[Samba] Moving from samba-3.6.23-25.el6_7.x86_64 to samba-3.6.23-30.el6_7 has broken access to our MAC OS X clients

Robert Smith rwsmith at bislink.net
Thu Apr 21 01:32:00 UTC 2016

This issue is not limited to just MAC OS X clients. I walked into the 
office the other morning (the morning after the update was released) and 
none of my MS Windows Terminal Servers could login to the domain (an 
Samba NT Domain).  None ( 0 out of 10 of 2003 and 2008 Servers). Nor 
could I issues the command: # net server domain -U <username> which is 
my normal sanity check on the Samba DC.

This update as released from the upstream provider (in my case I am a 
CentOS shop and the upstream is Redhat) included several security 
patches at once. On April 12 on the Release Announcements for the 
patches were

"These are Security Releases in order to address CVE-2015-5370 
<https://www.samba.org/samba/security/CVE-2015-5370.html>, CVE-2016-2110 
<https://www.samba.org/samba/security/CVE-2016-2110.html>, CVE-2016-2111 
<https://www.samba.org/samba/security/CVE-2016-2111.html>, CVE-2016-2112 
<https://www.samba.org/samba/security/CVE-2016-2112.html>, CVE-2016-2113 
<https://www.samba.org/samba/security/CVE-2016-2113.html>, CVE-2016-2114 
<https://www.samba.org/samba/security/CVE-2016-2114.html>, CVE-2016-2115 
<https://www.samba.org/samba/security/CVE-2016-2115.html> and 
CVE-2016-2118 <https://www.samba.org/samba/security/CVE-2016-2118.html>. 
" See samba.org for more detail.

I unfortunately do not have the time at this point to troubleshoot and 
provide debug logs so I just reverted back to samba-3.6.23-25.el6_7 and 
everything is working as expected (i put a yumlock on Samba to prevent 
upgrades until a new upstream release is provided).

My recommendation is to skip this release and revert back to 3.6.23_25 
(you should find the 3.6.23_25 release in the Updates repository) and 
wait until the next release comes out.



More information about the samba mailing list