[Samba] net rpc Connection failed: NT_STATUS_INVALID_PARAMETER after samba upgrade
Jelle de Jong
jelledejong at powercraft.nl
Fri Dec 16 13:05:35 UTC 2016
Dear Samba users,
After my samba upgrade I can't fully use my net rpc commands any more
and I would like some help debugging....
2016-12-15 15:10:16 upgrade samba:amd64 2:3.6.6-6+deb7u7 2:3.6.6-6+deb7u10
2016-12-15 15:10:23 upgrade samba-common:all 2:3.6.6-6+deb7u7
2:3.6.6-6+deb7u10
2016-12-15 15:10:41 upgrade samba-common-bin:amd64 2:3.6.6-6+deb7u7
2:3.6.6-6+deb7u10
2016-12-15 15:10:42 upgrade samba-doc:all 2:3.6.6-6+deb7u7 2:3.6.6-6+deb7u10
first I had to add the bellow to make the windows 7 pro clients to work
again:
[global]
os level = 240
client use spnego = no
server signing = auto
client schannel = no
stayce:~# net rpc group members "Domain Users" -S localhost -U
Administrator%<secret>
Could not connect to server localhost
Connection failed: NT_STATUS_INVALID_PARAMETER
stayce:~# smbclient -L localhost -U jelledj%<secret>
session setup failed: NT_STATUS_INVALID_PARAMETER
It looks like some kind of user authorisation block/issue??? But how can
I debug this?
stayce:~# net idmap secret alloc <secret>
The only currently supported backend is LDAP
stayce:~# wbinfo -t
checking the trust secret for domain COMPANY via RPC calls succeeded
stayce:~# wbinfo -p
Ping to winbindd succeeded
stayce:~# net rpc testjoin -S localhost -U Administrator%<secret>
Join to 'COMPANY' is OK
stayce:~# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[documenten]"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = COMPANY
netbios name = SERVER
interfaces = lo, br0
bind interfaces only = Yes
client schannel = No
passdb backend = ldapsam
log file = /var/log/samba/log.%m
time server = Yes
server signing = auto
client use spnego = No
max open files = 17404
load printers = No
printcap name = /dev/null
disable spoolss = Yes
logon script = netlogon.bat
logon path = \\%N\profiles\%U
domain logons = Yes
os level = 240
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = cn=admin,dc=company,dc=nl
ldap delete dn = Yes
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=computers
ldap passwd sync = yes
ldap suffix = dc=company,dc=nl
ldap ssl = no
ldap user suffix = ou=users
usershare max shares = 0
usershare path = /srv/storage/shares
template homedir = /srv/storage/shares/
template shell = /bin/bash
ldapsam:trusted = yes
ldapsam:editposix = yes
idmap config * : range = 10000-30000000
idmap config * : ldap_url = ldap://localhost/
idmap alloc config : ldap_base_dn = ou=idmap,dc=company,dc=nl
idmap alloc config : ldap_user_dn = cn=admin,dc=company,dc=nl
idmap config * : backend = ldap
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[documenten]
path = /srv/storage/shares
read only = No
create mask = 0660
security mask = 0770
directory mask = 0770
directory security mask = 0770
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
store dos attributes = Yes
vfs objects = recycle
recycle:keeptree = Yes
recycle:versions = Yes
recycle:touch_mtime = Yes
[homes]
comment = Home Directories
path = /srv/storage/samba/homes/%U
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
root preexec = /usr/local/bin/samba-mkdir-home %U
[netlogon]
comment = Network Logon Service
path = /srv/storage/samba/netlogon
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
[profiles]
comment = Users profiles
path = /srv/storage/samba/profiles
read only = No
inherit acls = Yes
profile acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
Kind regards,
Jelle de Jong
More information about the samba
mailing list