After one failed authentication, winbind refuses all next authentication
attempts with NT_STATUS_INVALID_HANDLE message. The same with 3.0.14a was
without problems. Problem is reproduceable anytimes, for example with wbinfo -a
winbindd_v1.patch only gives more info, the problem outlasts.
Expected results are obtained form wbinfo -t, wbinfo -u, etc. anytime, only
wbinfo -m gives nothing (already before failed auth).
PDC is samba-3.0.14a.
I tried some smb.conf changes (caching, schannel, signing, spnego), but without
Created attachment 1443 [details]
Steps to reproduce
Steps to reproduce with winbind responses
Created attachment 1444 [details]
winbindd -Find 10 output form wbinfo attempts from previous attachement
Just a quick info: Got it reproduced. The credential chain check fails on the
3.0.14a PDC. Strange....
Created attachment 1446 [details]
Could you try the attached patch? This fixes it for me.
This is *very* weird, I tested the original and this version against NT4, W2k3
and Samba3.0.14a. Only Samba3.0.14a complained, the others seemed a lot more
Jerry, Jeremy: Could you take a look at the patch?
Volker can you pull jcmd and maybe jpjanoski into this as I believe this may be
related to a change they made here (from svn blame on 3.0) :
9112 jmcd /* moved from right after deal_with_creds above, since we
9112 jmcd supposed to update unless logon was successful */
9112 jmcd reseed_client_creds(&p->dc.clnt_cred,
9112 jmcd memcpy(&p->dc.srv_cred, &p->dc.clnt_cred,
I've changed this for HEAD and I think I need to check this more carefully to
ensure I've got this right.
Created attachment 1447 [details]
Patch for HEAD.
Here's an attachment showing how I've fixed this in HEAD. I think this is
correct (although it's hard to check right now as I'm out of the office).
Attached patch (1446) fixed problem for me too. Thanks.
Only problem with "wbinfo -m" (no output) remains (only cosmetic problem :-). Do
you have this problem too, or it's only some my misconfiguration?
Created attachment 1451 [details]
Patch I've applied to 3.0
Ok, here's how I've fixed this in SVN.
Fixed by svn patch I think.