[Samba] winbindd problem - STATUS_BUFFER_OVERFLOW (0x80000005)
Daniel Meyer
i've got a little (at least i hope its a minor one) problem with winbind.
General information about the system:
- GNU/Linux 2.4.25-2tr
- samba-3.0.2-4tr
Samba successfully joined the ads (w2k servers), wbinfo -u and -g are
working
perfectly. If i try to authenticate a user with wbinfo or with ntlm_auth
(overall goal is to have ntlm authentication with squid) i get a
"STATUS_BUFFER_OVERFLOW (0x80000005)" error.
Example:
root@proxy ~# wbinfo --authenticate=Administrator%<password>
plaintext password authentication failed
error code was STATUS_BUFFER_OVERFLOW (0x80000005)
error messsage was: STATUS_BUFFER_OVERFLOW
Could not authenticate user Administrator%<password> with plaintext
password
challenge/response password authentication failed
error code was STATUS_BUFFER_OVERFLOW (0x80000005)
error messsage was: STATUS_BUFFER_OVERFLOW
Could not authenticate user Administrator with challenge/response
ntlm_auth clients started by squid just die:
[2004/03/08 10:34:31, 1] utils/ntlm_auth.c:manage_squid_request(1320)
fgets() failed! dying..... errno=0 (Success)
strace of wbinfo --authenticate... says:
[...]
lstat64("/tmp/.winbindd", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat64("/tmp/.winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) =
0
socket(PF_UNIX, SOCK_STREAM, 0) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_UNIX, path="/tmp/.winbindd/pipe"}, 110) = 0
getpid() = 7990
getpid() = 7990
select(4, [3], NULL, NULL, {0, 0}) = 0 (Timeout)
write(3, " \6\0\0\0\0\0\0006\37\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
1568) = 1568
read(3, "\24\5\0\0\1\0\0\0\t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
1300) = 1300
getpid() = 7990
getpid() = 7990
select(4, [3], NULL, NULL, {0, 0}) = 0 (Timeout)
write(3, " \6\0\0)\0\0\0006\37\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
1568) = 1568
read(3, "9\5\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
1300) = 1300
read(3, "/var/cache/samba/winbindd_privil"..., 37) = 37
lstat64("/var/cache/samba/winbindd_privileged", {st_mode=S_IFDIR|0750,
st_size=4096, ...}) = 0
lstat64("/var/cache/samba/winbindd_privileged/pipe",
{st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
socket(PF_UNIX, SOCK_STREAM, 0) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
connect(4, {sa_family=AF_UNIX,
path="/var/cache/samba/winbindd_privileged/pipe"}, 110) = 0
close(3) = 0
select(5, [4], NULL, NULL, {0, 0}) = 0 (Timeout)
write(4, " \6\0\0\f\0\0\0006\37\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
1568) = 1568
read(4, "\24\5\0\0\0\0\0\0\5\0\0\200STATUS_BUFFER_OVERFL"..., 1300) = 1300
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x401fa000
write(1, "plaintext password authenticatio"..., 41plaintext password
authentication failed
) = 41
write(1, "error code was STATUS_BUFFER_OVE"..., 94error code was
STATUS_BUFFER_OVERFLOW (0x80000005)
error messsage was: STATUS_BUFFER_OVERFLOW
) = 94
So it looks like something strange happening in winbindd....
Google doesnt tell anything usefull regarding "STATUS_BUFFER_OVERFLOW
(0x80000005)", so i dont think its a common problem.
Did anyone here encounter this problem before?
TIA,
Danny
--
Here we go, don't ya know = http://www.cyberdelia.de
We're the ones that keep it wicked = ea...@cyberdelia.de
Rock n' Roll, all good, mix it up =
That's my ticket = \o/
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Gerald (Jerry) Carter
Hash: SHA1
On Mon, 8 Mar 2004, Daniel Meyer wrote:
> Google doesnt tell anything usefull regarding "STATUS_BUFFER_OVERFLOW
> (0x80000005)", so i dont think its a common problem.
