[Samba] problems after upgrade from 3.3.2 to 3.4.0

Dale Schroeder dale at BriannasSaladDressing.com
Thu May 27 13:14:16 MDT 2010


On 05/26/2010 9:00 PM, Thomas Gutzler wrote:
> On 27/05/2010 4:19 AM, Harry Jede wrote:
>    
>> On Mittwoch, 26. Mai 2010 wrote Thomas Gutzler:
>>      
>>> On 26/05/2010 4:44 PM, Christian PERRIER wrote:
>>>        
>>>> Quoting Thomas Gutzler (thomas.gutzler at gmail.com):
>>>>          
>>>>> After upgrading one of my samba servers from ubuntu jaunty (3.3.2)
>>>>> to karmic (3.4.0) I cannot access the shares any more.
>>>>>            
>>>>          
>> Or my favorite upgrade path:
>> # testparm -v -s /dev/null>  smb.conf.default-$(smbd -V|cut -f2 -d' ')
>> Run this before and after upgrading samba
>>
>> To get a small host specific file without the services:
>> # testparm -s --section-name=global>  smb.conf.$HOSTNAME-$(smbd -V|
>> cut -f2 -d' ')
>>      
> It's a bit late to run it before the upgrade now but I found another
> machine running jaunty (enjoy), so I installed samba and ran testparm
> with the smb.conf from the updated machine (fintlewoodlewix). Here's the
> diff between the two defaults (without the line numbers):
> # diff smb.conf.default-3.3.2 smb.conf.default-3.4.0
> <        netbios name = ENJOY
>    
>>        netbios name = FINTLEWOODLEWIX
>>      
> <        server string = Samba 3.3.2
>    
>>        server string = Samba 3.4.0
>>      
> <        config backend = file
> <        passdb backend = smbpasswd
>    
>>        passdb backend = tdbsam
>>      
> <        use kerberos keytab = No
>    
>>        dedicated keytab file =
>>        kerberos method = default
>>        map untrusted to domain = No
>>      
I recall you saying that you had accounted for the default passdb 
backend change in 3.4.0.
That leaves the authentications changes as the other big difference with 
3.4.0.
I don't recall you saying whether or not KRIKKIT is in the domain.  If 
KRIKKIT is not in the domain, try setting

         map untrusted to domain = Yes

on the box that is giving you problems.

Dale

> <        max open files = 10000
>    
>>        max open files = 16384
>>      
> <        config file =
> <        lock directory =
>    
>>        lock directory = /var/run/samba
>>        state directory = /var/lib/samba
>>        cache directory = /var/cache/samba
>>        perfcount module =
>>        access based share enum = No
>>        browsable = Yes
>>      
> <        include =
>
> And the host specific ones. The only thing I changed there was to get
> rid of the PAM stuff and change the password server from name to IP.
> # diff smb.conf.enjoy-3.3.2 smb.conf.fintlewoodlewix-3.4.0
> <        obey pam restrictions = Yes
> <        password server = io
>    
>>        password server = 130.95.136.177
>>      
> <        passdb backend = tdbsam
> <        pam password change = Yes
>
>
> I also deleted all .tdb files in /var/lib/samba, the machine account on
> the PDC and rejoined the domain but authentication still doesn't work.
> Neither does the mapping to guest for invalid users.
>
> While I had samba running on the jaunty machine, I joined it to the
> domain and tried if I could connect to it using the same machine and
> credentials as before; and I could. Even the guest account seems to work
> alright with no change in the configuration other than the path in the
> share.
>
> I might follow Christians suggestion and upgrade to 10.04 unless there
> are any other suggestions. Maybe a second upgrade fixes it.
>
> Tom
>    


More information about the samba mailing list