[Samba] NTLMSSP NTLM2 packet check failed due to invalid signature

Patrik Laszlo (patrikx3) alabard at gmail.com
Fri Jul 14 18:24:05 UTC 2017 

Ciao!

How are you?
I guess, things changed. I was in Stretch, now in Buster, always in TESTING repo.
But, I had a script, that deleted caches, everything, it worked for months.
Now I changed my domain from patrikx3.tk to patrikx3.com and stopped.
I can join to the domain if only use the first interface (I need 2 now).
But the first error was the error is “” instead of “ac.patrikx3.com”, which is cryptic.

Then, I can use LDAP awesome via my clients and everything, but my windows do not understand that I am on the domain, although I can login and authenticate, but still I get this error on Samba like:
The server is not operational.

The last one is:
NTLMSSP NTLM2 packet check failed due to invalid signature!

Do you guys what it could be? No idea. I tried tons of settings, always the same.

Besides, all was generated by the samba provision tool.

My samba config:
[global]
        netbios name = SERVER
        realm = AC.PATRIKX3.COM
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc
#       server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
        workgroup = PATRIKX3
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
#       bind interfaces only=yes
# for join, use this
#       interfaces=lo enp1s0 127.0.0.1 192.168.78.20
        allow insecure wide links = yes
# need for old samba 3 - like the router
        unix extensions = no
        local master = yes
        preferred master = yes
        template shell = /bin/bash
        template homedir = /home/%U
        log level = 3

[netlogon]
        path = /var/lib/samba/sysvol/ac.patrikx3.com/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[media]
        path = /media
        read only = no
        guest ok = no
        force group = media
        writable = yes

[mounts]
        path = /mnt
        read only = no
        guest ok = no
        force group = mount
        writable = yes

[router-logs]
        path = /var/log-router
        read only = yes
        guest ok = yes
        writable = no
        browseable = yes
#       valid users = router
        force user = root
        

Sent from Mail for Windows 10

More information about the samba mailing list