[Samba] Re: Winbind will not start when network disconnected

2006-01-04 Thread Mark F 



The SID should be stored in secrets.tdb.  Did you in fact
join the domain?



At one time it was joined to a test domain to verify it would work.  It 
has since been disconnected from the network and reconfigured for the 
production domain.  It doesn't even have a network connection now.  Once 
configuration of the server is complete I will (attempt) to join it to 
the production domain.


-Mark

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind will not start when network disconnected

2006-01-03 Thread Mark F 
I'm preparing some boxes for production and have configured samba with 
winbind for ADS domain authentication but I've noticed that winbind will 
not start when the network is not connected.  I think the proper 
operation should be to start but (of course) not function and log the 
inability to connect to the pdc.


Instead I get this:

PANIC: Could not fetch our SID - did we join?
...
lots of back trace information
...

and the failure to start.

Thanks,
-Mark

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Join ADS domain - Insufficient Access

2005-11-01 Thread Mark F 

SLES 9 SP2
samba-3.0.14a-0.4
heimdal-lib-0.6.1rc3-55.15
samba-winbind-3.0.14a-0.4
pam-modules-9-18.10
pam_krb5-1.3-201.7

I've been searching for days for a concrete answer to this question:

Is it possible to join an ADS domain from a Linux Samba server without 
having Administrator privileges? Yes or No.


If so exactly what are the minimal requirements for joining the Linux 
box to the domain.


I can get a Kerberos ticket, no problem

However when I try to join the domain I get:

app1:~ # net ads join -S servername -d 3 -w domain -U tester%password
[2005/11/01 07:44:58, 3] param/loadparm.c:lp_load(3907)
  lp_load: refreshing parameters
[2005/11/01 07:44:58, 3] param/loadparm.c:init_globals(1321)
  Initialising global parameters
[2005/11/01 07:44:58, 3] param/params.c:pm_process(573)
  params.c:pm_process() - Processing configuration file 
/etc/samba/smb.conf

[2005/11/01 07:44:58, 3] param/loadparm.c:do_section(3409)
  Processing section [global]
[2005/11/01 07:44:58, 2] lib/interface.c:add_interface(81)
  added interface ip=IPADDRESS bcast=IPADDRESS nmask=255.255.255.0
[2005/11/01 07:44:58, 3] libads/ldap.c:ads_connect(285)
  Connected to LDAP server LDAPIPADDRESS
[2005/11/01 07:44:58, 3] libads/ldap.c:ads_server_info(2469)
  got ldap server name [EMAIL PROTECTED], using bind path: 
dc=SERVER,dc=DOMAIN,dc=GOV

[2005/11/01 07:44:58, 3] libads/sasl.c:ads_sasl_spnego_bind(204)
  ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2005/11/01 07:44:58, 3] libads/sasl.c:ads_sasl_spnego_bind(204)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2005/11/01 07:44:58, 3] libads/sasl.c:ads_sasl_spnego_bind(204)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2005/11/01 07:44:58, 3] libads/sasl.c:ads_sasl_spnego_bind(204)
  ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2005/11/01 07:44:58, 3] libads/sasl.c:ads_sasl_spnego_bind(211)
  ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED]
[2005/11/01 07:44:58, 3] libsmb/clikrb5.c:ads_krb5_mk_req(381)
  ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory)
[2005/11/01 07:44:58, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(318)
  Ticket in ccache[MEMORY:net_ads] expiration Tue, 01 Nov 2005 17:46:24 GMT
[2005/11/01 07:44:58, 0] libads/ldap.c:ads_add_machine_acct(1405)
  ads_add_machine_acct: Host account for app1 already exists - 
modifying old account

[2005/11/01 07:44:58, 0] libads/ldap.c:ads_join_realm(1763)
  ads_join_realm: ads_add_machine_acct failed (app1): Insufficient access
ads_join_realm: Insufficient access
[2005/11/01 07:44:58, 2] utils/net.c:main(902)
  return code = -1

---
I have no access to the domain but the Domain admin has assured me he 
has set it up exactly as he would to allow a Windows client to join.  Is 
this correct?


Thanks,
-Mark

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] rec_free_read bad magic

2005-11-01 Thread Mark F 
I see this message repeating over and over in my logs.  What is the 
significance?


Nov  1 13:35:44 app1 nmbd[15488]:   tdb(/var/lib/samba/gencache.tdb): 
rec_free_read bad magic 0x42424242 at offset=460


Thanks,
-Mark

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] hello

2003-09-03 Thread mark f 
i was wondering wether u have a simple to follow
instalation guide for samba / solaris 
 
I find the documentation difficult to follow ..
ie make  make install ?? make installbin 
 
what should you do all  why isnt things like
this made clear we are not all Dr of computers ...
 
Its it thus possible to have a simple flowchart with 
relavent commands required ???
 
//With thanks ..


-
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba