I am attempting to replace an old Samba 3.0.26a file/print server with Samba 3.6.4, in response to CVE-2012-1182. The existing configuration makes extensive use of NIS netgroups for access control. I'm finding that "allow hosts =" restrictions which use hostnames (either directly or by way of netgroups of hostnames) result in access checks always being denied. The log.smbd file contains entries like this: [2012/04/12 17:01:27.421878, 0] lib/access.c:338(allow_access) Denied connection from 163.1.250.222 (163.1.250.222) So it looks like an IP address is being passed into the access check routines where a hostname is expected. I rechecked the documentation and discovered the "hostname lookups" option, but setting that to "yes" hasn't changed the symptoms. The server that I'm trying to do this on is an x86-64 machine running openSUSE 10.3, but I've also reproduced the same problem on Ubuntu 08.04.4.
It's possible the netgroups access control code might have rotted. It's not a widely used configuration. Can you attach a debug level 10 log so we can investigate ? Jeremy.
No feedback, and if I see it correctly, proper netgroup support was removed with 620de975f147ac942 in April 2021. Closing this as WONTFIX.