[Samba] No logon servers avaialbe
Rowland Penny
rpenny at samba.org
Thu Aug 25 21:02:38 UTC 2016
On Thu, 25 Aug 2016 14:34:26 -0600
CJ Keist via samba <samba at lists.samba.org> wrote:
> We applied latest MS security patches on our Windows 2008 R2 domain
> controllers. That had unexpected consequence of breaking all our
> Samba servers. They no longer can authenticate with our domain
> controllers. Looking into this we think it has to do with the BADLOCK
> security patch.
>
> We tried installing the latest Samba, version 4.4.5 which is supposed
> to be patched for the BADLOCK, but it is still unable to authenticate
> with AD. Error on windows is "no logon servers found".
>
> So just checking if anyone else has run into this and found a
> solution?
>
> smb.conf:
>
> [global]
> workgroup = ENGR_DOM
> server string = Web Server
> security = DOMAIN
> passdb backend = smbpasswd
> map untrusted to domain = Yes
> log level = 1
> log file = /var/log/samba/logs/log.%m
> name resolve order = host bcast
> unix extensions = No
> keepalive = 0
> max open files = 10000
> socket options = TCP_NODELAY SO_KEEPALIVE
> load printers = No
> dns proxy = No
> lock spin time = 3
> idmap config * : range =
> idmap config * : backend = tdb
> strict locking = No
>
>
See here for setting up an AD domain member:
https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
You will also need to run winbind if you are not already running it.
Rowland
More information about the samba
mailing list