When upgrading from 3.0.4 SuSE rpms to 3.0.5rc1 I found that all daemons started correctly, but all domain authentication failed. I am running a samba server as a member server against a Windows 2000 mixed mode domain. 'getent group' did return a correct list of all the groups, so there was at least some level of connectivity (it was not cached because nscd was stopped). I tried to rejoin the domain, but joining the domain failed. When I reverted back to 3.0.4, I joined the domain with no trouble. My config is as below: [global] workgroup = FOO server string = Samba Server security = DOMAIN map to guest = Bad User obey pam restrictions = Yes restrict anonymous = 2 log level = 8 time server = Yes socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY os level = 2 local master = No domain master = No ldap ssl = no host msdfs = Yes idmap uid = 10000-20000 idmap gid = 10000-20000 template shell = /bin/bash winbind use default domain = No admin users = '@Foo\Domain Admins' veto files = /*.eml/*.nws/riched20.dll/*.{*}/
Created attachment 565 [details] Winbindd log
For the 3.0.5rc1 attempt to join the domain, could you add a debug level 10 log? The output of 'net rpc join -U user%pass -d 10' might help, along with a network trace. Thanks, Volker
Created attachment 567 [details] output of 'net join -U username%password -d 10
Created attachment 568 [details] Ethereal capture for net join Here is the capture as requested. After trying a few times, it locked the account out, so it must be trying to authenticate, but failing
This looks very like you mis-typed the password for "tempadmin". Could you try to log in to a share on the DC with smbclient, for example smbclient //genetix01/netlogon -U tempadmin -W genetix Volker
Hi Volker, I have just checked by bash history to make sure, but the command line executed was: net rpc join -U tempadmin%tempadmin -d 10 I executed that same command twice, once with 3.0.5rc1, then stopped services, installed 3.0.4 rpms, then executed the same command from my history again and it worked correctly. Therefore I cannot have mistyped the passord. Don't worry I have disabled tempadmin account since ;-). When I have a chance later (the server is in use) I can upgrade it again and execute the command you specified, if you still wish.
BTW, I tested the command below on 3.0.4 and it works, so the password must be correct! smbclient //genetix01/netlogon -U tempadmin%tempadmin -W genetix
originally against 3.0.5rc1pre1 (which became 3.0.6rc1 due to security release)) Please retest against 3.0.11 and reopen if still an issue.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.