Hello,
I am running a Samba server (samba-3.0.10-1.4E.11) and Squid (squid-2.5.STABLE14-1.4E )on a Redhat Advance server 4 update 5. I have connected this server successfully to a Windows 2003 Active Directory (mixed mode). I have nsswitch.conf, krb5.conf configured and winbind seems to be running properly for the most part. With wbinfo I can get all of my user and group information. Problem is, it seems that at random times, the internet is stop browsing. If I restart the squid and winbind and smb service, then all seems to be well again for a while. Right now the only way I can keep this running is to run a cron job that restartes the samba and winbind and squid services every hour. This is really bugging me as I cannot figure out what is going on. Can anyone help me? I have included some of my configuration and log files below. Thanks in advance.
---------/var/log/squid/cache.log----------
[2009/09/26 12:02:40, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/09/26 12:02:43, 1] libsmb/ntlmssp.c:ntlmssp_update(245)
[global]
workgroup = DOMAIN
netbios name = HOPROXY
realm = DOMAIN.HOME
server string = Linux Samba Server
security = ads
encrypt passwords = Yes
password server = 10.1.5.11
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = False
local master = No
domain master = False
dns proxy = No
wins server = 10..1.5.11
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
client schannel = no
---------/etc/nsswitch.conf-------
passwd: files winbind
group: files winbind
hosts: files dns wins winbind
---------/etc/krb5.conf-----------
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
#ticket_lifetime = 24000
default_realm = DOMAIN.HOME
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
DOMAIN.HOME = {
kdc = 10.1.5.11
admin_server = 10.1.5.11
default_domain = DOMAIN.HOME
}
[domain_realm]
.domain.home = DOMAIN.HOME
domain.home = DOMAIN.HOME
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
-----------/etc/pam.d/system-auth-winbind-------------
#%PAM-1.0
auth required /lib/security/pam_env.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix..so likeauth nullok use_first_pass shadow
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_unix.so
account required /lib/secuirty/pam_winbind.so
password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
Regards,
Ashraf.
Received on Sun Sep 27 2009 - 06:32:36 MDT
This archive was generated by hypermail 2.2.0 : Sun Sep 27 2009 - 12:00:03 MDT