[Samba] NT_STATUS_INVALID_DOMAIN_STATE "The domain was in the wrong state to perform the security operation."
L. van Belle
belle at samba.org
Fri May 6 13:06:26 UTC 2022
You have to add more info.
Server os (Centos7) and samba version. (?????)
Clients os (Windows XX) and samba version (???? ) work.
Macos clients (samba ??? ) does not work.
and which program/how are you authenticating
but looks like someone is authenticating over SMB1/NTLM1
In samba servers and clients, set in smb.conf
min protocol = SMB2
optional other things to look at are.
# needed on the AD-DC that do the authorisation.
ntlm auth = mschapv2-and-ntlmv2-only
# but also needed on clients that are authentication.
ntlm_auth = "/path/to/ntlm_auth --allow-mschapv2
I hope I descripted that right.. :-/
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba Namens Philip Pavelin via samba
> Verzonden: vrijdag 6 mei 2022 13:16
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] NT_STATUS_INVALID_DOMAIN_STATE “The domain
> was in the wrong state to perform the security operation.”
>
> Hi,
>
>
> We have a CentOS7 samba server that stopped working recently for some
> users, but only when connecting from MacOS clients (Windows seems fine).
>
>
> Amongst the various logfies, this seems to be the common factor:
>
>
> NT_STATUS_INVALID_DOMAIN_STATE “The domain was in the wrong
> state to
> perform the security operation.”
>
>
> smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
> status[NT_STATUS_INVALID_DOMAIN_STATE] || at
> ../../source3/smbd/smb2_sesssetup.c:146
>
>
> NTLM CRAP authentication for user [xxxx]\[xxxxxxx] returned
> NT_STATUS_INVALID_DOMAIN_STATE
>
>
> Any pointers? Not an expert on samba!
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list