Bug 12303 - ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[xxx]
Summary: ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[xxx]
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.4.5
Hardware: x64 Linux
: P5 major (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-09-30 12:39 UTC by (dead mail address)
Modified: 2017-01-04 19:19 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description (dead mail address) 2016-09-30 12:39:04 UTC
Hi,

I'm running Sernet Samba 4.4.5 in a CTDB clustered fileserver setup, NT style domain. At random dates (it's usually noticed in the morning as users log in), users can suddenly not connect to network shares.

Attempting to make an authenticated connection to the fileservers (either via CTDB IP or direct) using "smbclient -L" or "smbclient //server/share" also fails with NT_STATUS_INVALID_PARAMETER. smbclient -L strangely works fine as guest.

Domain Controllers are all Centos 6 with either Sernet Samba 3.6.22 or 3.6.25.

Logs on the file servers show many instances of these lines:

/var/log/samba/172.17.44.83:  ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[foo] domain=[DOM] workstation=[DK-L]
/var/log/samba/172.17.44.83:[2016/09/29 09:54:35.158127,  1] ../auth/ntlmssp/ntlmssp_server.c:950(ntlmssp_server_postauth)
/var/log/samba/172.17.44.83:  ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[foo] domain=[DOM] workstation=[DK-L]
/var/log/samba/172.17.51.57:[2016/09/19 10:38:27.684713,  1] ../auth/ntlmssp/ntlmssp_server.c:948(ntlmssp_server_postauth)
/var/log/samba/172.17.51.57:  ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[DK-E$] domain=[DOM] workstation=[DK-E]
/var/log/samba/172.17.51.57:[2016/09/19 10:38:27.754462,  1] ../auth/ntlmssp/ntlmssp_server.c:948(ntlmssp_server_postauth)
/var/log/samba/172.17.51.57:  ntlmssp_server_postauth: invalid NTLMSSP_MIC for user=[DK-E$] domain=[DOM] workstation=[DK-E]

I don't believe this to be CTDB related as another Samba user has reported this in a non-CTDB setup. He also runs 4.4.x file servers with 3.6.x DCs.
Comment 1 (dead mail address) 2017-01-04 19:19:40 UTC
Seems to be resolved in 4.4.7/4.5.1