Winbind issues in Ubuntu 14.04
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Sun Jun 15 18:16:05 CEST 2014
So no one else wastes a couple of hours of their lives wondering why ntlm_auth is failing due to what appear to be permissions issue.
In the version of samba4 installed with Ubuntu 14.04 (4.1.6) the default location of the winbinddd_privileged directory appears to be /var/lib/samba.
The upstart script however, still has it in /var/run/samba/ (it may have changed), and does a lovely job of masking the problem by creating the winbindd_privileged directory there on start:
pre-start script
test -x /usr/sbin/winbindd || exit 0
mkdir -p /var/run/samba/winbindd_privileged
chgrp winbindd_priv /var/run/samba/winbindd_privileged
chmod 0750 /var/run/samba/winbindd_privileged
end script
Special shout outs go to the samba project for writing a utility with the most useless debugging output ever:
Program returned code (1) and output 'Reading winbind reply failed! (0xc0000001)'
(57) mschap : External script failed
(57) ERROR: mschap : External script says: Reading winbind reply failed! (0xc0000001)
(57) ERROR: mschap : MS-CHAP2-Response is incorrect
and whoever decided to disable the init.d script on upstart enabled systems by adding:
case "$1" in
start)
if init_is_upstart; then
exit 1
fi
Lovely.
Bug reported here for winbindd_privileged:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1330220
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140615/af751f80/attachment.pgp>
More information about the Freeradius-Users
mailing list