Samba upgrade to 3.6.25-0ubuntu0.12.04.2 break domain authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (CentOS) |
Fix Released
|
Undecided
|
|||
samba (Debian) |
Fix Released
|
Unknown
|
|||
samba (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Hi,
Problem : The last samba upgrade broke my ldap authentification for windows 7 client.
Upgrade : samba 2:3.6.3-2ubuntu2 -> samba 2:3.6.25-
Config : Ubuntu serveur, 12.04 with Samba 3 + ldap
Win 7 errors : "The trust relationship between this workstation and the primary domain failed"
windows client can't join the domain
Linux client can authentificate themselves without problems.
Does anyone have similar problems ?
Thanks
cat /var/log/
[2016/04/19 08:40:30.050073, 2] smbd/sesssetup.
[2016/04/19 08:40:30.051311, 2] smbd/sesssetup.
[2016/04/19 08:40:30.051511, 2] lib/smbldap.
[2016/04/19 08:40:30.059872, 2] rpc_server/
[2016/04/19 08:40:30.060329, 2] passdb/
[2016/04/19 08:40:30.069236, 2] passdb/
[2016/04/19 08:40:30.069747, 2] passdb/
[2016/04/19 08:40:30.070223, 2] ../libcli/
[2016/04/19 08:40:30.070271, 0] rpc_server/
[2016/04/19 08:40:30.072638, 2] rpc_server/
Returning domain sid for domain ENSASE -> S-1-5-21-
[2016/04/19 08:40:30.073005, 2] passdb/
[2016/04/19 08:40:30.073580, 2] passdb/
[2016/04/19 08:40:30.076775, 1] rpc_server/
CVE References
Changed in samba (Debian): | |
status: | Unknown → New |
tags: | added: regression-update |
Changed in samba (Debian): | |
status: | New → Fix Released |
Changed in samba (CentOS): | |
importance: | Unknown → Undecided |
status: | Unknown → Fix Released |
Description of problem:
When updating to the latest samba updates:
latest samba updates:
===
=== yum reports available updates:
===
libsmbclient.i386 3.0.33-3.41.el5_11 updates winbind. i386 3.6.23-12.el5_11 updates
samba3x.i386 3.6.23-12.el5_11 updates
samba3x-client.i386 3.6.23-12.el5_11 updates
samba3x-common.i386 3.6.23-12.el5_11 updates
samba3x-
ALL prior required updates have been performed prior to these.
This also comes after a Windows update. However, 2 PCs, one Win7 the other Windows 10, joined the domain and were able to login prior to the update. However, after the update neither Windows 7 or Windows 10 clients can log into the SME 8.2 Server as there is a NT_STATUS_ TRUSTED_ RELATIONSHIP_ FAILURE during attempted login.
I've removed the client by force from the domain and added them back onto the domain and still I get this same error.
Rebooted the server and client PCs and still the same error.
I even performed a yum downgrade to remove these updates and I still see the same trust relationship failure error.
Version-Release number of selected component (if applicable):
All
How reproducible:
replicated on EVERY PC accessing the domain
Steps to Reproduce:
1.reboot
2.login
3.error given = TRUST RELATIONSHIP FAILURE
Actual results:
TRUST RELATIONSHIP FAILURE
Expected results:
Log into domain
Additional info: netlogon/ srv_netlog_ nt.c:976( _netr_ServerAut henticate3) henticate3: netlogon_ creds_server_ check failed. Rejecting auth request from client PC3 machine account PC3$
in the Messages file I see the following format for multiple users:
Apr 13 09:49:12 icarus smbd[12805]: [2016/04/13 09:49:12.254867, 0] rpc_server/
Apr 13 09:49:12 icarus smbd[12805]: _netr_ServerAut
and still continues for each user logged into the domain