Re: [Samba] Samba ADS Error Session setup failed: Call returned zero bytes (EOF)
Thanks for your response Volker, I will inv further .. -- View this message in context: http://www.nabble.com/Samba-ADS-Error-%22Session-setup-failed%3A-Call-returned-zero-bytes-%28EOF%29%22-tp20793719p20810286.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba ADS Error Session setup failed: Call returned zero bytes (EOF)
Hi Samba Bods, Sorry for re-posting this one but I got no response to my last post except for a level 10 logs request which I uploaded last week. I have been looking at numerous howtos and newsgroup postings and I cannot spot what the issue is. I am sure its a simple config issue, but I am lost .. I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using security = SERVER in the smb.conf works fine, however I am having some issues when using security = ADS .. I have followed numerous HOWTOs and newsgroup listings and seem to be going round in circles .. I think I can authenticate ok against the domain win2k3 server, but then Samba bombs out with the following errors fvrom smbclient on the host: $ LIBPATH=/opt/pware/lib:/usr/local/samba/lib /usr/local/samba/bin/ smbclient -L myhostname -U UK+myusername Enter UK+myusername's password: mypassword Receiving SMB: Server stopped responding session setup failed: Call returned zero bytes (EOF) Also mapping from a windows system just gives the message The mapped network drive could not be created because the following error has occured: The specified network name is no longer available. Excuse the LIBPATH stuff it is to get around kinit and klist not working if I set the variable permanently. I was originally using 3.0.28 pre-compiled from samba.org and got the same issues. So, I think I am authenticating ok .. but where to go from here because I get the session setup failed: Call returned zero bytes (EOF) error and I can see the following errors in the smbd.log $ cat smbd.log snip [2008/11/25 14:49:43, 2] lib/messages_local.c:message_notify(270) message to process 94214 failed - No such process [2008/11/25 14:49:43, 2] lib/messages_local.c:messaging_tdb_send(358) pid 94214 doesn't exist - deleting messages record [2008/11/25 14:49:43, 2] lib/messages.c:traverse_fn(127) pid 94214 doesn't exist - deleting connections -1 [] snip ###-### ... some back ground and config .. ###### $ cat /etc/smb.conf # Samba config file created using SWAT # from ##.##.223.72 (##.##.223.72) # Date: 2008/11/21 16:29:18 [global] workgroup = UK realm = UK.DOMAIN.NET netbios name = myhostname netbios aliases = MYHOSTNAME server string = Samba: version %v, host %h security = ADS encrypt passwords = yes log file = /var/log/samba/log.%m log level = 10 max log size = 2048 auth methods = winbind password server = my_password_server.uk.domain.net max log size = 2048 preferred master = No local master = No domain master = No dns proxy = No ldap ssl = no passdb backend = tdbsam idmap backend = ad idmap uid = 1-2 idmap gid = 1-2 winbind nss info = rfc2307 winbind separator = + winbind use default domain = Yes winbind enum users = yes winbind enum groups = yes template homedir = /home/%U template shell = /bin/ksh ldap suffix = dc=uk,dc=domain.net client use spnego = yes client signing = yes [sambatest] path = /tmp/sambatest valid users = UK+username read only = No writable=yes browseable=yes create mask = 0770 [homes] comment = Home Directories browseable = no writeable = yes create mask = 0640 $ cat /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = UK.DOMAIN.NET default_tkt_enctypes = des-cbc-md5 des-cbc-crc default_tgs_enctypes = des-cbc-md5 des-cbc-crc [realms] UK.DOMAIN.NET = { kdc = my_password_server.uk.domain.net admin_server = my_password_server.uk.domain.net default_domain = uk.domain.net } [domain_realm] .uk.domain.net = UK.DOMAIN.NET uk.domain.net = UK.DOMAIN.NET $ cat /usr/lib/security/methods.cfg WINBIND: program = /usr/lib/security/WINBIND options = debug KRB5A: program = /usr/lib/security/KRB5A options = authonly KRB5Afiles: options = db=BUILTIN,auth=KRB5A ## WINBIND copied in from /usr/local/samba/sbin $ ls -l /usr/lib/security/WINBIND -rwxr-xr-x1 root system 9381212 25 Nov 09:57 /usr/lib/ security/WINBIND $ grep -p WINBIND /etc/security/user default: admin = false login = true su = false daemon = true rlogin = false sugroups = ALL admgroups = ttys = ALL auth1 = SYSTEM auth2 = NONE tpath = nosak umask = 027 expires = 0 SYSTEM = WINBIND or compat logintimes = pwdwarntime = 0 account_locked =
Re: [Samba] Samba ADS Error Session setup failed: Call returned zero bytes (EOF)
On Tue, Dec 02, 2008 at 06:51:31AM -0800, Mark Taylor wrote: Sorry for re-posting this one but I got no response to my last post except for a level 10 logs request which I uploaded last week. The logfile stops at [2008/11/27 12:16:40, 5] lib/username.c:Get_Pwnam_internals(77) Trying _Get_Pwnam(), username as lowercase is uk+myusername This means it is very likely you have a problem with winbindd or other more severe system problems. Try a getent passwd uk+myusername or whatever asks the NSS subsystem for the user entry of uk+myusername. I would suspect that this hangs. If it hangs, fix the hang and try again. If it does not hang, please send in the complete log files. Thanks, Volker pgpG4U7F31QX7.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba ADS Error
