[Samba] access domain via ldap failed

Ryan ryanyang51 at 163.com
Mon Apr 16 01:58:35 UTC 2018 

Hi,
Recently I try to build a domain with samba as the domain controller. It’s the samba 4.8.0. After I’ve built and install it on my Linux, I try to test it via Ldap connection. But it remains me that the server is not operational. I used samba 4.5.16 before, and it works well. Is there any difference between samba 4.8.0 and 4.5.x about samba access or Ldap setting especially.
Here’s my smb.conf:
[global]
        bind interfaces only = Yes
        interfaces = 8.22.145.173 127.0.0.1
        log file = /var/FusionAccess/LiteAD/log.samba
        log level = 2
        max log size = 15000
        netbios name = SAMBATEST2
        realm = TESTSAMBA476.HAUWEI.COM
        server role = active directory domain controller
        workgroup = TESTSAMBA476
        idmap_ldb:use rfc2307 = yes
 
        ldap server require strong auth = no
        load printers = no
        printing = bsd
        printcap name = /dev/null
        disable spoolss = yes
 
[netlogon]
        path = /var/lib/samba/sysvol/testsamba476.hauwei.com/scripts
        read only = No
 
[sysvol]
        path = /var/lib/samba/sysvol
        read only = No
 
And in log.samba I found those when I used ldap to access the domain:
 
[2018/04/11 15:31:18.303677,  0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
  NTLMSSP NTLM2 packet check failed due to invalid signature!
[2018/04/11 15:31:18.303917,  2] ../source4/smbd/process_standard.c:473(standard_terminate)
  standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
[2018/04/11 15:31:18.307704,  2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
  Child 24315 () exited with status 0
[2018/04/11 15:31:18.347855,  0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
  NTLMSSP NTLM2 packet check failed due to invalid signature!
[2018/04/11 15:31:18.348237,  2] ../source4/smbd/process_standard.c:473(standard_terminate)
  standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
[2018/04/11 15:31:18.352456,  2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
  Child 24316 () exited with status 0
 
Thanks
Ryan Yang

More information about the samba mailing list