The Samba-Bugzilla – Bug 9866
Windows Vista is not able to join to the domain if "samba4" is not provided as "auth method"
Last modified: 2013-05-07 19:10:00 UTC
Created attachment 8862 [details]
Contents of /etc/samba/smb.conf
When using Samba 4.0.5 with s3fs, if I set for example "auth methods = guest sam_ignoredomain", Vista is not able to join the domain (it gives a "the parameter is not correct" error). With Windows 7 this works without problem.
The reason why I need to define the auth methods is because otherwise anonymous access to guest shares does not work, but that's probably a different issue and I will file a separate bug for that.
We have conducted additional investigations but we are unsure how
relevant they are and to which extent they would be helpful here.
For example, we have checked that Vista is trying to use SMB2_02
protocol version while Windows 7 is using a higher version. Forcing the
protocol version to SMB2_02 with max protocol parametric option in
smb.conf resulted in Windows 7 still able to join but still not Vista.
You can find attached my smb.conf file (it was autogenerated by Zentyal but don't think that's relevant for this issue). I would be glad to help providing any other info that you may need.
The manpage indicates:
This should be considered a developer option and used only
in rare circumstances. In the majority (if not all) of production servers, the default setting should be adequate.
Do not set this option.
You should also not set 'server role check inhibit = yes', and refer to Zentyl for support if they insist on setting this option (yes, nmbd is not supported for use with the AD DC, no matter how much it might seem to work).