[Samba] samba 4.4.14 breaks classic domain

Rowland Penny rpenny at samba.org
Wed Jun 21 16:18:24 UTC 2017 

On Wed, 21 Jun 2017 11:55:47 -0400
Gaiseric Vandal via samba <samba at lists.samba.org> wrote:

> I increased the logging to 10 on the problem member server.  Didn't
> see anything of interest.
> 
> I did a packet capture on the PDC while typing " net rpc testjoin"
> from both the problem member server (4.4.14) and a working member
> server (4.4.13)
> 
> e.g
> 
>         SMB:  ----- SMB Header -----
>         SMB:
>         SMB:  CLIENT REQUEST
>         SMB:  Command code = 0x72
>         SMB:  Command name =  SMBnegprot
>         SMB:
>         SMB:  SMB Status:
>         SMB:     - Error class = No error
>         SMB:     - Error code = No error
>         SMB:
>         SMB:  Header:
>         SMB:     - Tree ID      (TID) = 0x0000
>         SMB:     - Process ID   (PID) = 0xfffe
>         SMB:     - User ID      (UID) = 0x0000
>         SMB:     - Multiplex ID (MID) = 0x0000
>         SMB:     - Flags summary = 0x18
>         SMB:     - Flags2 summary = 0xc843
>         SMB:
>         SMB:  ByteCount = 49
>         SMB:  Dialect String = NT LANMAN 1.0
>         SMB:  Dialect String = NT LM 0.12
>         SMB:  Dialect String = SMB 2.002
>         SMB:  Dialect String = SMB 2.???
>         SMB:
> 
> 
> 
> On the working member server, the packet capture included a lot of
> "SMB" traffic.  With the problem server,  all the "SMB" packets were
> empty.
> 
> e.g.
> 
>         SMB:  ----- SMB:   -----
>         SMB:
>         SMB:  ""
>         SMB:
> 
> 
> 
> 
> Both machines are configured for a max protocol of SMB2.  The problem 
> machine is also configured for a  min protocol of SMB2.
> 
> 
> testparm -v
> 
>          client ipc max protocol = default
>          client max protocol = SMB2
>          server max protocol = SMB2
> 
>         client ipc min protocol = SMB2
>          client min protocol = SMB2
>          server min protocol = SMB2
> 
> On the PDC, the log file for IP_ADDRESS_OF_PROBLEM_SERVER shows
> 
> 
>          Non-SMB packet of length 182. Terminating server
> 
> 

I wonder if this has anything to do with the same reason that you have
to set 'server max protocol = NT1' in smb.conf on the PDC if using
Win10 clients, see here for more info:

https://wiki.samba.org/index.php/Required_Settings_for_Samba_NT4_Domains#Windows_10:_There_Are_Currently_No_Logon_Servers_Available_to_Service_the_Logon_Request

Rowland

More information about the samba mailing list