If in smb.conf max protocol = SMB2 workstation winth windows7 not logon onto smb server. my smb.conf begin [global] dos charset = UTF-8 display charset = UTF-8 workgroup = ZHIVKORM realm = ZHIVKORM.KKZ server string = File server security = ADS client NTLMv2 auth = Yes log level = 3 log file = /var/log/samba/%m max log size = 50 max protocol = SMB2 printcap name = cups idmap uid = 600-20000 idmap gid = 600-20000 template shell = /bin/bash winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes admin users = "@enterprise admins" printing = cups [documents] comment = Документы path = /mnt/doc/document valid users = @document, "@enterprise admins" admin users = "@enterprise admins" read only = No acl group control = Yes inherit permissions = Yes inherit acls = Yes inherit owner = Yes map acl inherit = Yes vfs objects = recycle, full_audit recycle:repository = /mnt/doc/recycle/%S recycle:keeptree = Yes recycle:touch = Yes recycle:touch_mtime = Yes recycle:version = Yes recycle:maxsize = 0 recycle:exclude = *.TMP *.tmp $*.wbk *.mp3 *.avi *.vob *.mkv *.ogg *.flac *.mpeg *.mp4 *.mov *.flv *.ts *.BUP *.IFO recycle:exludedir = Temp temp tmp cache AUDIO_TS VIDEO_TS recycle:versions = Yes recycle:noversions = *.doc *.xls *.ppt recycle:minsize = 1 full_audit:prefix = %U|%I|%S --> full_audit:success = unlink rmdir mkdir write rename aio_write pwrite chmod fchmod chown fchown ftruncate lock symlink mknod full_audit:failure = unlink rmdir mkdir write rename aio_write pwrite chmod fchmod chown fchown ftruncate lock symlink mknod full_audit:facility = local5 full_audit:priority = notice my smb.conf end log file (__ffff_192.168.0.118) [2010/09/13 09:48:27.766107, 3] smbd/oplock.c:888(init_oplocks) init_oplocks: initializing messages. [2010/09/13 09:48:27.766540, 3] smbd/oplock_linux.c:224(linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/09/13 09:48:27.767004, 3] smbd/process.c:1637(process_smb) Transaction 0 of length 159 (0 toread) [2010/09/13 09:48:27.767168, 3] smbd/process.c:1443(switch_message) switch message SMBnegprot (pid 1664) conn 0x0 [2010/09/13 09:48:27.767305, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.767480, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [PC NETWORK PROGRAM 1.0] [2010/09/13 09:48:27.767608, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [LANMAN1.0] [2010/09/13 09:48:27.767725, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [Windows for Workgroups 3.1a] [2010/09/13 09:48:27.767842, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [LM1.2X002] [2010/09/13 09:48:27.767958, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [LANMAN2.1] [2010/09/13 09:48:27.768074, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [NT LM 0.12] [2010/09/13 09:48:27.768189, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [SMB 2.002] [2010/09/13 09:48:27.768305, 3] smbd/negprot.c:592(reply_negprot) Requested protocol [SMB 2.???] [2010/09/13 09:48:27.768905, 3] smbd/negprot.c:698(reply_negprot) Selected protocol SMB 2.002 [2010/09/13 09:48:27.847992, 3] libads/authdata.c:303(decode_pac_data) Found account name from PAC: Admin [Сергей П. Дичко] [2010/09/13 09:48:27.848091, 3] smbd/smb2_sesssetup.c:213(smbd_smb2_session_setup_krb5) smb2: Ticket name is [Admin@ZHIVKORM.KKZ] [2010/09/13 09:48:27.848839, 3] passdb/lookup_sid.c:1631(get_primary_group_sid) Forcing Primary Group to 'Domain Users' for ZHIVKORM+admin [2010/09/13 09:48:27.849734, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.849791, 3] smbd/uid.c:427(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2010/09/13 09:48:27.849835, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.850301, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.850386, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1107] [2010/09/13 09:48:27.850445, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-513] [2010/09/13 09:48:27.850496, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1209] [2010/09/13 09:48:27.850546, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-5632] [2010/09/13 09:48:27.850597, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1238] [2010/09/13 09:48:27.850647, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-512] [2010/09/13 09:48:27.850698, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1226] [2010/09/13 09:48:27.850748, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1436] [2010/09/13 09:48:27.850799, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-5635] [2010/09/13 09:48:27.850849, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-519] [2010/09/13 09:48:27.850899, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1299] [2010/09/13 