[Samba] Domain Join Error with samba 4.15.5

Peter Varkoly peter at varkoly.de
Wed Apr 6 09:38:40 UTC 2022 

Hi List,

after upgrading to 4.15.5 samba-ad I got an error by joining the domain: 
"interface unknown error"
All other stuff works fine. After restarting the samba service the 
domain join works for a for a while. But after some time the same error 
occurs.
With earlier version of samba I have not this problem.

Furthermore in the samba log I can see this error periodicaly:
Apr 06 11:30:41 admin smbd[21269]: [2022/04/06 11:30:41.480400,  0] 
../../source3/rpc_server/rpc_server.c:556(dcesrv_auth_gensec_prepare)
Apr 06 11:30:41 admin smbd[21269]:   dcesrv_auth_gensec_prepare: Failed 
to prepare gensec: NT_STATUS_INVALID_SERVER_STATE

Du you have any hints for me?

smb.conf:
[global]
netbios name = admin
realm = <REALM>
workgroup = <WORKGROUP>
dns forwarder = 192.168.1.10
server role = active directory domain controller
idmap_ldb:use rfc2307 = Yes
check password script = 
/usr/share/cranix/tools/check_password_complexity.sh
winbind enum users = Yes
winbind enum groups = Yes
wide links = Yes
unix extensions = No
bind interfaces only = yes
interfaces = 127.0.0.1, 172.16.0.2
ntlm auth = yes
ldap server require strong auth = no
template shell = /bin/bash
printing = CUPS
load printers = no
min protocol = SMB2
hosts deny = 172.16.1.0/24 172.16.13.128/26

[sysvol]
path = /var/lib/samba/sysvol
read only = No


[netlogon]
comment = Network logon
path = /var/lib/samba/sysvol/XXXX/scripts
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh 
netlogon open %U %I %a %m
browseable = No
writable = No
guest ok = Yes

[profiles]
comment = Network profiles
path = /home/profiles/
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh 
profiles open %U %I %a %m
browseable = No
read only = No
force create mode = 0600
force directory mode = 0700
csc policy = disable
store dos attributes = yes
vfs objects = acl_xattr

[homes]
comment = Home Directories
root preexec = /usr/share/cranix/plugins/share_plugin_handler.sh homes 
open %U %I %a %m
root postexec = /usr/share/cranix/plugins/share_plugin_handler.sh homes 
close %U %I %a %m
inherit permissions = Yes
browseable = No
printable = No
read only = No
guest ok = No
valid users = %S

More information about the samba mailing list