Zombie Ryushu
2022-Jun-17 22:17 UTC
[Samba] Samba's winbindd is running but seems non-functional.
On 6/17/22 18:09, Jeremy Allison via samba wrote:> On Thu, Jun 16, 2022 at 10:36:40AM -0400, Zombie Ryushu via samba wrote: >> I have issues with what seems to be an entitrely non-functional >> Winbindd. This seems to be the source of my problem. Details below: >> >> 02:32:42 AM) Codebase: codebase at olympia:~> wbinfo -D PUKEY >> failed to call wbcDomainInfo: WBC_ERR_NOT_IMPLEMENTED >> Could not get domain info >> codebase at olympia:~> wbinfo -P >> checking the NETLOGON for domain[-not available-] dc connection to "" >> failed >> failed to call wbcPingDc: WBC_ERR_NOT_IMPLEMENTED >> codebase at olympia:~> wbinfo --all-domains >> failed to call wbcListTrusts: WBC_ERR_NOT_IMPLEMENTED >> codebase at olympia:~> wbinfo --online-status >> failed to call wbcListTrusts: WBC_ERR_NOT_IMPLEMENTED >> Could not show online-status >> codebase at olympia:~> wbinfo --own-domain >> -not available- >> codebase at olympia:~> wbinfo --trusted-domains >> failed to call wbcListTrusts: WBC_ERR_NOT_IMPLEMENTED >> Could not list trusted domains >> (02:33:05 AM) Codebase: This is acting as if winbind isn't configured. >> (02:33:23 AM) Codebase: (I.e. It claims not to be a part of a domain.) >> (02:33:25 AM) masterz at olympia.pukey/Olympia: masterz at kefka:~> wbinfo >> --all-domains >> BUILTIN >> PUKEY-NT >> >> (02:33:35 AM) Codebase: codebase at olympia:~> wbinfo --own-domain >> -not available- >> (02:33:45 AM) Codebase: codebase at olympia:~> wbinfo --all-domains >> failed to call wbcListTrusts: WBC_ERR_NOT_IMPLEMENTED >> (02:33:58 AM) masterz at olympia.pukey/Olympia: masterz at kefka:~> wbinfo >> --own-domain >> PUKEY-NT >> >> (02:34:32 AM) Codebase: That's making me wonder if winbind's >> components are damaged. > > Getting this return WBC_ERR_NOT_IMPLEMENTED seems to imply > a miss-match between components somehow. >samba-dsdb-modules-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 gvfs-backend-samba-1.42.2-4.24.x86_64 libsamba-policy0-python3-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 yast2-samba-provision-1.0.1-1.76.noarch samba-ad-dc-libs-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-ldb-ldap-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-winbind-libs-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-test-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-gpupdate-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-tool-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-client-32bit-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-libs-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-winbind-libs-32bit-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-winbind-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-client-libs-32bit-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-libs-python3-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-client-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-ad-dc-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 samba-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 yast2-samba-server-4.3.4-1.5.noarch samba-python3-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 yast2-samba-client-4.3.5-150300.3.9.1.noarch samba-client-libs-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 Here is my package manifest. olympia:~ # rpm -qa | grep ldb samba-ldb-ldap-4.15.7+git.376.dd43aca9ab2-150300.3.32.1.x86_64 libldb2-32bit-2.4.2-150300.3.15.1.x86_64 libldb2-2.4.2-150300.3.15.1.x86_64 python3-ldb-2.4.2-150300.3.15.1.x86_64 ldb-tools-2.4.2-150300.3.15.1.x86_64 olympia:~ # rpm -qa | grep tdb python3-tdb-1.4.4-150300.3.3.2.x86_64 libtdb1-1.4.4-150300.3.3.2.x86_64 libtdb1-32bit-1.4.4-150300.3.3.2.x86_64 tdb-tools-1.4.4-150300.3.3.2.x86_64
Zombie Ryushu
2022-Jun-20 00:30 UTC
[Samba] Samba's winbindd is running but seems non-functional.
/tmp/.winbindd/pipe
The UNIX pipe over which clients communicate with the |winbindd|
program. For security reasons, the winbind client will only attempt
to connect to the winbindd daemon if both the |/tmp/.winbindd|
directory and |/tmp/.winbindd/pipe| file are owned by root.
$LOCKDIR/winbindd_privileged/pipe
The UNIX pipe over which 'privileged' clients communicate with the
|winbindd| program. For security reasons, access to some winbindd
functions - like those needed by the |ntlm_auth| utility - is
restricted. By default, only users in the 'root' group will get this
access, however the administrator may change the group permissions
on $LOCKDIR/winbindd_privileged to allow programs like 'squid' to
use ntlm_auth. Note that the winbind client will only attempt to
connect to the winbindd daemon if both the
|$LOCKDIR/winbindd_privileged| directory and
|$LOCKDIR/winbindd_privileged/pipe| file are owned by root.
I noticed that I do not have the /tmp/.winbindd/pipe file. What controls
it's creation? I do have the
$LOCKDIR/winbindd_privileged/pipe