squid + winbind perde il domino

**pigna** · 27-05-2009, 15:07

Ciao a tutti, ho un problema con l'autenticazione tramite winbind.
Ho installato un server CentOS con samba 3.0.33 e squid.
Ho configurato squid per fare l'autenticazione su dominio e funziona, ogni tanto però sembra che winbind "perde" il dominio e non riesce ad autenticare gli utenti.
Questo è uno stralcio del log di winbind:

codice:

[2009/05/27 12:54:21, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine SERVERA pipe \lsarpc fnum 0x74f0!
[2009/05/27 12:54:28, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine SERVERA pipe \lsarpc fnum 0x751a!
[2009/05/27 14:48:36, 0] libsmb/clientgen.c:cli_receive_smb(111)
  Receiving SMB: Server stopped responding
[2009/05/27 14:48:36, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790)
  rpc_api_pipe: Remote machine SERVERA pipe \NETLOGON fnum 0x751ereturned critical error. Error was Call timed out: server did not respon
d after 10000 milliseconds
[2009/05/27 14:48:36, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[gonzaga] returned NT_STATUS_IO_TIMEOUT (PAM: 4)
[2009/05/27 14:48:36, 1] libsmb/clientgen.c:cli_rpc_pipe_close(386)
  cli_rpc_pipe_close: cli_close failed on pipe \samr, fnum 0x751b to machine SERVERA. Error was Call timed out: server did not respond a
fter 1000 milliseconds
[2009/05/27 14:48:36, 1] libsmb/clientgen.c:cli_rpc_pipe_close(386)
  cli_rpc_pipe_close: cli_close failed on pipe \lsarpc, fnum 0x751c to machine SERVERA. Error was Call timed out: server did not respond
 after 500 milliseconds
[2009/05/27 14:48:36, 1] libsmb/clientgen.c:cli_rpc_pipe_close(386)
  cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0x751e to machine SERVERA. Error was Call timed out: server did not respo
nd after 500 milliseconds
[2009/05/27 14:48:46, 0] libsmb/clientgen.c:cli_receive_smb(111)
  Receiving SMB: Server stopped responding
[2009/05/27 14:48:57, 0] libsmb/clientgen.c:cli_receive_smb(111)
  Receiving SMB: Server stopped responding
[2009/05/27 14:49:07, 0] libsmb/clientgen.c:cli_receive_smb(111)
  Receiving SMB: Server stopped responding
[2009/05/27 14:49:07, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[user1] returned NT_STATUS_IO_TIMEOUT (PAM: 4)
[2009/05/27 14:49:26, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[user2] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 9)
[2009/05/27 14:49:32, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[user3] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 9)
[2009/05/27 14:49:50, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[user4] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 9)
[2009/05/27 14:49:52, 2] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1931)
  NTLM CRAP authentication for user [DOMA]\[user4] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 9)
[2009/05/27 14:50:36, 4] nsswitch/winbindd_dual.c:fork_domain_child(1080)
  child daemon request 47
[2009/05/27 14:50:36, 8] nsswitch/winbindd_cm.c:connection_ok(1515)
  connection_ok: Connection to for domain DOMA has NULL cli!
[2009/05/27 14:50:36, 5] libsmb/namequery.c:saf_fetch(136)
  saf_fetch: Returning "SERVERA" for "DOMA" domain
[2009/05/27 14:50:36, 5] libads/dns.c:sitename_fetch(706)
  sitename_fetch: No stored sitename for
[2009/05/27 14:50:36, 5] libsmb/namecache.c:namecache_fetch(214)
  name SERVERA#20 found.
[2009/05/27 14:50:36, 6] libsmb/clientgen.c:write_socket(152)
  write_socket(18,72) 
[2009/05/27 14:50:36, 6] libsmb/clientgen.c:write_socket(155)
  write_socket(18,72) wrote 72
[2009/05/27 14:50:36, 5] libsmb/cliconnect.c:cli_session_request(1407)
  Sent session request

e questo è il file di configurazione smb.conf che ho messo sul proxy:

codice:

[global]
  workgroup = DOMA
  server string = PROXY DOMA
  password server = xxx.xxx.xxx.xxx,yyy.yyy.yyy.yyy
  security = domain
  encrypt passwords = yes
  winbind separator = +
  winbind uid = 10000-20000
  winbind gid = 10000-20000
  winbind enum users = yes
  winbind enum groups = yes
  winbind use default domain = No
  log level = 2
  log file = /var/log/samba/%m.log
  max log size = 100000
  socket options = TCP_NODELAY
  wins server = xxx.xxx.xxx.xxx

Sul server PDC (sempre samba) è installato e gira anche il servizio winbind.

Quale può essere l'errore?
Grazie mille per l'aiuto.

Discussione: squid + winbind perde il domino

Strumenti discussione

Ricerca discussione

Visualizza

squid + winbind perde il domino

Permessi di invio