Bug 5518 - interdomain trusting fails
interdomain trusting fails
Status: RESOLVED DUPLICATE of bug 5489
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control
Other Linux
: P3 major
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2008-06-03 16:45 UTC by Debian samba package maintainers (PUBLIC MAILING LIST)
Modified: 2008-06-03 19:49 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Debian samba package maintainers (PUBLIC MAILING LIST) 2008-06-03 16:45:29 UTC
From our user (Peter Slickers <pesli@web.de>):

After upgrading all samba-packages from 3.0.28a-3 to 3.0.30-2, trusted accounts
are no longer recognized, and the command 'wbinfo -t' fails. After downgrading
to 3.0.28a-3, everything works fine again.

I'm running a PDC which is trusting another domain which is run by a
Windows-NT4-SP6 domain controller. Users of the NT4 domain can login
to the samba domain. This works fine with samba 3.0.28a-3. After upgrading
to 3.0.30-2, it is no longer possible for the NT4-domain users to
login to the samba domain. In addition, the command 'wbinfo -t' fails
on the samba server.

wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
Could not check secret

I have also traced the output of winbindd in interactive mode
generated after firing up the 'wbinfo -t' command:

/usr/sbin/winbindd -n -i -d10

accepted socket 16
process_request: request fn INTERFACE_VERSION
[ 6770]: request interface version
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[ 6770]: request location of privileged pipe
accepted socket 17
process_request: request fn CHECK_MACHACC
[ 6770]: check machine account
Added timed event "async_request_timeout": 82e7808
timed_events_timeout: 299/999969
child daemon request 33
process_request: request fn CHECK_MACHACC
[ 6768]: check machine account
could not open handle to NETLOGON pipe
Checking the trust account password returned NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND
Storing response for pid 6769, len 3240
Destroying timed event 82e7808 "async_request_timeout"
Retrieving response for pid 6769

After downgrading to 3.0.28a-3, wbinfo runs successfully:
wbinfo -t
checking the trust secret via RPC calls succeeded


Peter Slickers
Comment 1 Jeremy Allison 2008-06-03 17:02:59 UTC
This was broken on 3.0.30. We'll be doing a bugfix release (3.0.31) soon to address this. Sorry for the bug.
Comment 2 Jeremy Allison 2008-06-03 19:49:18 UTC

*** This bug has been marked as a duplicate of 5489 ***