[Samba] Trouble resolving some group membership after upgrade from 4.8 to 4.10

Rowland penny rpenny at samba.org
Mon Mar 9 08:46:36 UTC 2020

On 08/03/2020 22:14, Matt Magoffin via samba wrote:
> Hello,
> I had been running Samba 4.8 for a few years without any problems, and then upgraded to 4.10. Since then I’ve been having problems with some accounts connecting, while some connect fine still. I haven’t been able to figure out why. My server is a relatively simple standalone server, using the LDAP password backend.
AKA a Samba nt4-style PDC, or the next thing to it.
> [global]
> log level = 10 auth:10 winbind:10
> workgroup = MSQR
> server string = Samba Server Version %v
> netbios name = X24
> domain master = yes
> wins support = yes
> host msdfs = no
> security = user
> map to guest = Bad User
> vfs objects = acl_xattr zfsacl catia fruit streams_xattr
> map acl inherit = yes
> server min protocol = SMB2
Try setting the above to 'NT1'
> ntlm auth = no
You could also try setting 'ntlm auth' to yes
> I’m at a loss now on what might be wrong, or what else to try to troubleshoot the issue. Any ideas/help would be much appreciated.

You are still using old ways of doing things, things that rely on SMBv1 
and this is going away. You have two ways of dealing with this, either 
stick with an old version of Samba (along with any security problems 
entailed in doing so), or upgrade to Samba AD.


More information about the samba mailing list