[Samba] ntlm_auth = NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc000005e)
I had to downgrade samba on a rh5.5 instance due to ntlm_auth not working
properly: https://bugzilla.redhat.com/show_bug.cgi?format=multipleid=561325
Now, when I add the computer to the domain ('net ads join –U Administrator') it
seems to work, is visible on the AD interface, but the logs show an error:
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed for
alloc backend, deferred!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module ldap already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module tdb already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module passdb already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module nss already registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed for
alloc backend, deferred!
Nov 11 16:03:22 rhclient pcscd: winscard.c:304:SCardConnect() Reader E-Gate 0 0
Not Found
And wbinfo gives me nothing – so I am assuming there is a problem:
[r...@rhclient samba]# wbinfo -u
[r...@rhclient samba]# wbinfo -g
[r...@rhclient samba]#
When trying to do a ntlm_auth, I get a funky error as well:
[r...@rhclient samba]# ntlm_auth --request-nt-key
--domain=VMSECLAB.CABLE.COMCAST.COM --username=user
password:
NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc05e)
Yet, there is a login server in the samba.conf, and dns/reverse dns works:
[r...@rhclient samba]# grep 'password server' /etc/samba/smb.conf
password server = ad.vmseclab.cable.com
[r...@rhclient samba]# nslookup ad.vmseclab.cable.com
Server: 10.252.159.138
Address: 10.252.159.138#53
Name: ad.vmseclab.cable.com
Address: 10.252.159.138
[r...@rhclient samba]# nslookup 10.252.159.138
Server: 10.252.159.138
Address: 10.252.159.138#53
138.159.252.10.in-addr.arpa name = ad.vmseclab.cable.com.
The samba logs show this when trying to ntlm_auth:
== /var/log/samba/log.winbindd-dc-connect ==
[2010/11/11 16:16:55, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site (Default-First-Site-Name),
trying to find another DC
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site (Default-First-Site-Name),
trying to find another DC
[2010/11/11 16:17:25, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site (Default-First-Site-Name),
trying to find another DC
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site (Default-First-Site-Name),
trying to find another DC
Has anyone seen this, or have any clue what could be happening? It seems like
my DC does not have cldap open/working? What port does that run over? If its
normal ldap(389), I can telnet to that fine.
I am out of ideas, any help would be appreciated. Thanks.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ntlm_auth = NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc000005e)
security = domain or security = user?
I had problems with winbind using security = user.. I can't remember
properly it's been a while..
On 11/11/2010 04:22 PM, Rowley, Mathew wrote:
I had to downgrade samba on a rh5.5 instance due to ntlm_auth not working properly:
https://bugzilla.redhat.com/show_bug.cgi?format=multipleid=561325
Now, when I add the computer to the domain ('net ads join –U Administrator') it
seems to work, is visible on the AD interface, but the logs show an error:
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed for
alloc backend, deferred!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module ldap already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module tdb already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module passdb already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module nss already registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed for
alloc backend, deferred!
Nov 11 16:03:22 rhclient pcscd: winscard.c:304:SCardConnect() Reader E-Gate 0 0
Not Found
And wbinfo gives me nothing – so I am assuming there is a problem:
[r...@rhclient samba]# wbinfo -u
[r...@rhclient samba]# wbinfo -g
[r...@rhclient samba]#
When trying to do a ntlm_auth, I get a funky error as well:
[r...@rhclient samba]# ntlm_auth --request-nt-key
--domain=VMSECLAB.CABLE.COMCAST.COM --username=user
password:
NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc05e)
Yet, there is a login server in the samba.conf, and dns/reverse dns works:
[r...@rhclient samba]# grep 'password server' /etc/samba/smb.conf
password server = ad.vmseclab.cable.com
[r...@rhclient samba]# nslookup ad.vmseclab.cable.com
Server: 10.252.159.138
Address: 10.252.159.138#53
Name: ad.vmseclab.cable.com
Address: 10.252.159.138
[r...@rhclient samba]# nslookup 10.252.159.138
Server: 10.252.159.138
Address: 10.252.159.138#53
138.159.252.10.in-addr.arpa name = ad.vmseclab.cable.com.
