nossos clientes do Windows 7/2008 não podem mais acessar nosso servidor samba após a atualização para a versão 3.6.
Isso é no CentOS 6 ( rpm --query centos-release
reports centos-release-6-7.el6.centos.12.3.x86_64
).
Isso é o que eu vejo nos logs do samba:
[2016/04/18 15:11:53.564262, 0] auth/check_samsec.c:492(check_sam_security)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL'
e este é o meu arquivo smb.conf:
#======================= Global Settings =====================================
[global]
# ----------------------- Network Related Options -------------------------
workgroup = WOLFPACK
server string = Wolfpack Samba Server Version %v
interfaces = lo 10.0.0.0/16 129.94.136.0/25 192.168.11.0/24
hosts allow = 127. 10.0. 129.94. 192.168. 149.171.
map untrusted to domain = yes
# --------------------------- Logging Options -----------------------------
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
# ----------------------- Standalone Server Options ------------------------
# security = user
# passdb backend = ldapsam:ldap://XXX.XXX.XXX.XXX:YYY
# ldap suffix = dc=XXX,dc=XXX,dc=XXX,dc=XXX
# ldap suffix =
# ldap user suffix = ou=People
# ldap group suffix = ou=Group
# ldap admin dn = cn=XXX,ou=XXX,dc=XXX,dc=XXX,dc=XXX,dc=XXX
# ldap ssl = no
# ldap passwd sync = no
# ldap delete dn = no
# deadtime = 10
idmap config * : backend = ldap
idmap config * : range = 1000000-1999999
idmap config * : ldap_url = ldap://XXX.XXX.XXX.XXX:YYY
idmap config * : ldap_base_dn = cn=XXX,ou=XXX,dc=XXX,dc=XXX,dc=XXX,dc=XXX
idmap config * : ldap_user_dn = cn=XXX,ou=XXX,dc=XXX,dc=XXX,dc=XXX,dc=XXX
#============================ Share Definitions ==============================
[temp]
comment = PanFS temp vol via smb
path = /directflow/Temp
public = no
valid users = XXXX
writable = yes
browseable = yes
create mask = 0644
force create mode = 0644
directory mask = 0755
force directory mode = 0755
share modes = yes
[runs]
comment = PanFS RUNS vol via smb
path = /directflow/RUNS
public = no
valid users = XXXXX
write list = user1
writable = no
browseable = yes
create mask = 0644
force create mode = 0644
directory mask = 0755
force directory mode = 0755
share modes = yes
[tmp]
comment = Server local tmp via smb
path = /tmp
public = no
valid users = XXXXX
write list = user1
writable = no
browseable = yes
create mask = 0644
force create mode = 0644
directory mask = 0755
force directory mode = 0755
share modes = yes
Isso é o que eu recebo quando executo o comando net getdomainsid
Failed to open /var/lib/samba/private/secrets.tdb
Unable to open secrets.tdb. Can't fetch domain SID for name: XXXX
EDIT: mais informações
pwbcad@r815:~$ pdbedit -L
tdbsam_open: Failed to open/create TDB passwd [/var/lib/samba/private/passdb.tdb]
tdbsam_getsampwnam: failed to open /var/lib/samba/private/passdb.tdb!
User Search failed!
e
$ smbclient -U USER \\localhost\<username>
Enter USER's password:
session setup failed: NT_STATUS_LOGON_FAILURE
executando /usr/bin/smbpasswd -w ldap_pwd
não ajudou
Qualquer sugestão seria muito apreciada