[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade
Thanks everyone, I can confirm that 2:4.1.6+dfsg-1ubuntu2.14.04.1 does fix my problem. ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1310919 Title: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1310919/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade
Another data point... This problem also goes away with a world readable system keytab (/etc/krb5.keytab). So it isn't just the pam_winbind 'krb5_ccache_type=FILE' setting. I'll do some more testing to find out whether or not changing the 'kerberos method = secrets and keytab' setting in smb.conf has any affect. These keytab related areas have been ripe for winbind regressions in the past for us :) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1310919 Title: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade
Some more testing of 'kerberos method' with 'krb5_ccache_type=FILE' and 600 perms on /etc/krb5.keytab With 'kerberos method = secrets and keytab', winbind logins failed. With 'kerberos method = system keytab', winbind logins failed. With 'kerberos method = secrets only', winbind logins started working again. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1310919 Title: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1310919] [NEW] pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade
Public bug reported: Ubuntu version: 14.04 AMD64 samba, winbind, libpam-winbind version: 2:4.1.6+dfsg-1ubuntu2 After upgrading to 14.04 from 13.10 I couldn't log in with any Active Directory accounts. After checking that Winbind itself worked (eg wbinfo and getent still worked properly) and plain old Kerberos kinit still worked fine, it seemed like it had to be a PAM problem. This is from /var/log/auth.log after enabling debug and debug_state on pam_winbind and trying to log in via ssh (local logins had the same problem both via the console and lightdm) Apr 22 16:21:23 ben sshd[10932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=client.example.com user=anton Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] ENTER: pam_sm_authenticate (flags: 0x0001) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_SERVICE) = sshd (0x7f30e9cbf250) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_USER) = anton (0x7f30e9cc1f80) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_TTY) = ssh (0x7f30e9cdb0d0) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_RHOST) = client.example.com (0x7f30e9cdb0b0) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_AUTHTOK) = 0x7f30e9cd8ef0 Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_CONV) = 0x7f30e9cd8ed0 Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): getting password (0x1389) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): pam_get_item returned a password Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): Verify user 'anton' Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): PAM config: krb5_ccache_type 'FILE' Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): enabling krb5 login flag Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): enabling cached login flag Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): enabling request for a FILE krb5 ccache Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_SYSTEM_ERR (4), NTSTATUS: NT_STATUS_C ONNECTION_DISCONNECTED, Error message was: NT_STATUS_CONNECTION_DISCONNECTED Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): internal module error (retval = PAM_SYSTEM_ERR(4), user = 'anton') Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] LEAVE: pam_sm_authenticate returning 4 (PAM_SYSTEM_ERR) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_SERVICE) = sshd (0x7f30e9cbf250) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_USER) = anton (0x7f30e9cc1f80) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_TTY) = ssh (0x7f30e9cdb0d0) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_RHOST) = client.example.com (0x7f30e9cdb0b0) Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_AUTHTOK) = 0x7f30e9cd8ef0 Apr 22 16:21:23 ben sshd[10932]: pam_winbind(sshd:auth): [pamh: 0x7f30e9cca190] STATE: ITEM(PAM_CONV) = 0x7f30e9cd8ed0 Apr 22 16:21:25 ben sshd[10932]: Failed password for anton from 192.168.20.100 port 58950 ssh2 Apr 22 16:21:27 ben sshd[10932]: Connection closed by 192.168.20.100 [preauth] After seeing that the line before the first error was about request a FILE krb5 ccache, I successfully tried with a different credential cache type (krb5_ccache_type=KEYRING) for pam_winbind in /etc/pam.d/common-auth: Apr 22 16:23:34 ben sshd[10946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=client.example.com user=anton Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] ENTER: pam_sm_authenticate (flags: 0x0001) Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_SERVICE) = sshd (0x7ff5b160e080) Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_USER) = anton (0x7ff5b1610aa0) Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_TTY) = ssh (0x7ff5b162a0f0) Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_RHOST) = client.example.com (0x7ff5b162a0d0) Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_AUTHTOK) = 0x7ff5b1627ed0 Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth): [pamh: 0x7ff5b1619110] STATE: ITEM(PAM_CONV) = 0x7ff5b1627eb0 Apr 22 16:23:34 ben sshd[10946]: pam_winbind(sshd:auth):
[Bug 1159715] Re: winbind_krb5_locator plugin is missing from winbind 3.6.3
