3.5.3 does not build a browse list of other domains
on the subnet. Executing "net view /DOMAIN:mydomain" on the client
produces an error 59 or error 64.
Log-3 during the net view is basically the same between 3.4.5 and 3.5.3,
and I can see both successfully connect, negotiate sign/seal, and
authenticate a guest session with LDAP. After that, the working 3.4.5 log
says:
[2010/05/23 08:33:34, 3] smbd/service.c:1047(make_connection_snum)
CLIENT (x.x.x.x) connect to service IPC$ initially as user nobody
(uid=65534, gid=65534) (pid 2454)
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/reply.c:759(reply_tcon_and_X)
tconX service=IPC$
[2010/05/23 08:33:34, 3] smbd/process.c:1459(process_smb)
Transaction 4 of length 129 (0 toread)
[2010/05/23 08:33:34, 3] smbd/process.c:1273(switch_message)
switch message SMBtrans (pid 2454) conn 0xb9034f58
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/ipc.c:536(handle_trans)
trans <\PIPE\LANMAN> data=0 params=33 setup=0
[2010/05/23 08:33:34, 3] smbd/ipc.c:487(named_pipe)
named pipe command on <LANMAN> name
[2010/05/23 08:33:34, 3] smbd/lanman.c:4694(api_reply)
Got API command 104 of form <WrLehDz> <B16BBDz>
(tdscnt=0,tpscnt=33,mdrcnt=4200,mprcnt=8)
[2010/05/23 08:33:34, 3] smbd/lanman.c:4698(api_reply)
Doing NetServerEnum
[2010/05/23 08:33:34, 3] smbd/lanman.c:1511(api_RNetServerEnum)
NetServerEnum domain = mydomain uLevel=1 counted=1 total=1
[2010/05/23 08:33:34, 3] smbd/process.c:1459(process_smb)
Transaction 5 of length 43 (0 toread)
[2010/05/23 08:33:34, 3] smbd/process.c:1273(switch_message)
switch message SMBulogoffX (pid 2454) conn 0x0
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/reply.c:1948(reply_ulogoffX)
ulogoffX vuid=100
[2010/05/23 08:33:34, 3] smbd/process.c:1459(process_smb)
Transaction 6 of length 39 (0 toread)
[2010/05/23 08:33:34, 3] smbd/process.c:1273(switch_message)
switch message SMBtdis (pid 2454) conn 0xb9034f58
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/service.c:1226(close_cnum)
CLIENT (x.x.x.x) closed connection to service IPC$
[2010/05/23 08:33:34, 3] smbd/connection.c:31(yield_connection)
Yielding connection to IPC$
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:33:34, 3] smbd/connection.c:31(yield_connection)
Yielding connection to
[2010/05/23 08:33:34, 3] smbd/server.c:845(exit_server_common)
Server exit (failed to receive smb request)
where the not-working 3.5.3 says
[2010/05/23 08:25:50.455781, 3] smbd/service.c:1069(make_connection_snum)
CLIENT (x.x.x.x) connect to service IPC$ initially as user nobody
(uid=65534, gid=65534) (pid 2128)
[2010/05/23 08:25:50.455844, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:25:50.455914, 3] smbd/reply.c:846(reply_tcon_and_X)
tconX service=IPC$
[2010/05/23 08:25:50.458037, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:25:50.458221, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:25:50.458326, 3] smbd/service.c:1250(close_cnum)
CLIENT (x.x.x.x) closed connection to service IPC$
[2010/05/23 08:25:50.458394, 3] smbd/connection.c:31(yield_connection)
Yielding connection to IPC$
[2010/05/23 08:25:50.458530, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/05/23 08:25:50.458643, 3] smbd/connection.c:31(yield_connection)
Yielding connection to
[2010/05/23 08:25:50.458869, 3] smbd/server.c:902(exit_server_common)
Server exit (failed to receive smb request)
[2010/05/23 08:25:50.476063, 3] smbd/server.c:259(remove_child_pid)
smbd/server.c:259 Unclean shutdown of pid 2128
[2010/05/23 08:25:50.476423, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
after which it logs a second sign/seal negotiation, authentication, and
failed $IPC connection.
smb.conf is
[global]
unix charset = iso8859-1
workgroup = mydomain
server schannel = Yes
passdb backend = ldapsam:ldap://x.x.x.x
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*all*authentication*tokens*updated*
client NTLMv2 auth = Yes
log level = 1
syslog = 0
log file = /var/log/samba/log.%U
name resolve order = hosts lmhosts wins bcast
time server = Yes
server signing = Yes
deadtime = 30
keepalive = 180
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m "%u" -m
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\[path]
logon drive = z:
logon home = \\%L\[home]
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
kernel oplocks = No
ldap admin dn = "[----]"
ldap machine suffix = ou=machines
ldap passwd sync = yes
ldap suffix = [----]
ldap ssl = no
ldap user suffix = ou=People
eventlog list = syslog, apache2
idmap uid = 10000-15000
idmap gid = 10000-15000
winbind enum users = Yes
winbind enum groups = Yes
hosts allow = 127.0.0.0/16, x.x.x.x/25
hosts deny = all