SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0002301: winbind/smb doesn't start - MantisBT
MantisBT - Endian Firewall
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0002301Endian FirewallOther Scriptspublic2009-10-27 22:452010-11-22 12:09
Reporterbonald 
Assigned Tosimon-endian 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version2.3.1 
Customer Importance
Customer Occurrences
Queue
Summary0002301: winbind/smb doesn't start
Descriptionroot@efw:~ # restartsamba.py -d
2009-10-27 19:42:37,159 - restartsamba.py[2205] - DEBUG - {'SAMBA_ALLOWED_HOSTS': 'localhost', 'SHARES': [], 'SAMBA_BIND_INTERFACES': ''}
2009-10-27 19:42:37,161 - restartsamba.py[2205] - DEBUG - Stopping samba
2009-10-27 19:42:37,460 - restartsamba.py[2205] - DEBUG - Stopping samba
Traceback (most recent call last):
  File "/usr/local/bin/restartsamba.py", line 348, in ?
    restartWinbind()
  File "/usr/local/bin/restartsamba.py", line 273, in restartWinbind
    write_winbind_config(proxy_conf)
  File "/usr/local/bin/restartsamba.py", line 144, in write_winbind_config
    write_config(WINBIND_TPL,WINBIND_CONF,proxy_conf)
  File "/usr/local/bin/restartsamba.py", line 134, in write_config
    content = t.respond()
  File "_etc_samba_winbind_conf_tmpl.py", line 96, in respond
AttributeError: 'str' object has no attribute 'VFFSL'
root@efw:~ #
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
child of 0002202closed simon-endian ntlm auth does not work when using a BDC because of an error in krb5.conf.tmpl and smb.conf.tmpl 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2009-10-27 22:45bonaldNew Issue
2009-10-29 12:39simon-endianNote Added: 0003169
2009-11-02 13:20bonaldNote Added: 0003210
2009-11-02 13:26bonaldNote Added: 0003212
2010-01-27 09:47luca-endianNote Added: 0003709
2010-01-27 09:47luca-endianRelationship addedparent of 0002202
2010-01-29 10:36luca-endianRelationship deletedparent of 0002202
2010-01-29 10:36luca-endianRelationship addedchild of 0002202
2010-01-29 10:38luca-endianStatusnew => feedback
2010-03-01 08:35simon-endianStatusfeedback => resolved
2010-03-01 08:35simon-endianFixed in Version => 2.3.1
2010-03-01 08:35simon-endianResolutionopen => fixed
2010-03-01 08:35simon-endianAssigned To => simon-endian
2010-11-22 12:09peter-endianStatusresolved => closed

Notes
(0003169)
simon-endian   
2009-10-29 12:39   
is this after joining the machine to active directory domain?

with 2.3 samba will not be started anymore because it is not needed for ntlm authentication of httpproxy.
winbind is only able to start after http proxy authentication settings for windows authentication (ntlm) where applied and the efw was joined to the active directory domain.

can you also post your /var/efw/proxy/settings?
(0003210)
bonald   
2009-11-02 13:20   
I was not able to join the domain using the gui.
So i've joined it using net ads join -U... but everything is broken after a reboot.

winbind.conf / samba.conf don't have proper config.


/var/efw/proxy/settings

AUTH_CACHE_TTL=500
AUTH_CHILDREN=25
AUTH_METHOD=ntlm
AUTH_REALM=domain.local
BDC_ADDRESS=x.x.x.x
BLUE_ENABLED=transparent
DANSGUARDIAN_ENABLED=on
FORWARD_USERNAME=
HAVP_ENABLED=on
NTLM_BDC=dc2
NTLM_DOMAIN=domain
NTLM_PDC=dc1
PDC_ADDRESS=x.x.x.x
PROXY_ENABLED=on
(0003212)
bonald   
2009-11-02 13:26   
ok, problem is with winbind.conf.
I've added manually my domain info into the config file and ...

/etc/init.d/winbind start
Starting Winbind services: [ OK ]
root@efw:~ # wbinfo -t
checking the trust secret via RPC calls succeeded
root@efw:~ #

It's working but...
(0003709)
luca-endian   
2010-01-27 09:47   
Also winbind.conf.tmpl must be patched with the following line.

Third line:
password server = ${NTLM_PDC}.${NTLM_DOMAIN} #if $NTLM_BDC != '' then "%s.%s" % ($NTLM_BDC, $NTLM_DOMAIN) else ""#