LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-17-2004, 07:31 PM   #1
bkesting
Member
 
Registered: Mar 2004
Location: Nebraska
Distribution: SuSE, RedHat
Posts: 36

Rep: Reputation: 15
Winbind problems


Hello,

I am running Suse 9.2 and winbind (Samba 3.0.7-5.2) and am experiencing a strange problem. I am connecting this server to an Active Directory network and everything seems to be working fine for the most part. I can see and resolve Windows user accounts, group accounts and machine accounts. However, after a period of time......when trying to access a samba share from a Windows desktop, my users are prompted with "The password or user name is invalid for \\linux\samba share.....please enter password for \\linux\samba share"

It won't take any password that I can think of. The strange thing is....if I restart the winbind service, everything works fine, for a while. Users are able to access the samba share for a few hours or so, then the problem creeps back up. Again, if I simply restart the winbind service, everything seems to revert back to normal. I have included some of my setup files and log files below, can anyone tell me what is happening...Thanks.

----------/etc/nsswitch.conf--------------
passwd: combat winbind
group: combat winbind
hosts: files host winbind

---------/etc/krb5.conf-------------------
[libdefaults]
default_realm = MYDOMAIN.LOCAL

[realms]
MYDOMAIN.LOCAL = {
kdc = ads-server.mydomain.local
}

------/etc/samba/smb.conf----------------
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.LOCAL
server string = Samba Server
security = ADS
password server = ads-server.mydomain.local
encrypt passwords = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +

[users]
comment = Users on Linux
path = /home/MYDOMAIN
read only = No
browseable = Yes

-------/var/log/samba/log.smbd (end of file)-------
Username MYDOMAIN+HOST$ is invalid on this system
[2004/12/17 14:01:03, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username MYDOMAIN+user is invalid on this system
[2004/12/17 14:01:04, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username MYDOMAIN+HOST$ is invalid on this system
[2004/12/17 14:01:42, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username MYDOMAIN+HOST$ is invalid on this system
[2004/12/17 14:01:42, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username MYDOMAIN+user is invalid on this system

-------------/var/log/samba/log.winbindd--------
[2004/12/17 14:01:03, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'HOST$' does not exist
[2004/12/17 14:01:03, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'USER' does not exist
[2004/12/17 14:01:03, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'USER' does not exist
[2004/12/17 14:01:03, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'USER' does not exist
[2004/12/17 14:01:04, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'host' does not exist
[2004/12/17 14:01:04, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'HOST$' does not exist
[2004/12/17 14:01:42, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'host' does not exist
[2004/12/17 14:01:42, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'HOST' does not exist
[2004/12/17 14:01:42, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'user' does not exist
[2004/12/17 14:01:42, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'user' does not exist
[2004/12/17 14:01:42, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(159)
user 'USER' does not exist
[2004/12/17 14:25:03, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
krb5_cc_get_principal failed (No such file or directory)



I would appreciate any help.....if you need any more info or files, please let me know. Thanks.
 
Old 12-17-2004, 07:50 PM   #2
madluther
Member
 
Registered: Aug 2004
Distribution: LFS
Posts: 350

Rep: Reputation: 31
Winbind isn't used for host resolution, change your nsswitch.conf, remove the winbind entry and add wins.

----------/etc/nsswitch.conf--------------
passwd: combat winbind
group: combat winbind
hosts: files host wins

HTH
 
Old 12-17-2004, 08:30 PM   #3
bkesting
Member
 
Registered: Mar 2004
Location: Nebraska
Distribution: SuSE, RedHat
Posts: 36

Original Poster
Rep: Reputation: 15
I will change nsswitch.conf and see what happens........
 
Old 12-17-2004, 08:35 PM   #4
bkesting
Member
 
Registered: Mar 2004
Location: Nebraska
Distribution: SuSE, RedHat
Posts: 36

Original Poster
Rep: Reputation: 15
I edited the file like you suggested and I restarted the smb, nmb, and winbind services. When I pull up the log.winbindd file, it looks like this:

--------/var/log/samba/log.winbindd-------------
[2004/12/17 20:29:32, 1] nsswitch/winbindd.c:main(854)
winbindd version 3.0.7-5-SUSE started.
Copyright The Samba Team 2000-2004
[2004/12/17 20:29:32, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
krb5_cc_get_principal failed (No such file or directory)
[2004/12/17 20:30:01, 1] nsswitch/winbindd_group.c:winbindd_getgroups(1059)
user 'root' does not exist
 
Old 12-18-2004, 04:27 PM   #5
madluther
Member
 
Registered: Aug 2004
Distribution: LFS
Posts: 350

Rep: Reputation: 31
Have you added root to the smb password database ? If not just run as root ..

smbpasswd -a root

Mad.
 
Old 12-18-2004, 04:58 PM   #6
bkesting
Member
 
Registered: Mar 2004
Location: Nebraska
Distribution: SuSE, RedHat
Posts: 36

Original Poster
Rep: Reputation: 15
I have not done that...........with all my samba users being on the Windows domain, do I need to add that 'root' user in smbpasswd?
 
Old 05-27-2005, 12:47 PM   #7
c0m4
LQ Newbie
 
Registered: May 2005
Posts: 10

Rep: Reputation: 0
First if you are using AD with W2K or W2K3 then use the native dns server for host resolution.

about the actual problem have you made sure to disable the caching on the nscd ?

/etc/nscd.conf -

enable-cache passwd no
enable-cache gourp no
enable-cache host no
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with Samba 3.0.10 and winbind 1.3.4-17 on REL4 dmildh Linux - Enterprise 7 09-28-2005 09:36 AM
winbind --with-winbind-auth-challenge paul_mat Linux - Networking 0 09-27-2005 01:19 AM
Winbind ans Samba problems myguest Linux - Networking 1 06-14-2005 07:18 PM
PAM - Winbind/LDAP Problems. tacoking Linux - Security 0 09-16-2004 07:36 AM
Samba and winbind acount problems hernandi Linux - Networking 0 10-24-2003 05:23 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration