746 417800 15 13:34:10 - 0:00 /usr/lib/security/
WINBIND
UID PID PPID C STIME TTY TIME CMD
root 340002 417800 15 13:34:11 - 0:00 /usr/lib/security/
WINBIND
UID PID PPID C STIME TTY TIME CMD
root 389346 1 6 13:34:08 - 0:00 /usr/sbin/nmbd -D
UID PID PPID C STIME TTY TIME CMD
root 417800 1 15 13:34:10 - 0:00 /usr/lib/security/
WINBIND
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads testjoin -U admin
Join is OK
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/net
ads join -U admin%password
Using short domain name -- UK
Joined MYHOSTNAME to realm 'uk.domain.net'
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo -a "uk+myusername"%mypassword
plaintext password authentication succeeded
challenge/response password authentication succeeded
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
wbinfo --set-auth-user=admin%password
$ echo $?
0
$ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/
smbclient -L myhostname -U UK+myusername
Enter UK+myusername's password: mypassword
Receiving SMB: Server stopped responding
session setup failed: Call returned zero bytes (EOF)
Any help greatly appreciated ..
Cheers
Mark http://www.nabble.com/file/p20793719/sambalogs-L10-1.tar.gz
sambalogs-L10-1.tar.gz
--
View this message in context:
http://www.nabble.com/Samba-ADS-Error-%22Session-setup-failed%3A-Call-returned-zero-bytes-%28EOF%29%22-tp20793719p20793719.html
Sent from the Samba - General mailing list archive at Nabble.com.
Volker Lendecke
2008-Dec-02 15:01 UTC
[Samba] Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"
On Tue, Dec 02, 2008 at 06:51:31AM -0800, Mark Taylor wrote:> Sorry for re-posting this one but I got no response to my last post except > for a level 10 logs request which I uploaded last week.The logfile stops at [2008/11/27 12:16:40, 5] lib/username.c:Get_Pwnam_internals(77) Trying _Get_Pwnam(), username as lowercase is uk+myusername This means it is very likely you have a problem with winbindd or other more severe system problems. Try a getent passwd uk+myusername or whatever asks the NSS subsystem for the user entry of uk+myusername. I would suspect that this hangs. If it hangs, fix the hang and try again. If it does not hang, please send in the complete log files. Thanks, Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20081202/14a09e00/attachment.bin
Mark Taylor
2008-Dec-03 10:25 UTC
[Samba] Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"
Thanks for your response Volker, I will inv further .. -- View this message in context: http://www.nabble.com/Samba-ADS-Error-%22Session-setup-failed%3A-Call-returned-zero-bytes-%28EOF%29%22-tp20793719p20810286.html Sent from the Samba - General mailing list archive at Nabble.com.
Possibly Parallel Threads
- AIX 53TL8 Samba 3.2.4 Active Directory Win2k3 - "session setup failed: Call returned zero bytes (EOF)"
- RE: Samba/AD and AIX (WAS: Dependent module /usr/lib/libiconv.a)
- Re: Samba 3.0.23c and libiconv on AIX 5.3
- pware SAMBA 3.5.11 WINBIND failing to load upon AIX 7.1
- Running samba in Kubernetes