The Samba-Bugzilla – Bug 7873
ntlmssp & spnego sign & seal fails against samba member in AD running winbindd
Last modified: 2014-07-25 09:14:31 UTC
+++ This bug was initially created as a clone of Bug #7568 +++
to reproduce: simply run RPC-BIND smbtorture test against a 3.5.4 member server in w2k8r2 domain with winbindd.
The original bug is marked resolved fixed, I can't re-open it, so clone a new bug here:
we have re-tested the NTLM signing patch recently, it seems that the bug is not
the repro steps are as follows:
1) net ads join
2) from a unix workstation run smbclient and logon as an AD user xyz
3) From a Windows XP run smbclient and logon as the same user
* it has to be an NTLM authentication, so we use the IP address instead of the
In the log we see the following message:
[2010/11/09 10:06:17.748568, 5] libsmb/smb_signing.c:90(smb_signing_good)
smb_signing_good: signing negotiated but not required and peer
isn't sending correct signatures. Turning off.
Windows XP does not like this so it breaks the connection and tries again
Eventually either Samba gets on track or it does not and the XP machine gives
log_samba.zip is an example showing the smbclient succeeding and XP failing
logfile-windows.zip it the network trace corresponding to this log file.
smbserver.zip is another example of a network trace where initially the
signing is failing but eventually fixes itself.
Does this still happen with 3.5.9?
Weikuan: is this still an issue for you with recent samba releases?
I'm not sure, I have switched into another industry and no
environment to test it now..
2014-07-25 4:04 GMT+08:00 <firstname.lastname@example.org>:
> --- Comment #4 from Björn Jacke <email@example.com> 2014-07-24 20:04:55 UTC ---
> Weikuan: is this still an issue for you with recent samba releases?
> Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
> ------- You are receiving this mail because: -------
> You reported the bug.
okay, I assume this is working with the fixes that went upstream in the meantime. Thanks for your feedback!