[Samba] Failed to prepare gensec: NT_STATUS_INVALID_SERVER_STATE
Stefan Bellon
bellon at axivion.com
Wed Mar 31 11:03:19 UTC 2021
On Wed, 31 Mar, Andrew Bartlett via samba wrote:
> On Wed, 2021-03-31 at 09:06 +0200, Stefan Bellon via samba wrote:
> > I have the feeling this is directly connected to sysvol
> > permissions.
>
> That would be incredibly unlikely. This is about failing to setup the
> Kerberos code that accepts incoming tickets, so it could fail if the
> DC things it is not a DC or can't find the secrets.ldb entry etc.
I'm fully open to suggestions and ideas on how to debug this further.
I can only tell you my observation, that after I do a "sysvolreset" and
do not touch the sysvol at all, neither from GNU/Linux side nor from
Windows side, then the log.smbd is completely free of those messages.
As soon as I edit a group policy on the windows side, the messages
appear in the log and also sysvolcheck reports issues.
Are the permissions that I showed in my last email correct? Is it
expected that on the GNU/Linux side the uid and gid of those folders is
something in the 3000000 range? Or is it expected that those belong to
root:root below sysvol?
Greetings,
Stefan
--
Stefan Bellon
More information about the samba
mailing list