[Samba] Use samba in active directory without 445 port

admin stasmus at fortuna99.ru
Fri Oct 30 07:07:54 MDT 2009

Iam have samba 2:3.2.5-4lenny7 installed on debian
I have windows 2008 server configured as Active Directory Domain
In security reason (malicious attack and absence microsft path to save 
system) iam disable 445 tcp port on my windows 2008 server
Therefore users in my domain cant enter to samba file server. In samba 
logs there is error:
[2009/10/30 14:40:11,  1] smbd/sesssetup.c:reply_spnego_kerberos(474)
Username DOMAIN\usr is invalid on this system

When i try shareserv:/var/log/samba# wbinfo -t
Iam see:
checking the trust secret via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
Could not check secret

Iam add this string to smb.conf file
smb ports = 139
But users cant connect to samba.
Strange as it may seem, but users with windows workstation can 
login/logout to any windows share server, even disable 445 port in all 
windows computers (servers/workstation)

How i can work with samba server with disabled 445 port on active 
directore server ?

More information about the samba mailing list