[Samba] Need help for SMBv2-connection with windows clients

Bombadil bombadil_00 at web.de
Thu Jun 16 14:29:23 UTC 2022

> Maybe, a misunderstanding, I never claimed to have switch off the
> RPC-
> server. Windows clients are complaining that they are not finding the
> rpc server. From Linux clients 'net rpc info' gives proper results.
> That there are some unusual or default options set in smb.conf are
> partly because of my desperate attempt to figure out, what is going
> wrong. I removed now the following lines:
> disable netbios = no
> allow dns updates = nonsecure
> nsupdate command = /usr/local/bin/nsupdate -g
> wins support = yes
> name resolve order = wins lmhosts bcast
> dns forwarder =
> (the latter just for testing to assure that the NS on dc1 is not
> communicating with the dnsmasq-NS.)
> But this does change anything in the attempt to communicate from a
> Windows client to the Samba AD with SMBv2. And that there is some
> communication I can see with tcpdump on 'dc1', where there is always
> a
> SMBnegprot-request from 'wincli' to 'dc1' and then some potentially
> encrypted answer from dc1. But apparently at some point the
> communication stops prematurely.
> Any clues, what can be wrong in the dns setup, when hostname lookups
> and reverse lookups give the results as expected?
>  Helmut

After I reinspected all the log-files, I detected an error/warning in
the winbind.log, which seem to be there for a while, but I did not
really pay attention to it:

tdb_mutex_open_ok[/var/db/samba4/gencache.tdb]: Mutex size changed from
81920 to 40960

After repairing gencache.tdb with a tdbdump & tdbrestore, SMBv2 now

So, apparently the main reason was not caused by DNS-issues, but a
improper gencache.tdb (not obvious from the warnings). 

Still, the changes I did, following Rowland's hints, were certainly
also improving the communication with the DC. 

More information about the samba mailing list