From 3.0.23rc1 back to 3.0.21c, no access to shares till reboot of
the client
Thomas Bork
tombork at web.de
Wed May 31 21:25:11 GMT 2006
Hi @all,
I wrote in the thread "[Samba] 3.0.23rc1 - Failed to setup
RT_SIGNAL_NOTIFY handler]" in the samba mailing list:
_______________________________________________________________________
Switched back to 3.0.21c. Ouch, access to shares is not granted anymore
:(
The client is confused and thinks the samba server is an domain controller!:
Auf \\Deveis\public kann nicht zugegriffen werden. Sie haben eventuell
keine Berechtigung, diese Netzwerkressource zu verwenden. Wenden Sie
sich an den Administrator des Servers, um herauszufinden, ob Sie über
Berechtigungen verfügen.
Die Konfigurationsinformationen konnten vom Domänencontroller nicht
gelesen werden. Mit dem Computer kann keine Verbindung hergestellt
werden oder der Zugriff wurde verweigert.
(Configuration informations cannot read from domain controller. No
connection to the computer or access denied.)
Are there any incompatible changes in the informations in secrets.tdb or
other tdb's?
Background:
With 3.0.21c my samba was *sometimes* a domain controller for testing
purposes. At the time 3.0.23rc1 was installed, samba was a normal
standalone server and the client was not part of a domain.
If installing the older 3.0.21c with 'Server role: ROLE_STANDALONE' the
client XP SP2 cannot access the shares anymore with the above message.
I checked this 2 times now. I have to stop samba, delete all tdb's,
start samba and restart the client - then I can access the shares
without any other changes...
_______________________________________________________________________
This is with passdb backend smbpasswd. The client wasn't rebooted while
downgrading from 3.0.23rc1 to 3.0.21c.
I talked with Volker Lendecke about this problem. He stated, this is
probably because 3.0.23rc1 is setting an new NTLMSSP flag and after
switching to 3.0.21c without this flag the client means, the lower
security level is not correct and blocks the access to samba.
If this is the case, wouldn't it be a good idea to note this in the
release notes, because if there are any problems with 3.0.23 many users
will be downgrading without rebooting their clients and this could lead
to many questions in the samba mailing list?
Or maybe the new NTLMSSP flag should only be set if samba acts as an
primary domain controller (the error message shows the client thinks
samba is an domain controller)?
I have a samba log with debug level 10, an ethereal trace and a strace
log of smbd from 3.0.21c from starting samba and trying to access it
from the XP SP2 client. Interested in?
der tom
More information about the samba-technical
mailing list