--===============0057017042==
Content-Type: multipart/signed; boundary="nextPart5453811.fsU2JBYiio";
protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart5453811.fsU2JBYiio
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

The ongoing saga of The Place We Can't Freakin' Get Samba To Work Even Thou=
gh=20
It Works Everywhere Else...

We're experiencing winbind problems. Can't authenticate from AD ("Windows=
=20
Server 2003") even though:

"getent passwd" works (shows a list of all users including on AD server).
"getent group" works (shows list of all groups including AD)
"wbinfo -u" works
"wbinfo -n (name-of-AD-user)" works
"wbinfo --user-domgroups=3D(SID-of-user-derived-from-above-command)" works.=
=2E..

But nobody seems to be able to authenticate. Windows prompts them for a=20
password, then tells them it failed. (Also - for some reason we still have=
=20
the problem of "getent passwd (user)" not returning anything. This seems t=
o=20
be perversely intermittent. About an hour ago it was working with the same=
=20
software. As were windows logins.)

/var/log/samba/log.winbindd shows:

[2005/12/08 19:17:12, 0] nsswitch/winbindd.c:request_len_recv(554)
request_len_recv: Invalid request size received: 1828

repeatedly for each attempt by windows users to connect now. I've tried=20
restarting smbd, nmbd, winbindd...to no avail.

(The occasionally-but-not-usually-works thing here is actually an ongoing=20
problem that at this point I fear will precipitate ripping out of the Samba=
=20
box and overwriting it with "Windows". I have no idea what the problem is =
as=20
similarly configured samba systems at other locations seem to work just=20
fine.)

This is SLES 9 on a Dell "Xeon" box, using RPM's grabbed from:=20
http://us5.samba.org/samba/ftp/Binar.../x86_64/sles9/

(I also tried the i586 rpm's, just in case. Same thing.)

Please, I'm begging - can someone tell me what to dig into here? I'll be=20
happy to post configurations, run tests, whatever. I just don't want to ha=
ve=20
to hear "no, we'll just have to 'buy' Windows because Samba doesn't=20
work" (despite all the ones we already HAVE working...it's that kind of pla=
ce=20
here...)

--nextPart5453811.fsU2JBYiio
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2rc2 (GNU/Linux)

iD8DBQBDmOBqJ6yQLhNTzSkRAhZUAJ9bspUkFszOj6bcfsV7Be 8zR7cVVACfcgD2
5i+aaH0lgwDL2F4B4XTqIAI=
=jM4/
-----END PGP SIGNATURE-----

--nextPart5453811.fsU2JBYiio--

--===============0057017042==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--===============0057017042==--