[Samba] Unable to access shares after upgrade to version 4.17.3

spindles seven spindles7 at gmail.com
Sun Nov 20 23:24:54 UTC 2022

Hi all,

I have a domain-joined fileserver which was running a self-compiled version 4.17.2.   I updated this to version 4.17.3 when it came out – again self-compiled.     When bullseye backports became available for my box’s architecture (armel) I decided to use that valuable resource rather than continue to self-compile.  (Many thanks Michael for providing these releases in Backports – much appreciated).   So I uninstalled the self-compiled version, deleted the folder /usr/local/samba and any .tdb files I could find.


I installed samba version 4.17.3-debian from backports and re-joined the domain, using the same smb.conf.    However I now can’t access the share from any Windows machine – even if I provide valid credentials.   Testing with smbclient produces:


root at goflex:~# smbclient -L localhost -U%


        Sharename       Type      Comment

        ---------       ----      -------

        images          Disk

        IPC$            IPC       IPC Service (Samba 4.17.3-Debian)

SMB1 disabled -- no workgroup available


root at goflex:~# smbclient //goflex/images -U roy

Password for [MICROLYNX\roy]:

session setup failed: NT_STATUS_LOGON_FAILURE


root at goflex:~# smbclient //goflex.microlynx.org/images -U roy

Password for [MICROLYNX\roy]:

session setup failed: NT_STATUS_LOGON_FAILURE


BUT using the IP address of golfex succeeds:

root at goflex:~# smbclient // -U roy

Password for [MICROLYNX\roy]:

Try "help" to get a list of possible commands.

smb: \>


Don’t know whether this is relevant, but the log file: log.wb-GOFLEX reports:

[2022/11/20 22:44:19.851122,  1] ../../source3/rpc_client/cli_pipe.c:550(cli_pipe_validate_current_pdu)

  ../../source3/rpc_client/cli_pipe.c:550: RPC fault code DCERPC_NCA_S_OP_RNG_ERROR received from host goflex!



log.wb-MICROLYNX reports:

[2022/11/20 22:44:09.611781,  1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)

  ldb: Failed to connect to '/var/lib/samba/private/secrets.ldb' with backend 'tdb': Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such file or directory


and indeed there is no such file.


This pointed to a dns issue, so I checked that goflex.microlynx.org has an entry:

root at goflex:~# host -t A goflex

goflex.microlynx.org has address

root at goflex:~# host -t A goflex.microlynx.org

goflex.microlynx.org has address

root at goflex:~# dig goflex.microlynx.org


; <<>> DiG 9.16.33-Debian <<>> goflex.microlynx.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38034

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1



; EDNS: version: 0, flags:; udp: 1232

; COOKIE: aa9b9eee1a385ba201000000637ab570830c55f6a435553b (good)


;goflex.microlynx.org.          IN      A



goflex.microlynx.org.   3600    IN      A


;; Query time: 0 msec


;; WHEN: Sun Nov 20 23:17:04 GMT 2022

;; MSG SIZE  rcvd: 93

root at goflex:~# cat /etc/resolv.conf

search microlynx.org




The other interesting thing is that I can no longer logon via SSH using my Kerberos ticket from my Windows machine.


I’m stumped at this point, so any help will be appreciated,






More information about the samba mailing list