I'm using squid (2.5-STABLE4) in conjunction with samba to authenticate Internet accesses against a Windows DC, in both basic and ntlm flavors. Samba and squid are running on a RedHat9 system that is part of the domain (rpc mode), with a Windows2000 server as the PDC. Everything worked fine with samba-3.0.2a (installed from the RedHat9 rpm downloaded from samba.org). After upgrading the rpm to 3.0.4 (again downloaded from samba.org), it's not working anymore. I even uninstalled the rpm completely, re-installed it(version 3.0.4), re-joined the domain, but no joy. Here is smb.conf, the log file (log.winbindd) and the output from several relevant commands: # cat /etc/samba/smb.conf # Global parameters [global] workgroup = mydomain netbios name = Helen server string = Samba password server = Exchange security = domain winbind uid = 10000-20000 winbind gid = 10000-20000 winbind use default domain = yes ENCRYPT PASSWORDS = YES # net rpc testjoin Join to 'MYDOMAIN' is OK # wbinfo -g BUILTIN\System Operators BUILTIN\Replicators BUILTIN\Guests BUILTIN\Power Users BUILTIN\Print Operators BUILTIN\Administrators BUILTIN\Account Operators BUILTIN\Backup Operators BUILTIN\Users # wbinfo -u Error looking up domain users # cat /var/log/samba/log.winbindd [2004/05/11 16:53:48, 1] nsswitch/winbindd.c:main(843) winbindd version 3.0.4 started. Copyright The Samba Team 2000-2004 [2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain MYDOMAIN S-0-0 [2004/05/11 16:53:48, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) rpc_auth_pipe: wrong schannel auth len 24 [2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain BUILTIN S-1-5-32 [2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain HELEN S-1-5-21-2871162460-128199823-4264430489 [2004/05/11 16:53:48, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) rpc_auth_pipe: wrong schannel auth len 24 [2004/05/11 16:54:21, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) rpc_auth_pipe: wrong schannel auth len 24 # grep win /etc/nsswitch.conf group: files winbind I find 2 things rather strange in the output above: 1) that wbinfo -g returns the Active Directory groups, even though the system joined the domain in domain mode, and 2) the line in log.winbindd about domains HELEN and BUILTIN - the real domain is MYDOMAIN, HELEN is just the samba windows name (see smb.conf above).
*** This bug has been marked as a duplicate of 1315 ***
database cleanup