Bug 1348 - winbind no longer working after upgrading from 3.0.2a to 3.0.4
Summary: winbind no longer working after upgrading from 3.0.2a to 3.0.4
Status: RESOLVED DUPLICATE of bug 1315
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.4
Hardware: All Linux
: P1 major
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-05-13 10:39 UTC by Dan Moinescu
Modified: 2005-11-14 09:24 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dan Moinescu 2004-05-13 10:39:13 UTC 
I'm using squid (2.5-STABLE4) in conjunction with samba to authenticate 
Internet accesses against a Windows DC, in both basic and ntlm flavors. 
 
Samba and squid are running on a RedHat9 system that is part of the domain 
(rpc mode), with a Windows2000 server as the PDC. Everything worked fine with 
samba-3.0.2a (installed from the RedHat9 rpm downloaded from samba.org). After 
upgrading the rpm to 3.0.4 (again downloaded from samba.org), it's not working 
anymore.  I even uninstalled the rpm completely, re-installed it(version 
3.0.4), re-joined the domain, but no joy. 
 
Here is smb.conf, the log file (log.winbindd) and the output from several 
relevant commands: 
 
# cat /etc/samba/smb.conf 
# Global parameters 
[global] 
        workgroup = mydomain 
        netbios name = Helen 
        server string = Samba 
        password server = Exchange 
        security = domain 
        winbind uid = 10000-20000 
        winbind gid = 10000-20000 
        winbind use default domain = yes 
        ENCRYPT PASSWORDS = YES 
 
# net rpc testjoin 
Join to 'MYDOMAIN' is OK 
 
# wbinfo -g 
BUILTIN\System Operators 
BUILTIN\Replicators 
BUILTIN\Guests 
BUILTIN\Power Users 
BUILTIN\Print Operators 
BUILTIN\Administrators 
BUILTIN\Account Operators 
BUILTIN\Backup Operators 
BUILTIN\Users 
 
# wbinfo -u 
Error looking up domain users 
 
# cat /var/log/samba/log.winbindd 
[2004/05/11 16:53:48, 1] nsswitch/winbindd.c:main(843) 
  winbindd version 3.0.4 started. 
  Copyright The Samba Team 2000-2004 
[2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) 
  Added domain MYDOMAIN  S-0-0 
[2004/05/11 16:53:48, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) 
  rpc_auth_pipe: wrong schannel auth len 24 
[2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) 
  Added domain BUILTIN  S-1-5-32 
[2004/05/11 16:53:48, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) 
  Added domain HELEN  S-1-5-21-2871162460-128199823-4264430489 
[2004/05/11 16:53:48, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) 
  rpc_auth_pipe: wrong schannel auth len 24 
[2004/05/11 16:54:21, 0] rpc_client/cli_pipe.c:rpc_auth_pipe(336) 
  rpc_auth_pipe: wrong schannel auth len 24 
 
# grep win /etc/nsswitch.conf 
group:      files winbind 
 
I find 2 things rather strange in the output above: 
1) that wbinfo -g returns the Active Directory groups, 
even though the system joined the domain in domain mode, and 
2) the line in log.winbindd about domains HELEN and BUILTIN - the real domain 
is MYDOMAIN, HELEN is just the samba windows name (see smb.conf above).
Comment 1 Gerald (Jerry) Carter (dead mail address) 2004-05-13 13:37:30 UTC 

*** This bug has been marked as a duplicate of 1315 ***
Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:24:58 UTC 
database cleanup