I ask you to answer about question on my network : Samba PDC 3.0.1 with ACL and LDAP. We have on the network the samba server (nimda01) and some win2k server, all of win2k server are domain member of my Samba PDC. On a win2k server, we have a DCOM application that have sometimes a problem. The problem is : the server don't answer, no shared directory and no DCOM service are available. But five minutes later, all services is available. In samba.log, we can see a SPNEGO connexion problem (SMB_err = 49152). All win2k server are patched to the last microsoft patch (SP4). Is a samba problem, a windows problem, a network problem. ------------- After E-mail discussion, I put a bug in bugzilla
Created attachment 417 [details] smbclient -d10 output
Created attachment 418 [details] A ethereal trace between Samba Server and win2k server (libpcap format)
Some informations about my network : - Samba 3.0.1 PDC LDAP+ACL - All workstation and the PDC have a connection to a WINS server (win2k server)
Exactly what service packs, patches are running on each client and server?
ALL servers and clients which run windows 2000 have Service Pack 4. The latest patche of server with DCOM application is KB82088 (SP5). But all servers and clients are blaster patches protected.
What's mean : [2004/02/25 11:29:10, 10] lib/smbldap.c:smbldap_idle_fn(1091) ldap connection not connected... I ask this question because in win2k event viewer, I have a netlogon message that says "the machine trust account could not be changed because the relay received bad data" BUT (in same log) : [2004/02/25 11:21:59, 10] lib/account_pol.c:account_policy_get(134) account_policy_get: maximum password age:-1 [2004/02/25 11:21:59, 10] lib/account_pol.c:account_policy_get(134) account_policy_get: minimum password age:0 [2004/02/25 11:21:59, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(1028, 221) : sec_ctx_stack_ndx = 1 [2004/02/25 11:21:59, 3] smbd/uid.c:push_conn_ctx(287) push_conn_ctx(675) : conn_ctx_stack_ndx = 0 [2004/02/25 11:21:59, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2004/02/25 11:21:59, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2004/02/25 11:21:59, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2004/02/25 11:21:59, 4] passdb/pdb_ldap.c:ldapsam_update_sam_account(1370) ldapsam_update_sam_account: user corfin01$ to be modified has dn: uid=corfin01$,ou=machines,dc=corman,dc=be [2004/02/25 11:21:59, 2] passdb/pdb_ldap.c:init_ldap_from_sam(769) init_ldap_from_sam: Setting entry for user: corfin01$ [2004/02/25 11:21:59, 2] passdb/pdb_ldap.c:ldapsam_update_sam_account(1403) ldapsam_update_sam_account: successfully modified uid = corfin01$ in the LDAP database
You can close the BUG. I updated to samba 3.0.2a and the system work fine.
Closed per request. (I should have looked at the version number earlier, this is a typical case of the 3.0.1 NTLMSSP bug)
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.