Help required: security update to 4.3.8-ubuntu broke domain connection

[Stefan Metzmacher]

Hi Peter,

I guess you're not using winbindd.

Then it's very likely the same as
https://bugzilla.samba.org/show_bug.cgi?id=11858

I'm working on fixes for this and related problems.

Maybe
https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=a03e38e13214128c119b106fbeb72051adae4b89
is enough to fix this specific problem.

metze

Am 20.04.2016 um 12:25 schrieb Kielbasiewicz, Peter:
> This weeks security update broke our samba sharing and I have no clue how to solve it.
> Our customized smb.conf doesn't work anymore and the new default config does not list anything for samba servers being just AD clients
> We don't use printing through samba nor do we have any passwords with samba.
> We use a users.map though to map domain users to our local linux accounts.
> 
> We used to use the smb.conf shown below but after the update we get error messages
>   domain_client_validate: Domain password server not available.
> 
> What should be adapted to get samba working again?
> 
> [global]
>   debug level = 0
>   syslog      = 0
>   oplocks        = False
>   level2 oplocks = False
>   kernel oplocks = false
>    workgroup = companyAD
>    security = DOMAIN
>    password server = *
>    encrypt passwords = yes
>    browse list = no
>    browseable  = no
>    wins server = d....001
>   local master = no
>   log file = /var/log/samba/log.%m
>    max log size = 50
>    lock directory = /var/lock/samba/locks
>    guest account = smbguest
>    map to guest  = Never
>    username map = /etc/samba/users.map
>    create mask = 0644
>    force directory mode = 0775
>    directory mask = 0775
>    dead time = 240
>    dos filetime resolution = true
>    server string = Linux Samba %v
>    printing      = bsd
>    printcap name = /dev/null
> unix extensions = no
>   include = /etc/samba/shares.conf
> 
> --
> With kind regards,
> 
> Peter Kielbasiewicz
> Business Process Engineer
> IT4R&D | Philips IT Infrastructure
> 
> Philips Medizin Systeme Böblingen GmbH, Hewlett-Packard-Strasse 2, 71034 Boeblingen, Germany
> Tel: +49 (0)7031/463-1893, Fax: +49 (0)7031/463-1175
> Email: peter.kielbasiewicz at philips.com<mailto:peter.kielbasiewicz at philips.com>
> www.philips.com/healthcare<http://www.philips.com/healthcare>
> 
> Geschäftsführer: Dr. Werner Haas (Sprecher), Dieter Haase, Klaus Baumann
> Sitz der Gesellschaft: Böblingen | Registergericht Stuttgart, HRB 245187
> 
> 
> ________________________________
> The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160420/0d0659d7/signature.sig>