Dale Schroeder
2016-Apr-20 18:12 UTC
[Samba] Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
On 04/20/2016 5:22 AM, Mgr. Peter Tuharsky wrote:> Hallo > > The Debian team was unable to keep 4.1.17 patched, so they switched to > 4.2 branch. However, fileserver at this version (4.2.10) is no more able > to communicate with DC at samba 3.5 (unable to authenticate users - got > weird rpc version error in log) > > Please, are there any parameters that could make this work for a while now? > > Sincerely > > PeterPeter, I've been asking the same basic question periodically for the last two weeks and have not gotten any replies that make things work. No one has volunteered that their Samba NT4 domain works with the new versions. You could start by looking at the "Winbindd/Netlogon improvements" section here: https://www.samba.org/samba/history/samba-4.2.0.html None of these parameters made any difference for me, but your luck may be better than mine. Additionally, you will face the challenges brought on by the security fixes. It's not looking good for Samba NT4 domains. Dale
Mgr. Peter Tuharsky
2016-Apr-22 06:23 UTC
[Samba] Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
Thank You, Dale The parameters I understood from documentation did nothing for me too. I see I must upgrade Samba on DC. I'm reluctant since this is always quite delicate thing though, don't want break the whole network... Dňa 20.04.2016 o 20:12 Dale Schroeder napísal(a):> On 04/20/2016 5:22 AM, Mgr. Peter Tuharsky wrote: >> Hallo >> >> The Debian team was unable to keep 4.1.17 patched, so they switched to >> 4.2 branch. However, fileserver at this version (4.2.10) is no more able >> to communicate with DC at samba 3.5 (unable to authenticate users - got >> weird rpc version error in log) >> >> Please, are there any parameters that could make this work for a >> while now? >> >> Sincerely >> >> Peter > > Peter, > > I've been asking the same basic question periodically for the last two > weeks and have not gotten any replies that make things work. No one > has volunteered that their Samba NT4 domain works with the new versions. > > You could start by looking at the "Winbindd/Netlogon improvements" > section here: https://www.samba.org/samba/history/samba-4.2.0.html > > None of these parameters made any difference for me, but your luck may > be better than mine. Additionally, you will face the challenges > brought on by the security fixes. It's not looking good for Samba NT4 > domains. > > Dale
mathias dufresne
2016-Apr-22 08:31 UTC
[Samba] Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
Hi, I thought Samba4 was able to do everything what was doing Samba3. According to that isn't it possible for you to add a new DC into your NT4 domain which runs Samba4? As it is a DC in addition to others DC (those running Samba3) your domain should continue to work as it did for years. You would just get another DC running more recent Samba. I expect that Samba4 as filesrv is able to communicate correctly with Samba4 as NT4 DC. If my suppositions are not wrong, this would solve your strange RPC issue and also give a way to update your NT4 DC which seems an important thing according to that link which seems to show that samba3 is not supported any more. https://wiki.samba.org/index.php/Samba_Release_Planning#General_information 2016-04-22 8:23 GMT+02:00 Mgr. Peter Tuharsky <tuharsky at misbb.sk>:> Thank You, Dale > > The parameters I understood from documentation did nothing for me too. > > I see I must upgrade Samba on DC. I'm reluctant since this is always > quite delicate thing though, don't want break the whole network... > > Dňa 20.04.2016 o 20:12 Dale Schroeder napísal(a): > > On 04/20/2016 5:22 AM, Mgr. Peter Tuharsky wrote: > >> Hallo > >> > >> The Debian team was unable to keep 4.1.17 patched, so they switched to > >> 4.2 branch. However, fileserver at this version (4.2.10) is no more able > >> to communicate with DC at samba 3.5 (unable to authenticate users - got > >> weird rpc version error in log) > >> > >> Please, are there any parameters that could make this work for a > >> while now? > >> > >> Sincerely > >> > >> Peter > > > > Peter, > > > > I've been asking the same basic question periodically for the last two > > weeks and have not gotten any replies that make things work. No one > > has volunteered that their Samba NT4 domain works with the new versions. > > > > You could start by looking at the "Winbindd/Netlogon improvements" > > section here: https://www.samba.org/samba/history/samba-4.2.0.html > > > > None of these parameters made any difference for me, but your luck may > > be better than mine. Additionally, you will face the challenges > > brought on by the security fixes. It's not looking good for Samba NT4 > > domains. > > > > Dale > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Possibly Parallel Threads
- Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
- Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
- [PATCH] Re: Samba 4.1.17 classic update w/LDAP - parsing error
- Fileserver upgraded from 4.1.17 to 4.2 dosen't authenticate users
- Samba + BIND9 DLZ. DNS dosen't resolve FQDN, only short hostname