[Freeipa-users] AD - Freeipa trust confusion
Alexander Bokovoy
abokovoy at redhat.com
Mon Jan 6 21:59:12 UTC 2014
On Fri, 03 Jan 2014, Andrew Holway wrote:
>>> To generate the winbind logs on the server, can you do 'smbcontrol winbindd
>>> debug 100', then request the trusted user. The winbind logs would be at
>>> /var/log/samba/log.w*
>
>I truncated all of the files in /var/log/samba and then make a single
>login attempt. These are the files that were non zero after the event.
>
>log.smbd.epmd - https://gist.github.com/anonymous/663be9204d24bf3e915c
>log.wb-PRATTLE - https://gist.github.com/anonymous/069c9931b1c66a2da85e
I can see multiples of:
[2014/01/03 07:48:08.789374, 10, pid=2662, effective(0, 0), real(0, 0), class=winbind]
../source3/winbindd/winbindd_cm.c:806(cm_prepare_connection)
cm_prepare_connection: connecting to DC WIN-5UGLHAK7RIN for domain PRATTLE
[2014/01/03 07:48:08.789437, 1, pid=2662, effective(0, 0), real(0, 0), class=winbind]
../source3/winbindd/winbindd_cm.c:839(cm_prepare_connection)
cli_negprot failed: NT_STATUS_INVALID_PARAMETER_MIX
This means some internal mishandling in winbindd,
NT_STATUS_INVALID_PARAMETER_MIX can only appear at this path if the
connection (which has just been created, few calls before cli_negprot)
has outstanding outstanding calls in outgoing queue at the point when
cli_negprot is attempted. As result, cli_negprot can't start until they
are finished.
>log.wb-WIBBLE - https://gist.github.com/anonymous/c60754ec956df30f2c60
>log.winbindd - https://gist.github.com/anonymous/25995d07c20ef5f3926a
>log.winbindd-dc-connect - https://gist.github.com/anonymous/9b6a1b736f1266ddc37f
At this point I need to know exact version of the samba package (samba4
if this is RHEL 6.x) to continue investigations with the exact source
code at hand.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list