[Samba] Ubuntu 14.04 samba update

Jeff Sadowski jeff.sadowski at gmail.com
Wed Apr 20 14:05:16 UTC 2016 

I was looking at https://www.samba.org/samba/latest_news.html#4.4.2

and added

 server signing = mandatory
 ntlm auth = no

to smb.conf but that seems to have made it worse. Before adding that I was
still able to do wbinfo -g and get a group listing

Is there settings to set it back to the untrusted way before the security
updates that happened?
I'd like to set it up properly but I need to be able to get things working
for now.


On Wed, Apr 20, 2016 at 7:51 AM, Jeff Sadowski <jeff.sadowski at gmail.com>
wrote:

> When ubuntu 14.04 went from samba 4.1.6 to 4.3.8 it killed my setup.
> Before the change I was able to run wbinfo -u and get a list of users. Now
> when I run wbinfo -u it returns nothing. I tried dis-joining and rejoining
> the domain with no luck,
>
> Here is my complete smb.conf
> [global]
> security = ads
> realm = SUBDOMAIN.DOMAIN.TOP
> workgroup = SUBDOMAIN
> idmap config * : backend = tdb
> idmap config * : range = 2000-7999
> idmap config SUBDOMAIN:backend = ad
> idmap config SUBDOMAIN:schema_mode = rfc2307
> idmap config SUBDOMAIN:range = 8000-9999999
> winbind nss info = rfc2307
> winbind use default domain = yes
>
> Here is my script to connect to the domain. I call it net_join.sh
>
> echo Enter a Machine Name
> read machine
> echo $machine > /etc/hostname
> hostname `cat /etc/hostname`
> echo Enter a Domain Admin Account ex:Administrator
> read admin
> OSNAME="`lsb_release -a|grep "^Distributor ID:"|cut -d: -f2|awk '{print
> $1}'` joined `date "+%F"`"
> OSVERSION="`lsb_release -a|grep "^Release:"|cut -d: -f2|awk '{print $1}'`"
> net ads join -U $admin osName="${OSNAME}" osVersion="${OSVERSION}"
>
> Here is my script to leave the domain. I call it net_leave.sh
>
> read admin
> net ads leave -U $admin
>
> Here is my script to clear the winbind cache with a change from samba to
> smb when samba changed. I call it winbind_clear.sh
>
> service winbind stop
> service smbd stop
> #service samba stop
> net cache flush
> rm -f /var/lib/samba/*.tdb
> rm -f /var/lib/samba/group_mapping.ldb
> sleep 1
> #service samba start
> service smbd start
> service winbind start
>
> Can anyone point me to why my setup has stopped working? Or maybe some
> steps I can take to learn why it is failing. Do I need to add something for
> debugging?
> I also tried upgrading to the beta version of Ubuntu 16.04 to see if I
> could get it working with it, no luck.
>

More information about the samba mailing list