System: w2003 SP1, samba 3.0.14a-r2 (even tried 3.0.20b)
Kernel: 2.6.12-gentoo-r4 SMP
Mode: ADS
Auth: nss_ldap, kerberos
The Problem: After a while the clients loosing their connection to the
samba server and it's shares. After the connection is lost there is a
clean cut: no further information is written to a machine log if trying
to access a share on the samba server. So the problem has to be on
windows side. Until the connection is gone forever the machine log has
many entries like this:
[2005/11/07 12:53:54, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username DOMAIN+MACHINE$ is invalid on this system
I know this error since I am using the combination of kerb, nss_ldap and
samba as an ad member but never had problems accessing shares on sambas.
Because of using nss_ldap, there is no entry for winbind in my
nsswitch.conf and nss_winbind doesn't extend the machines and usernames
as DOMAIN+{USER,MACHINE$}.
Are there any known issues related to hotfixes on windows? On w2003 it's
definitely impossible browsing my samba shares, just refusing the
connection without logging it anywhere. Neither under linux nor under
windows, like if never happened.
If windows sends DOMAIN\USER (or interpreted by winbind like
DOMAIN+USER), how can I tell samba to extend the users and machines the
same using nss_ldap?
Thanks in advance for any help
- markus
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