How do you do !!! Already several days are beaten with such problem: Beside me Windows 2000 Domain - with server Windows 2000 in own mode, want to install samba as BDC, came to conclusion that necessary to use Samba 3 + ADS. Has Compiled samba-3.0alpha22 with with the following option: ./configure --with-ads --with-ldap --with-pam --with-pam_smbpass --with-ldapsam --with-tdbsa --with-quotas --with-libsmbclient --with-acl-support --with-sendfile-support --with-winbind Has Installed, created the smb.conf file: [global] passdb backend = smbpasswd use sendfile = Yes update encrypted = Yes ldap server = 192.168.1.5 ldap port = 389 #636 ldap suffix = dc=lan,dc=sgtp,dc=ru ldap machine suffix = CN=Computers,DC=lan,DC=sgtp,DC=ru ldap user suffix = dc=lan,dc=sgtp,dc=ru ldap filter = ((sAMAccountName=%u)(objectclass=user)) ldap admin dn = CN=murphy AM. murphy,CN=Users,DC=lan,DC=sgtp,DC=ru ldap ssl = No ldap passwd sync = yes ldap trust ids = No profile acls = No realm = LAN.SGTP.RU client NTLMv2 auth = Yes hide local users = Yes ADS server = 192.168.1.5 dos charset = 866 unix charset = KOI8-R encrypt passwords = true winbind uid = 1-65000 winbind gid = 1-65000 winbind separator = + template homedir = /home/%D/%U template shell = /bin/sh winbind cache time = 5 netbios name = sana workgroup = SGTP server string = Samba Server log file = /usr/local/samba/var/log.%m max log size = 50 security = ADS socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 3 domain master = no preferred master = no domain logons = yes name resolve order = wins lmhosts bcast wins server = 192.168.1.5 inherit acls = yes # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [test] path = /mnt/xfs/samba writeable = yes force group = root [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = yes writable = no share modes = no It Was Registered in domain: kinit [EMAIL PROTECTED] has Prescribed in domain: net ads join has Started smbd,nmbd,winbindd has Done wbinfo -p - all have fine Done wbinfo -u - has got list of the groups has Done ./wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc18b) Could not check secret Restart computer - has Started smbd,nmbd,winbindd wbinfo -u Error looking up domain users If once again execute net ads join and restart all samba services, that all ok. That to do in given situations ? RESPECTFULLY YOURS, Aleksey. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba ADS Error
How do you do !!! Already several days are beaten with such problem: Beside me Windows 2000 Domain - with server Windows 2000 in own mode, want to install samba as BDC, came to conclusion that necessary to use Samba 3 + ADS. Has Compiled samba-3.0alpha22 with with the following option: ./configure --with-ads --with-ldap --with-pam --with-pam_smbpass --with-ldapsam --with-tdbsa --with-quotas --with-libsmbclient --with-acl-support --with-sendfile-support --with-winbind Has Installed, created the smb.conf file: [global] passdb backend = smbpasswd use sendfile = Yes update encrypted = Yes ldap server = 192.168.1.5 ldap port = 389 #636 ldap suffix = dc=lan,dc=sgtp,dc=ru ldap machine suffix = CN=Computers,DC=lan,DC=sgtp,DC=ru ldap user suffix = dc=lan,dc=sgtp,dc=ru ldap filter = ((sAMAccountName=%u)(objectclass=user)) ldap admin dn = CN=murphy AM. murphy,CN=Users,DC=lan,DC=sgtp,DC=ru ldap ssl = No ldap passwd sync = yes ldap trust ids = No profile acls = No realm = LAN.SGTP.RU client NTLMv2 auth = Yes hide local users = Yes ADS server = 192.168.1.5 dos charset = 866 unix charset = KOI8-R encrypt passwords = true winbind uid = 1-65000 winbind gid = 1-65000 winbind separator = + template homedir = /home/%D/%U template shell = /bin/sh winbind cache time = 5 netbios name = sana workgroup = SGTP server string = Samba Server log file = /usr/local/samba/var/log.%m max log size = 50 security = ADS socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 3 domain master = no preferred master = no domain logons = yes name resolve order = wins lmhosts bcast wins server = 192.168.1.5 inherit acls = yes # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [test] path = /mnt/xfs/samba writeable = yes force group = root [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = yes writable = no share modes = no It Was Registered in domain: kinit [EMAIL PROTECTED] has Prescribed in domain: net ads join has Started smbd,nmbd,winbindd has Done wbinfo -p - all have fine Done wbinfo -u - has got list of the groups has Done ./wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc18b) Could not check secret Restart computer - has Started smbd,nmbd,winbindd wbinfo -u Error looking up domain users If once again execute net ads join and restart all samba services, that all ok. That to do in given situations ? RESPECTFULLY YOURS, Aleksey. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba