Bug 3930 - Problem with trusted domain
Problem with trusted domain
Status: CLOSED INVALID
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.23
Other Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-13 10:42 UTC by Daniel Beschorner
Modified: 2006-08-09 03:24 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Beschorner 2006-07-13 10:42:34 UTC
I can't authenticate users from the trusted domain I-BNEX in my domain without winbind, but the auth request for I-BNEX\Administrator to the foreign DC seems to succeed!
We have a further problem that prevents SID->Name resolving with the trusted domain.

[2006/07/13 17:35:36, 5] rpc_parse/parse_prs.c:prs_uint32(704)
      019c auth_resp   : 00000001
[2006/07/13 17:35:36, 5] rpc_parse/parse_prs.c:prs_ntstatus(763)
      01a0 status      : NT_STATUS_OK
[2006/07/13 17:35:36, 10] libsmb/credentials.c:creds_client_check(325)
  creds_client_check: credentials check OK.
[2006/07/13 17:35:36, 10] passdb/secrets.c:secrets_named_mutex_release(791)
  secrets_named_mutex: released mutex for EXCHANGE2
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_alloc(131)
  Finding user I-BNEX\administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(75)
  Trying _Get_Pwnam(), username as lowercase is i-bnex\administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(83)
  Trying _Get_Pwnam(), username as given is I-BNEX\administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(93)
  Trying _Get_Pwnam(), username as uppercase is I-BNEX\ADMINISTRATOR
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(102)
  Checking combinations of 0 uppercase letters in i-bnex\administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(108)
  Get_Pwnam_internals didn't find user [I-BNEX\administrator]!
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_alloc(131)
  Finding user administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(75)
  Trying _Get_Pwnam(), username as lowercase is administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(93)
  Trying _Get_Pwnam(), username as uppercase is ADMINISTRATOR
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(102)
  Checking combinations of 0 uppercase letters in administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(108)
  Get_Pwnam_internals didn't find user [administrator]!
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_alloc(131)
  Finding user administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(75)
  Trying _Get_Pwnam(), username as lowercase is administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(93)
  Trying _Get_Pwnam(), username as uppercase is ADMINISTRATOR
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(102)
  Checking combinations of 0 uppercase letters in administrator
[2006/07/13 17:35:36, 5] lib/username.c:Get_Pwnam_internals(108)
  Get_Pwnam_internals didn't find user [administrator]!
[2006/07/13 17:35:36, 5] tdb/tdbutil.c:tdb_log(783)
  tdb(unnamed): tdb_open_ex: could not open file /server/samba/var/locks/netsamlogon_cache.tdb: Permission denied
[2006/07/13 17:35:36, 0] libsmb/samlogon_cache.c:netsamlogon_cache_store(124)
  netsamlogon_cache_store: cannot open netsamlogon_cache.tdb for write!
[2006/07/13 17:35:36, 6] libsmb/clientgen.c:write_socket(132)
  write_socket(8,45)
Comment 1 Daniel Beschorner 2006-07-17 11:25:04 UTC
The first part of this bug is my stupidity. Of course samba needs a underlying account when winbind isn't present, so getpwnam fails.

But why does the resolving of SIDs from the trusted domain not work?
Comment 2 Daniel Beschorner 2006-08-09 03:24:41 UTC
first part of this bug was bogus.