The Samba-Bugzilla – Bug 9014
Domain join problem (Samba PDC, Samba client)
Last modified: 2012-06-28 22:00:46 UTC
I am unable to upgrade from Samba-3.3.15 to a recent version (Samba-3.6.6) because of this bug (feature?).
Here's what works:
Samba-PDC (version 3.6.5 on Linux CentOS 5.8 X86_64), LDAP backend
Samba-client (version 3.3.15 on Linux CentOS 5.8 X86_64) with 'security=DOMAIN, password server = fooserver, encrypt passwords = yes
[root@foobar]# net rpc join
Enter root's password:
Joined domain FOOBAR
Authentication and access to shares works and everything works great.
Here's where the problem comes:
1) Upgrade client to Samba-3.6.6
2) try do access shares on the client gets the error 'session setup failed: NT_STATUS_LOGON_FAILURE'
On the PDC, I have these errors:
Jun 28 11:10:47 licenses smbd: [2012/06/28 11:10:47.938942, 0] rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3)
Jun 28 11:10:47 licenses smbd: _netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client FOOBAR machine account FOOBAR$
Is there a new configuration directive that I'm missing? Or is this a bug?
Oops, here's what was missing:
map untrusted to domain = yes
Sorry to disturb this list! Please close this ticket.