I suspect I'm seeing the results of this on some 12.04 virtual servers. The strange thing is that I'm pretty sure we've had 12.04 servers work properly in the past. I've tried it with both 3.6.3-2ubuntu2.6 and 3.6.3-2ubuntu2. We've been getting console errors about either uncontactable KDCs or clock skew being too great when logging in via SSH with GSSAPI, or when using sudo. The logins and sudo take a long time to happen - even local unix accounts are held up. After logging in there is no kerberos ticket cache. Manually using kinit authenticates successfully though and will create a ticket cache. So non-winbind vanilla kerberos stuff isn't affected. The clock skew errors will even happen straight after an ntpdate update from the AD domain controller. I suspect this is erroneous and just a symptom related to not finding our domain controller. The things that make me suspect it's related to this bug report are: 1) kerberos only fails to find the DC when being initiated via winbind, and 2) winbind seems to start behaving properly when we hard code our domain controller/KDC into /etc/krb5.conf -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1159715 Title: winbind_krb5_locator plugin is missing from winbind 3.6.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1159715/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Just an update... 3.6.3-2ubuntu2.5 is still working fine for me, and has not had any of the problems listed above reappear. ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Thanks Brian, I've installed the winbind, libpam-winbind, libwbclient0, samba-common, smbclient packages (3.6.3-2ubuntu2.5) from proposed. I'll keep you posted. It might take a week or two before I'm confident they are working correctly. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Although inconvenient, personally I'm ok with quantal being skipped. Thanks. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
** Description changed: [Impact] * If it happens on the client, the client can't authenticate to any kerberised servers (Windows or Linux). * If it happens on the server, all clients (Windows or Linux) are unable to connect to that server any more. * The main impact is very flaky network authentication on an LTS release that we will have to live with for a few more years. [Workaround] On the desktop run kinit to create a new ticket cache, or on a server restart the winbind daemon after logging in with a local account. This usually needs to be done once or twice a week on my desktop, but less frequently on servers. [Test Case] - Requires an AD domain with winbind configured to use it. + Requires an AD (or Samba 4?) domain with winbind configured to use it. Use winbind refresh ticket = true - Set cached_login for pam_winbind - ??? + Set cached_login for pam_winbind. + Log onto a domain member using a domain account. + Winbind will create a standard Kerberos credential cache containing a TGT (Ticket Granting Ticket - eg something like krbtgt/REALM@REALM). + The klist command will verify the existence of the cache and the TGT in it. + At some point before the renewal lifetime is up, the credential cache will disappear preventing Kerberos apps from working. It is often at about 25-50% of the renewal lifetime, but not always. + The klist command will now report that it can't find the ccache. + With the bugfix, the ccache never disappears and Winbind will successfully renew the TGT. + [Original Description] - - winbindd will renew kerberos tickets until they expire, but it seems unable to refresh them before expiry. + winbindd will renew kerberos tickets until they expire, but it seems + unable to refresh them before expiry. I have the following in smb.conf: winbind refresh ticket = true and have cached_login set for pam_winbind After 7 days ( the renewal limit on AD kerberos tickets) the ticket expires and I lose access to my NFS home directory which uses sec=krb5 I have tried to debug why this is happening and have come to the conclusion that there are two important variables for ticket refreshing to work (both in winbind/winbindd_cred_cache.c): ccache_list memory_creds_list and that the function that stores the password for later refreshing use is called winbindd_add_memory_creds This function though requires that the user is in ccache_list before it stores the password in a way it can be used by the rekinit part of the function krb5_ticket_refresh_handler. The problem as I see it is that winbind forks and the parent populates ccache_list and the child populates memory_creds_list. This leads to the password not being stored in a way that can be used by the rekinit code in krb5_ticket_refresh_handler. As a dirty hack (attached) I tried populating memory_creds_list from the same location as ccache_list get populated (winbindd_raw_kerberos_login in winbind/winbindd_pam.c). This hack fixes the problem. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: winbind 2:3.6.3-2ubuntu2.3 ProcVersionSignature: Ubuntu 3.2.0-27.43-generic 3.2.21 Uname: Linux 3.2.0-27-generic x86_64 ApportVersion: 2.0.1-0ubuntu12 Architecture: amd64 Date: Wed Aug 15 11:30:27 2012 InstallationMedia: Ubuntu 12.04 LTS Precise Pangolin - Release amd64 (20120425) ProcEnviron: LANGUAGE=en_GB:en TERM=xterm PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash SambaClientRegression: No SourcePackage: samba UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.winbind: 2012-07-06T14:00:57 mtime.conffile..etc.init.d.winbind: 2012-07-06T14:00:57 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Just a gentle prod... :) Q: Will updates be published for both precise and quantal? And will I need to further test both? