[Samba] samba and the application of MS patch KB852004 - madness
may follow
mwfolsom at gmail.com
mwfolsom at gmail.com
Wed Apr 22 01:08:11 GMT 2009
Where I work recently (about a week ago) applied the patch KB852004 to
their XP Pro boxes and things in the samba world are now broken.
The setup has been working for quite a while - a Linux box with a samba
3.0.24 server on it to allow WIndows users to access shares on the system.
The only other things about it is that the server does kerberos
authentication and "security = server" so its not really joined to the
domain. Please bear with me here - its not a standard domain and joining to
the domain has been problematic in the past. I am assured and believe the
structure of the domain has not been altered in over a month so things are
pointing to the patch but it seems not to be totally black and white.
Essentially I have one XP Pro box that still can browse/access files on the
server and many others, actually ALL, can't. Both XP boxes show that the
patch is installed. The server is on a separate subnet. By-the-by, the one
XP Pro 64bit system I have works fine against the samba server.
A co-worker used a packet sniffer to watch connections to the server and
here is what he sent me:
From what I see, xxx.x.12.10 (the box that fails) is connecting to samba
server but is getting rejected. The packet is interpreted as
“NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED”. Then the
connection closes. So it doesn't look like a network issue, but rather an
authentication issue. For xxx.x.12.12, which works, the same error message
displays, but then xxx.x.12.12 sends the user name. 12.10 never sends the
user name.
Looking at this issue there is another thread elsewhere:
http://www.vistax64.com/windows-updates/222302-kb952004-breaks-samba-sharing.html
it seems that this is also a problem with vista.
So, my questions -
Is the patch KB852004 really the cause of this problem?
Is there a workaround that I can add to the systems smb.conf file that will
save me from rebuilding dozes of otherwise productive systems?
Thanks -
Mike
More information about the samba
mailing list