I've been an open source tech support engineer for many years so I may have missed something.. Perhaps made a newbie mistake. The configuration is the standard samba4 ADDC. I will put all the relevant details at the end of the bug, version, etc ,etc. The problem was discovered by accident. The windows machine was joined successfully and then after reboot an engineer had a typo in the domain and used mydommain.com\username to login and it worked. SO I checked for typos in the config and in /var/lib/samba no typo.. Further testing allowed us to login with ANY domain of choice and as long as the user and password were correct we were logged into the domain. Looking in the users directory it's correct and says C:\Users\user.MYDOMAIN.COM and not C:\Users\user.MYDOMMAIN.COM The domain is mydomain.com but if I login with whateveriwant.com\myuser The log shows this: [2016/04/12 12:52:40.010628, 3] ../libcli/auth/schannel_state_tdb.c:181(schannel_fetch_session_key_tdb) schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/XP2 [2016/04/12 12:52:40.010983, 3] ../libcli/auth/schannel_state_tdb.c:112(schannel_store_session_key_tdb) schannel_store_session_key_tdb: stored schannel info with key SECRETS/SCHANNEL/XP2 [2016/04/12 12:52:40.011053, 3] ../source4/auth/ntlm/auth.c:270(auth_check_password_send) auth_check_password_send: Checking password for unmapped user [whateveriwant.com]\[myuser]@[XP2] auth_check_password_send: mapped user is: [MYDOMAIN]\[myuser]@[XP2] [2016/04/12 12:52:40.871872, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection) Terminating connection - 'wbsrv: wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2016/04/12 12:52:40.871953, 3] ../source4/smbd/process_single.c:114(single_terminate) single_terminate: reason[wbsrv: wbsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2016/04/12 12:52:41.157053, 3] ../lib/ldb-samba/ldb_wrap.c:320(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2016/04/12 12:52:41.157456, 3] ../libcli/auth/schannel_state_tdb.c:181(schannel_fetch_session_key_tdb) schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/MGMTVM [2016/04/12 12:52:41.158356, 3] ../source4/rpc_server/dcerpc_server.c:963(dcesrv_request) Warning: 60 extra bytes in incoming RPC request [2016/04/12 12:52:41.158441, 3] ../libcli/auth/schannel_state_tdb.c:181(schannel_fetch_session_key_tdb) schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/MGMTVM [2016/04/12 12:52:41.158495, 3] ../libcli/auth/schannel_state_tdb.c:112(schannel_store_session_key_tdb) schannel_store_session_key_tdb: stored schannel info with key SECRETS/SCHANNEL/MGMTVM [2016/04/12 12:52:41.158548, 3] ../source4/auth/ntlm/auth.c:270(auth_check_password_send) And the user is logged in.. /etc/samba/smb.conf [global] workgroup = MYDOMAIN log level = 3 realm = MYDOMAIN.COM netbios name = PDC server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate allow dns updates = nonsecure and secure dns forwarder = 172.18.50.35 client use spnego = yes client ntlmv2 auth = yes printing = CUPS printcap name = /dev/null vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes winbind refresh tickets = yes winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes idmap * : backend = tbd idmap config * : range = 300000-400000 idmap config MYDOMAIN : range = 300000-400000 root@pdc:~# dpkg --list | grep samba ii python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 Python bindings for Samba ii samba 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 SMB/CIFS file, print, and login server for Unix ii samba-common 2:4.1.6+dfsg-1ubuntu2.14.04.13 all common files used by both the Samba server and client ii samba-common-bin 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 Samba common files used by both the server and the client ii samba-doc 2:4.1.6+dfsg-1ubuntu2.14.04.13 all Samba documentation ii samba-dsdb-modules 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 Samba Directory Services Database ii samba-libs:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 Samba core libraries ii samba-vfs-modules 2:4.1.6+dfsg-1ubuntu2.14.04.13 amd64 Samba Virtual FileSystem plugins root@pdc:~# cat /etc/debian_version jessie/sid
Thankfully we just fixed this. Marking as a duplicate of the bug tagged on the commits. Thanks! *** This bug has been marked as a duplicate of bug 12709 ***