[Samba] Need help for SMBv2-connection with windows clients

[Bombadil]

> 
> Maybe, a misunderstanding, I never claimed to have switch off the
> RPC-
> server. Windows clients are complaining that they are not finding the
> rpc server. From Linux clients 'net rpc info' gives proper results.
> 
> That there are some unusual or default options set in smb.conf are
> partly because of my desperate attempt to figure out, what is going
> wrong. I removed now the following lines:
> disable netbios = no
> allow dns updates = nonsecure
> nsupdate command = /usr/local/bin/nsupdate -g
> wins support = yes
> name resolve order = wins lmhosts bcast
> dns forwarder = 10.0.2.2
> 
> (the latter just for testing to assure that the NS on dc1 is not
> communicating with the dnsmasq-NS.)
> 
> But this does change anything in the attempt to communicate from a
> Windows client to the Samba AD with SMBv2. And that there is some
> communication I can see with tcpdump on 'dc1', where there is always
> a
> SMBnegprot-request from 'wincli' to 'dc1' and then some potentially
> encrypted answer from dc1. But apparently at some point the
> communication stops prematurely.
> 
> Any clues, what can be wrong in the dns setup, when hostname lookups
> and reverse lookups give the results as expected?
> 
>  Helmut
> 

After I reinspected all the log-files, I detected an error/warning in
the winbind.log, which seem to be there for a while, but I did not
really pay attention to it:

.tdb(/var/db/samba4/gencache.tdb):
tdb_mutex_open_ok[/var/db/samba4/gencache.tdb]: Mutex size changed from
81920 to 40960

After repairing gencache.tdb with a tdbdump & tdbrestore, SMBv2 now
works!

So, apparently the main reason was not caused by DNS-issues, but a
improper gencache.tdb (not obvious from the warnings). 

Still, the changes I did, following Rowland's hints, were certainly
also improving the communication with the DC.