Bug 5518 - interdomain trusting fails
Summary: interdomain trusting fails
Status: RESOLVED DUPLICATE of bug 5489
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.30
Hardware: Other Linux
: P3 major
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL: http://bugs.debian.org/484309
Depends on:
Reported: 2008-06-03 16:45 UTC by Debian samba package maintainers (PUBLIC MAILING LIST)
Modified: 2008-06-03 19:49 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Debian samba package maintainers (PUBLIC MAILING LIST) 2008-06-03 16:45:29 UTC
From our user (Peter Slickers <pesli@web.de>):

After upgrading all samba-packages from 3.0.28a-3 to 3.0.30-2, trusted accounts
are no longer recognized, and the command 'wbinfo -t' fails. After downgrading
to 3.0.28a-3, everything works fine again.

I'm running a PDC which is trusting another domain which is run by a
Windows-NT4-SP6 domain controller. Users of the NT4 domain can login
to the samba domain. This works fine with samba 3.0.28a-3. After upgrading
to 3.0.30-2, it is no longer possible for the NT4-domain users to
login to the samba domain. In addition, the command 'wbinfo -t' fails
on the samba server.

wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
Could not check secret

I have also traced the output of winbindd in interactive mode
generated after firing up the 'wbinfo -t' command:

/usr/sbin/winbindd -n -i -d10

accepted socket 16
process_request: request fn INTERFACE_VERSION
[ 6770]: request interface version
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[ 6770]: request location of privileged pipe
accepted socket 17
process_request: request fn CHECK_MACHACC
[ 6770]: check machine account
Added timed event "async_request_timeout": 82e7808
timed_events_timeout: 299/999969
child daemon request 33
process_request: request fn CHECK_MACHACC
[ 6768]: check machine account
could not open handle to NETLOGON pipe
Checking the trust account password returned NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND
Storing response for pid 6769, len 3240
Destroying timed event 82e7808 "async_request_timeout"
Retrieving response for pid 6769

After downgrading to 3.0.28a-3, wbinfo runs successfully:
wbinfo -t
checking the trust secret via RPC calls succeeded


Peter Slickers
Comment 1 Jeremy Allison 2008-06-03 17:02:59 UTC
This was broken on 3.0.30. We'll be doing a bugfix release (3.0.31) soon to address this. Sorry for the bug.
Comment 2 Jeremy Allison 2008-06-03 19:49:18 UTC

*** This bug has been marked as a duplicate of 5489 ***