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Just checking in... These PPA updates have been solid for me still. Is there any more testing or anything that needs doing to progress this further? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
After further testing, I'm certain the updated packages have fixed the bug. Leaving two machines running logged in and idle over the weekend, the unpatched machine lost its credential cache (again) while the patched one succesfully renewed its TGT all weekend. And it also successfully got a new one after the renewal limit was reached. Thanks. It would be great if these updates could make their way into precise and quantal. I gather raring already has them from upstream. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
I've done some testing on machines with and without the new packages. Conclusion: I think things have improved with the new packages. More details: It is hard to tell for sure as there are various things (eg using sudo, or unlocking the desktop etc) other than winbind that will refresh the Ticket Granting Ticket (TGT) and update/recreate the credentials cache. This can mask the original problem. I managed to shorten the Active Directory ticket lifetimes (1 hour) and renewal periods (1 day) to the minimum to speed up testing. But after this I noticed that tickets were no longer being renewed at all, and expired tickets would stay in the credentials cache breaking authentication. This was worse than the original problem. On a machine without the updates installed, the original problem was still happening even with the shorter ticket lifetimes. ie the credentials cache and Ticket Granting Ticket disappearing before the TGT reached it's renewal time limit. This problem never happened with the updated packages though. Suspecting that the expired ticket problem was caused by the extremely short ticket lifetimes, I extended Active Directory ticket settings to 5hr expiry and 2 day renewal periods. This has slowed down testing a bit, but seems to have made that new expired ticket problem go away. ie tickets are now renewing properly again, and I haven't noticed the cache disappearing before the TGTs renewal period was up. So - things do seem improved with the new packages (provided stupidly short ticket lifetimes aren't in use). The problem I encountered with very short lifetimes is unrelated to this bug report. But without a reliable way to reproduce the original problem, I still can't be 100% certain that absence of evidence (not seeing the bug so far) equates to evidence of absence (the bug has been fixed). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
Thanks Robie, I've installed your PPA for testing. As soon as I know if it has fixed anything (or if it hasn't), I'll report back. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1037055] Re: winbind does not refresh kerberos tickets
I'm also hit by what seems to be the same bug on 12.04. This happens on both desktops and servers using winbind (pam_winbind) to manage kerberos keytabs and ticket caches. We are authenticating against an Active Directory domain controller (2008R2). We use the winbind/kerberos combo for: * logging into Ubuntu desktops, * transparent SSH access (via GSSAPI) to other Ubuntu/Debian machines, * single sign on for webapps running on both Linux and Windows servers, * and authenticating access to file shares (both Samba and Windows) We often find our kerberos credential caches disappearing. This stops kerberos authentication working for eg SSH, HTTP(S), CIFS etc. Things work very well otherwise. Impact: * If it happens on the client, the client can't authenticate to any kerberised servers (Windows or Linux). * If it happens on the server, all clients (Windows or Linux) are unable to connect to that server any more. * The main impact is very flaky network authentication on an LTS release that we will have to live with for a few more years. Workaround: On the desktop run kinit to create a new ticket cache, or on a server restart the winbind daemon after logging in with a local account. This usually needs to be done once or twice a week on my desktop, but less frequently on servers. Test case: I don't have a good understanding on how to reliably reproduce it apart from waiting several days for it to stop authenticating. But the earlier posters above seem to have a better handle on that part. I will commit to testing any proposed updates. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1037055 Title: winbind does not refresh kerberos tickets To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1037055/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 736757] Re: [SRU] PANIC (pid 18442): internal error in winbindd
Just chiming in to say that 3.4.7~dfsg-1ubuntu3.6 from lucid-proposed also fixed this problem on our servers as well. We've gone from daily winbind panics to no crashes since. We haven't noticed any side-effects either. Any idea if or when this makes it into lucid-updates? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/736757 Title: [SRU] PANIC (pid 18442): internal error in winbindd -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
