Hello all,
I'm having a problem with winbind not able to start. I've joined an
active directory domain successfully using likewise and for brief time this was
working, people were able to mount drives by their active directory account. I
know that likewise is working because I'm successfully able to ssh into the
box using these accounts. But now windbind has stubbornly refused to start. Yet
strangely when I run net ads info I get good information back but winbind claims
this " Could not fetch our SID - did we join?"
Any thoughts?
thank you
eric
ubuntu 10.4 LTS
likewise-open 5.4.0.42111-2ubu
samba 2:3.4.7~dfsg-1ub
error message:
[2012/01/18 11:03:18, 0] winbindd/winbindd.c:1258(main)
winbindd version 3.4.7 started.
Copyright Andrew Tridgell and the Samba Team 1992-2009
[2012/01/18 11:03:18, 0]
winbindd/winbindd_cache.c:2578(initialize_winbindd_cache)
initialize_winbindd_cache: clearing cache and re-creating with version number
1
[2012/01/18 11:03:18, 0] winbindd/winbindd_util.c:782(init_domain_list)
Could not fetch our SID - did we join?
[2012/01/18 11:03:18, 0] winbindd/winbindd.c:1399(main)
unable to initialize domain list
root at iron:~# net ads info
LDAP server: 192.168.1.220
LDAP server name: lewis.ts3d.lan
Realm: TS3D.LAN
Bind Path: dc=TS3D,dc=LAN
LDAP port: 389
Server time: Wed, 18 Jan 2012 11:02:33 PST
KDC server: 192.168.1.220
Server time offset: 6
smb.conf
workgroup = TS3D
realm = TS3D.LAN
server string = %h server (Samba, Ubuntu)
security = ADS
idmap backend = lwopen
idmap uid = 6000-9999999999
idmap gid = 12000-9999999999
encrypt passwords = yes
winbind use default domain = yes
LSA Server Status:
Compiled daemon version: 5.0.0.0
Packaged product version: 5.4.0.42111
Uptime: 0 days 18 hours 3 minutes 31 seconds
[Authentication provider: lsa-activedirectory-provider]
Status: Online
Mode: Un-provisioned
Domain: TS3D.LAN
Forest: ts3d.lan
Site: Default-First-Site-Name
Online check interval: 300 seconds
[Trusted Domains: 4]
[Domain: TS3D]
DNS Domain: ts3d.lan
Netbios name: TS3D
Forest name: ts3d.lan
Trustee DNS name:
Client site name: Default-First-Site-Name
Domain SID: S-1-5-21-1829495566-3183369087-890321766
Domain GUID: 2e91032e-23fb-ba48-881d-b29c3c40f2bd
Trust Flags: [0x001d]
[0x0001 - In forest]
[0x0004 - Tree root]
[0x0008 - Primary]
[0x0010 - Native]
Trust type: Up Level
Trust Attributes: [0x0000]
Trust Direction: Primary Domain
Trust Mode: In my forest Trust (MFT)
Domain flags: [0x0001]
[0x0001 - Primary]
[Domain Controller (DC) Information]
DC Name: lewis.ts3d.lan
DC Address: xxx.xxx.xxx
DC Site: Default-First-Site-Name
DC Flags: [0x000033fd]
DC Is PDC: yes
DC is time server: yes
DC has writeable DS: yes
DC is Global Catalog: yes
DC is running KDC: yes
eric
Eric Smith
Senior Network Administrator | Tech Soft 3D
http://www.techsoft3d.com
skype: eric_ae_smith
phone: 510-333-1729
Build with the Best
On Wed, Jan 18, 2012 at 07:36:31PM +0000, Eric Smith wrote:> I'm having a problem with winbind not able to start. I've > joined an active directory domain successfully using > likewise and for brief time this was working, people were > able to mount drives by their active directory account. I > know that likewise is working because I'm successfully > able to ssh into the box using these accounts. But now > windbind has stubbornly refused to start. Yet strangely > when I run net ads info I get good information back but > winbind claims this " Could not fetch our SID - did we > join?" > > Any thoughts?As far as I know parts of likewise functionality is exactly what winbind does. So it does not really make sense to run them simultaneously. Either run winbind or run likewise. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 G?ttingen phone: +49-551-370000-0, fax: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kontakt at sernet.de