[Samba] Error with winbind following Windows updates
Rory Campbell-Lange
rory at campbell-lange.net
Tue Jan 17 06:07:04 MST 2012
The issue appears to be in relation to Windows security update MS11-095
http://support.microsoft.com/kb/2621146 which has affected Active
Directory. More information about the update is available here:
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28500
On 17/01/12, Rory Campbell-Lange (rory at campbell-lange.net) wrote:
> Hi. We've just installed Windows updates on our Windows 2003 Domain
> Controllers, and have the following issues on our storage server, which
> is running Debian stable 2:3.5.6~dfsg-3squeeze5
>
> Jan 17 10:27:51 xxx smbd[2426]: [2012/01/17 10:27:51.286853, 0] lib/util_sock.c:680(write_data)
> Jan 17 10:27:51 xxx smbd[2426]: [2012/01/17 10:27:51.286915, 0] lib/util_sock.c:1441(get_peer_addr_internal)
> Jan 17 10:27:51 xxx smbd[2426]: getpeername failed. Error was Transport endpoint is not connected
> Jan 17 10:27:51 xxx smbd[2426]: write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer
>
> We consequently cannot authenticate from the Domain Controllers.
>
> We have the following settings in the header of our smb file:
>
> security = ads
> workgroup = XXXredactedXXX
> realm = XXXredactedXXX.LOCAL
> password server = XXX-dc1.haluk.local, XXX-dc2.haluk.local
> encrypt passwords = yes
> update encrypted = yes
> server string = XXXstorage
> netbios name = XXXstorage
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
> winbind offline logon = yes
> enhanced browsing = no
> template shell = /bin/false
> veto files = /TheVolumeSettingsFolder/, /Temporary Items/, /*DS_Store*/, /*AppleDB/, /*AppleDesktop/, /*AppleDouble/, /Network Trash Folder/, /*Trashes/, /*TemporaryItems/, /*FBCLockFolder/, /*FBCIndex/
> delete veto files = yes
> create mask = 0775
> directory mask = 2775
> invalid users = root
> panic action = /usr/share/samba/panic-action %d
> log file = /var/log/samba/log.%m
> socket options = TCP_NODELAY
> printing = cups
> inherit acls = yes
> inherit permissions = yes
> map acl inherit = yes
> nt acl support = yes
> ea support = yes
> smb ports = 139 445
>
> Assistance gratefully received.
>
> --
> Rory Campbell-Lange
> rory at campbell-lange.net
>
> Campbell-Lange Workshop
> www.campbell-lange.net
> 0207 6311 555
> 3 Tottenham Street London W1T 2AF
> Registered in England No. 04551928
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
Rory Campbell-Lange
rory at campbell-lange.net
Campbell-Lange Workshop
www.campbell-lange.net
0207 6311 555
3 Tottenham Street London W1T 2AF
Registered in England No. 04551928
More information about the samba
mailing list