[Samba] winbindd authentication fails with NT_STATUS_RPC_SEC_PKG_ERROR intermittently

Rowland Penny rpenny at samba.org
Sun Jul 2 21:01:54 UTC 2023

On 02/07/2023 20:40, Bharath Bheemarasetti via samba wrote:
> On further investigation, the error that shows up in packet capture is that
> the DC is returning [Fault: nca_s_fault_sec_pkg_error] for the
> NetrLogonSamLogonEx call. There are no error logs (or any logs) regarding
> the netlogon call failure in the netlogon logs even after enabling debug
> logs in the DC. One more interesting thing is restarting the netlogon.exe
> service on the DC also fixes the issue temporarily similar to restarting
> the smb service
> Is it possible that something is going stale in the winbindd memory/cache
> that is getting fixed on these restarts? If yes, how do I go about
> debugging that as it is not apparent from the logs?
> P.S: We have different setups and the frequency of this error is
> different in all of them. Also, there is another setup with Samba 4.7 on
> Ubuntu 18.04 and everything works fine there.

Sorry, but I think you are going to have to give us a bit more info.

What are the DC's ?
Why are you using NTLMv2 ? what is it required for ?

Did you add idmap config lines for the '<workgroup>' domain ?
Is it possible you are also using sssd or something similar ?

I think you need to describe your setup in a lot more detail.

I personally think you may be doing something in way that is been 
superseded by other methods, for instance, you normally only use 
ntlm_auth for external programs, Samba no longer requires or uses it.


More information about the samba mailing list