[Samba] samba security updates broke NT4 DC setup

Dirk Kleinhesselink dkleinh at phy.ucsf.edu
Tue Apr 19 23:46:00 UTC 2016

I've been running a NT4-style domain with a samba 3.x PDC using a
LDAP back end and it's mostly worked very will for a long time.
However since yesterday, clients are having problems with the domain.  I 
saw that updates came out on all my systems - my PDC and BDC are ubuntu 
12.04 LTS.  The samba version there still seems to be 3.6x.  A client with 
a problem that was working is Ubuntu 14.04 LTS and no longer can 
authenticate against the PDC.  I removed it from the domain and tried to 
rejoin, but it now believes I am trying to join it  to an AD domain and 
complains the realm has not been specified, do I really want to join an 
Active Directory server?  If I continue and enter my login - I am a Domain 
Admin, I get back: smb_signing_good: BAD SIG: seq 1
Failed to join domain: failed to lookup DC info for domain ... over
rpc: Access denied

smbclient -L ... to the DC works and indicates it it samba
version 3.6.25 and I can access shares.  The ubuntu 14.04 client installed 
samba 4.3.8 packages with the last security update Monday, I believe.

I'll post configuration files if requested - any help is greatly 
appreciated.  Thank you.

More information about the samba mailing list