Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-2637: Samba messages about "Could not receive trustdoms"

12 April,16 at 11:10 AM

There is a recurring error every 5 minutes in /var/log/samba/log.winbindd:
winbindd/winbindd_util.c:289(trustdom_recv) Could not receive trustdoms
There is no additional info on these messages - What do they mean?
Samba scans for trusted domains in 3 places in the code:
1) The first scan asks a DC in its local domain to enumerate the trusts within the forest - this should succeed.
2) The second scan requires samba to contact a DC in the root of the local forest and ask about other forest trusts. This may fail if access to the root domain of the forest is blocked by a firewall.
3) If the second scan succeeds, then the third scan is a series of scans where samba attempts to contact a DC in the root of trusted forests to enumerate the domains they trust (transitive forest trusts). Some or all of these forests may be firewalled.
Check to see if a firewall is blocking any of these scenarios. 
Note that this is a level 1 log, so it will show up under normal conditions:
DEBUG(1, ("Could not receive trustdoms\n"));
There is an undocumented smb.conf parameter that tells samba to stop attempting trust lookups based on the NTLM domain name
winbind:ignore domains = NTLMDom1 NTLMDom2...
Examples of it being used:
(All links are provided as courtesy)

Centrify Corporation does not take any responsibility for the content or availability of this link and it was provided as a courtesy.  Customers should contact the vendor if there are any further questions