Bug 11952 - Samba AD member lost domain join after reboot
Samba AD member lost domain join after reboot
Status: RESOLVED FIXED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
4.4.3
All Linux
: P5 normal
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-06-06 15:29 UTC by Alexis
Modified: 2016-06-09 07:06 UTC (History)
1 user (show)

See Also:


Attachments
Config file (1.98 KB, text/plain)
2016-06-06 15:29 UTC, Alexis
no flags Details
Winbind debug (42.06 KB, text/plain)
2016-06-06 15:30 UTC, Alexis
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Alexis 2016-06-06 15:29:49 UTC
Created attachment 12163 [details]
Config file

Hello,

After each reboot, my Samba AD member server lost domain join after reboot, I have to re-enter the server in the domain with the "net ads join -U administrator".

I use version 4.4.3 of samba compiled from sources.
The domain controller is a Samba AD server.

After reboot, when I exectute "net ads testjoin" I have:
kerberos_kinit_password SMB2$@AD.SAMDOM.LOCAL failed: failed Preauthentication
kerberos_kinit_password SMB2$@AD.SAMDOM.LOCAL failed: failed Preauthentication
Join to domain is not valid: Logon failure

And when I execute "wbinfo -t":
checking the trust secret for domain SAMDOM via RPC calls failed
wbcCheckTrustCredentials (SAMDOM): error code Was NT_STATUS_USER_SESSION_DELETED (0xc0000203)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret

Anyone know this problem?
How can I make the domain-join to persist reboots?
Comment 1 Alexis 2016-06-06 15:30:33 UTC
Created attachment 12164 [details]
Winbind debug
Comment 2 Alexis 2016-06-09 07:06:23 UTC
This is a mistake on my part when configuring CTDB.

I have two clustered servers and the netbios name was different between SMB1 and SMB2.
In the documentation of CTDB it is specified that the netbios name must be the same on all nodes.

After edit smb.conf, I have not lost domain-join, even after a reboot.