The samba logs show this when trying to ntlm_auth:
== /var/log/samba/log.winbindd-dc-connect==
[2010/11/11 16:16:55, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:17:25, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
Has anyone seen this, or have any clue what could be happening? It seems like
my DC does not have cldap open/working? What port does that run over? If its
normal ldap(389), I can telnet to that fine.
I am out of ideas, any help would be appreciated. Thanks.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ntlm_auth = NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc000005e)
security = ads
I am really just trying to get ntlm_auth to work in order to proxy AD
requests with FreeRadius...
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
On 11/11/10 2:26 PM, Aaron E. ssures...@gmail.com wrote:
security = domain or security = user?
I had problems with winbind using security = user.. I can't remember
properly it's been a while..
On 11/11/2010 04:22 PM, Rowley, Mathew wrote:
I had to downgrade samba on a rh5.5 instance due to ntlm_auth not
working properly:
https://bugzilla.redhat.com/show_bug.cgi?format=multipleid=561325
Now, when I add the computer to the domain ('net ads join U
Administrator') it seems to work, is visible on the AD interface, but
the logs show an error:
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed
for alloc backend, deferred!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module ldap
already registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap_alloc(201)
Nov 11 16:03:22 rhclient winbindd[4483]: idmap_alloc module tdb
already registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module passdb already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:smb_register_idmap(149)
Nov 11 16:03:22 rhclient winbindd[4483]: Idmap module nss already
registered!
Nov 11 16:03:22 rhclient winbindd[4483]: [2010/11/11 16:03:22, 0]
winbindd/idmap.c:idmap_alloc_init(589)
Nov 11 16:03:22 rhclient winbindd[4483]: ERROR: Initialization failed
for alloc backend, deferred!
Nov 11 16:03:22 rhclient pcscd: winscard.c:304:SCardConnect() Reader
E-Gate 0 0 Not Found
And wbinfo gives me nothing so I am assuming there is a problem:
[r...@rhclient samba]# wbinfo -u
[r...@rhclient samba]# wbinfo -g
[r...@rhclient samba]#
When trying to do a ntlm_auth, I get a funky error as well:
[r...@rhclient samba]# ntlm_auth --request-nt-key
--domain=VMSECLAB.CABLE.COMCAST.COM --username=user
password:
NT_STATUS_NO_LOGON_SERVERS: No logon servers (0xc05e)
Yet, there is a login server in the samba.conf, and dns/reverse dns
works:
[r...@rhclient samba]# grep 'password server' /etc/samba/smb.conf
password server = ad.vmseclab.cable.com
[r...@rhclient samba]# nslookup ad.vmseclab.cable.com
Server: 10.252.159.138
Address: 10.252.159.138#53
Name: ad.vmseclab.cable.com
Address: 10.252.159.138
[r...@rhclient samba]# nslookup 10.252.159.138
Server: 10.252.159.138
Address: 10.252.159.138#53
138.159.252.10.in-addr.arpa name = ad.vmseclab.cable.com.
The samba logs show this when trying to ntlm_auth:
== /var/log/samba/log.winbindd-dc-connect==
[2010/11/11 16:16:55, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:16:55, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:17:25, 1] libads/cldap.c:recv_cldap_netlogon(157)
no reply received to cldap netlogon
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
[2010/11/11 16:17:25, 1] libads/ldap.c:ads_find_dc(427)
ads_find_dc: failed to find a valid DC on our site
(Default-First-Site-Name), trying to find another DC
Has anyone seen this, or have any clue what could be happening? It
seems like my DC does not have cldap open/working? What port does that
run over? If its normal ldap(389), I can telnet to that fine.
I am out of ideas, any help would be appreciated. Thanks.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
