[Samba] Old, reliable samba 3.5 and Active directory suddenly not reliable
Robert M. Martel - CSU
r.martel at csuohio.edu
Mon Oct 22 09:48:31 MDT 2012
something to add.
Had one of the Solaris 9 machines just stop working. I stopped samba
and restarted it, found the following in smblog.smbd
[2012/10/22 11:37:00.299787, 0] libads/sasl.c:823(ads_sasl_spnego_bind)
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
I removed the machine from Active Directory and immediately re-added it
- I did NOT run kinit to get new credentials. started Samba and the
machine works fine...for now.
On 10/22/2012 11:29 AM, Robert M. Martel - CSU wrote:
> Greetings,
> I have an elderly installation of Samba 3.5.8 running on 10 Sparc
> servers (and 3.5.12 on Solaris 9 servers with the same issue) set up as
> Active Directory member servers. Since we've laid-off everyone else
> around here I have not had the opportunity to update the Samba
> installation - and have not needed to as it has been very solid.
> Suddenly last Friday the Samba servers started having authentication
> problems for the active directory users. Users were unable to map
> drives, looking at files on the server I was seeing UID numbers rather
> that the user's login ID for the files. Stopping and restarting Samba
> did not help.
> I took the machines out of Active Directory, and then re-added them -
> which they did without a problem. After restarting Samba all was well,
> for awhile.
> This morning some folks that had left themselves looked in over the
> weekend were okay, but others could not map their drives. interactive
> logins for AD users did not work. I again left and rejoined the AD
> domain and all was well for a bit, then I had to repeat the cycle.
> I do not maintain or have access to the Active Directory servers or
> configuration. The central IT people claim that they have not made any
> changes to the AD servers...but they don't always tell me the whole truth.
> I am building Samba 3.5.18 right now in the hope that it will make a
> difference.
> I've never had a problem like this since first "playing" with Samba and
> Active directory more than 5 years ago - and certainly no issue like
> this since putting it into production.
Robert M. Martel I met someone who looks a lot like you
System Administrator She does the things you do
Levin College of Urban Affairs But she is an IBM
Cleveland State University -Jeff Lynne
(216) 687-2214
r.martel at csuohio.edu
More information about the samba
mailing list