This is the error used to indicate fragemented PDU's. It normal and it
not the source of your problem.
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song" --Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD4DBQFATHp1IR7qMdg1EfYRAnQHAJdAOsrrPk5ygDvysbP6GEYUHU++AKDlHtYU
54+iNLAXAqitOfxuN0ujEg==
=yL0l
-----END PGP SIGNATURE-----
Daniel Meyer
>>Google doesnt tell anything usefull regarding "STATUS_BUFFER_OVERFLOW
>>(0x80000005)", so i dont think its a common problem.
> This is the error used to indicate fragemented PDU's. It normal and it
> not the source of your problem.
Thats strange, because i dont see any other possible source. Where
should i start to look?
net join looks good, and so does wbinfo -u, -g, -m.
wbinfo --authenticate and -t fail with the 0x80000005 error.
Is there more information i could provide?
Danny
Daniel Meyer
^--- Hey thats me :-)
>>> Google doesnt tell anything usefull regarding "STATUS_BUFFER_OVERFLOW
>>> (0x80000005)", so i dont think its a common problem.
>
>
>> This is the error used to indicate fragemented PDU's. It normal and
>> it not the source of your problem.
>
> Thats strange, because i dont see any other possible source. Where
> should i start to look?
>
> net join looks good, and so does wbinfo -u, -g, -m.
>
> wbinfo --authenticate and -t fail with the 0x80000005 error.
>
> Is there more information i could provide?
I did some more tests and this is what i learned:
- I did a similar setup in our lab, also with a w2k server (ads in
mixed mode), a firewall (same type as in the "real world" scenario),
and identical linux/samba setup
- That lab-setup works just fine, so it is not a compilation issue or
errors in the samba.conf
- exactly the same smb.conf/krb5.conf on the "real world" system gives
the same error as before. The only thing i changed is the name of ads,
realm and password-server.
So it looks like either a problem with the firewall between the samba
server and the windows dc, or some problem with the dc itself. I rather
doubt that the problem is on the firewall side, both lab and real world
firewall are the same model, same software, and both have all ip traffic
between samba and dc permitted.
Does anyone have an idea what and where i can check on the windows side?
Its a windows 2000 server, servicepack 4, english installation...
nothing fancy...
Daniel Meyer
> I did some more tests and this is what i learned:
>
> - I did a similar setup in our lab, also with a w2k server (ads in
> mixed mode), a firewall (same type as in the "real world" scenario),
> and identical linux/samba setup
>
> - That lab-setup works just fine, so it is not a compilation issue or
> errors in the samba.conf
>
> - exactly the same smb.conf/krb5.conf on the "real world" system gives
> the same error as before. The only thing i changed is the name of ads,
> realm and password-server.
>
> So it looks like either a problem with the firewall between the samba
> server and the windows dc, or some problem with the dc itself. I rather
> doubt that the problem is on the firewall side, both lab and real world
> firewall are the same model, same software, and both have all ip traffic
> between samba and dc permitted.
>
> Does anyone have an idea what and where i can check on the windows side?
> Its a windows 2000 server, servicepack 4, english installation...
> nothing fancy...
Some more research. Removing the firewall doesnt change anything, so i
dont think the firewall is causing my problem. I re-checked the windows
server, and saw its a SP3 box, my lab-Server had sp4. I'll check again
with an sp3 lab-server.
But so far, i'm still stuck with the following error:
root# net rpc join -U administrator -w DOMAIN -S WINDOWS-DC
Password:
[2004/03/11 16:51:54, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(326)
Error domain join verification (reused connection):
STATUS_BUFFER_OVERFLOW
Unable to join domain DOMAIN.
Joining with "net ads join..." works, but then wbinfo fails again.
bryce
was that i was using gentoo and building things for a pentium4, which
gcc3.2 makes bad binaries for.
So changed everything to build for a pentium3 and the problem was
solved. I don't know if this applies to you, but something to be aware
of none the less.
bryce