09:48:27.850964, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1237] [2010/09/13 09:48:27.851016, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1282] [2010/09/13 09:48:27.851067, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1216] [2010/09/13 09:48:27.851117, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1301] [2010/09/13 09:48:27.851197, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2128167781-3057499955-364366599-1311] [2010/09/13 09:48:27.851258, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2010/09/13 09:48:27.851304, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-11] [2010/09/13 09:48:27.852027, 3] smbd/password.c:234(register_homes_share) Adding homes service for user 'ZHIVKORM+admin' using home directory: '/home/ZHIVKORM/admin' [2010/09/13 09:48:27.853646, 3] smbd/service.c:802(make_connection_snum) Connect path is '/tmp' for service [IPC$] [2010/09/13 09:48:27.853856, 3] smbd/vfs.c:97(vfs_init_default) Initialising default vfs hooks [2010/09/13 09:48:27.853999, 3] smbd/vfs.c:123(vfs_init_custom) Initialising custom vfs hooks from [/[Default VFS]/] [2010/09/13 09:48:27.854312, 3] lib/util_sid.c:283(string_to_sid) string_to_sid: SID @enterprise admins is not in a valid format [2010/09/13 09:48:27.855080, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.855245, 3] smbd/uid.c:427(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2010/09/13 09:48:27.855365, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.855532, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.856724, 2] smbd/uid.c:171(check_user_ok) check_user_ok: user ZHIVKORM+admin is an admin user. Setting uid as 0 [2010/09/13 09:48:27.856862, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.857014, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.857175, 3] smbd/service.c:1052(make_connection_snum) __ffff_192.168.0.118 (::ffff:192.168.0.118) connect to service IPC$ initially as user ZHIVKORM+admin (uid=0, gid=10005) (pid 1664) [2010/09/13 09:48:27.858249, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.859582, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.860736, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.861790, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.862038, 3] rpc_server/srv_pipe.c:1219(api_pipe_bind_req) api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\srvsvc [2010/09/13 09:48:27.862173, 3] rpc_server/srv_pipe.c:729(check_bind_req) check_bind_req for \srvsvc [2010/09/13 09:48:27.862299, 3] rpc_server/srv_pipe.c:736(check_bind_req) check_bind_req: \PIPE\srvsvc -> \PIPE\srvsvc [2010/09/13 09:48:27.863337, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.863527, 3] rpc_server/srv_pipe_hnd.c:116(free_pipe_context) free_pipe_context: destroying talloc pool of size 28 [2010/09/13 09:48:27.864505, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.864716, 3] rpc_server/srv_pipe.c:1779(api_rpcTNP) api_rpcTNP: rpc command: SRVSVC_NETSHAREENUMALL [2010/09/13 09:48:27.864923, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 10005) : sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.865056, 3] smbd/uid.c:427(push_conn_ctx) push_conn_ctx(46502) : conn_ctx_stack_ndx = 0 [2010/09/13 09:48:27.865175, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2010/09/13 09:48:27.865331, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:27.866677, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:39.165774, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 10005) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:39.165879, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:39.165937, 3] smbd/service.c:1240(close_cnum) __ffff_192.168.0.118 (::ffff:192.168.0.118) closed connection to service IPC$ [2010/09/13 09:48:39.165979, 3] smbd/connection.c:32(yield_connection) Yielding connection to IPC$ [2010/09/13 09:48:39.166038, 3] smbd/connection.c:44(yield_connection) deleting connection record returned NT_STATUS_NOT_FOUND [2010/09/13 09:48:39.166105, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:39.167711, 2] smbd/smb2_server.c:2096(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2010/09/13 09:48:39.167791, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/09/13 09:48:39.167973, 3] smbd/server_exit.c:147(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) I was guarded with a line "string_to_sid: SID @enterprise admins is not in a valid format", becouse group "enterprise admins" in smb.conf is double quoted!
can you try the syntax @"group name" ?
closing: lack of support, also 3.6 is out of support and did have known smb2 fleas