[Samba] samba and the application of MS patch KB852004 - madness may follow

mwfolsom at gmail.com mwfolsom at gmail.com
Wed Apr 22 01:08:11 GMT 2009

Where I work recently (about a week ago) applied the patch KB852004 to  
their XP Pro boxes and things in the samba world are now broken.

The setup has been working for quite a while - a Linux box with a samba  
3.0.24 server on it to allow WIndows users to access shares on the system.

The only other things about it is that the server does kerberos  
authentication and "security = server" so its not really joined to the  
domain. Please bear with me here - its not a standard domain and joining to  
the domain has been problematic in the past. I am assured and believe the  
structure of the domain has not been altered in over a month so things are  
pointing to the patch but it seems not to be totally black and white.  
Essentially I have one XP Pro box that still can browse/access files on the  
server and many others, actually ALL, can't. Both XP boxes show that the  
patch is installed. The server is on a separate subnet. By-the-by, the one  
XP Pro 64bit system I have works fine against the samba server.

A co-worker used a packet sniffer to watch connections to the server and  
here is what he sent me:

 From what I see, xxx.x.12.10 (the box that fails) is connecting to samba  
server but is getting rejected. The packet is interpreted as  
connection closes. So it doesn't look like a network issue, but rather an  
authentication issue. For xxx.x.12.12, which works, the same error message  
displays, but then xxx.x.12.12 sends the user name. 12.10 never sends the  
user name.

Looking at this issue there is another thread elsewhere:

it seems that this is also a problem with vista.

So, my questions -

Is the patch KB852004 really the cause of this problem?

Is there a workaround that I can add to the systems smb.conf file that will  
save me from rebuilding dozes of otherwise productive systems?

Thanks -


More information about the samba mailing list