[Samba] Samba 3 PDC > 3.3.4 broken with Win 7 RTM

Ken Bass kbass at kenbass.com
Fri Aug 7 18:34:34 MDT 2009


I just installed Win 7 RTM (Release to Manufacturing), not RC nor Beta.

After searching the archives I modified the required registry settings 
listed in other emails. I upgraded my Samba from the stock Centos 5.3 
version to 3.3.7. Joining the domain worked, but I was unable to log in. 
I would get a 'Trust relationship denied' type error when trying to log 
in as a user of the domain. Everything works with XP/Vista.

I downgraded to 3.3.4 and it worked. I do not know if bug 6099 which 
says it was rolled into version 3.3.5 and  relates to Microsoft/Samba 
interoperability actually broke stuff with the RTM or what.

The error message from 3.3.7 I noticed with debug logging was:

[2009/08/07 19:05:40,  0] 
rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(555)
  _netr_ServerAuthenticate2: netlogon_creds_server_check failed. 
Rejecting auth request from client XX-PC machine account XX-PC$
      netr_ServerAuthenticate2: struct netr_ServerAuthenticate2
          out: struct netr_ServerAuthenticate2
              return_credentials       : *
                  return_credentials: struct netr_Credential
                      data                     : 0000000000000000
              negotiate_flags          : *
                  negotiate_flags          : 0x400041ff (1073758719)
                         1: NETLOGON_NEG_ACCOUNT_LOCKOUT
                         1: NETLOGON_NEG_PERSISTENT_SAMREPL
                         1: NETLOGON_NEG_ARCFOUR   
                         1: NETLOGON_NEG_PROMOTION_COUNT
                         1: NETLOGON_NEG_CHANGELOG_BDC
                         1: NETLOGON_NEG_FULL_SYNC_REPL
                         1: NETLOGON_NEG_MULTIPLE_SIDS
                         1: NETLOGON_NEG_REDO
                         1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
                         0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
                         0: NETLOGON_NEG_GENERIC_PASSTHROUGH
                         0: NETLOGON_NEG_CONCURRENT_RPC
                         0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
                         0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
                         1: NETLOGON_NEG_128BIT    
                         0: NETLOGON_NEG_TRANSITIVE_TRUSTS
                         0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS
                         0: NETLOGON_NEG_PASSWORD_SET2
                         0: NETLOGON_NEG_GETDOMAININFO
                         0: NETLOGON_NEG_CROSS_FOREST_TRUSTS
                         0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
                         0: NETLOGON_NEG_RODC_PASSTHROUGH
                         0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
                         1: NETLOGON_NEG_SCHANNEL  
              result                   : NT_STATUS_ACCESS_DENIED


More information about the samba mailing list