Hi, Due to "Red Hat Vulnerability Response: BADLOCK", an automatic samba package RHEL5 update was apply on our system. This broke "The trust relationship between this workstation and the primary domain failed" (error message logon client) in my environnement production. So, I use now 3.6.23-12.el5_11, I see they are new directive for smb.conf and some others more restrict by default. My question (even if I bypass security Badlock): it's possible to get the right functionnal fallback directive smb.conf without downgrade samba version? All computers clients are windows7 (up2date) and we use samba with openldap. Thank you and sorry for my english. PS: we are planning a samba 4 installation as soon as possible. -- AC-GUYANE <mailto:Johan.Glenac at ac-guyane.fr> *Johan GLENAC* *DSI* Administrateur Système, Réseaux et Télécom *TROUBIRAN :* Route de Baduel - BP 6011 97306 Cayenne *Tél. :* +594 (0) 594 27 22 08 *Fax :* +594 (0) 594 27 22 20 Rectorat - Académie de la Guyane www.ac-guyane.fr <http://www.ac-guyane.fr>
Alberto Moreno
2016-Apr-14 20:13 UTC
[Samba] BADLOCK - samba 3.6.23 and Trust relationship
I will follow this, I have the same issue, I had to downgrade...centos 5.11 latest. On Thu, Apr 14, 2016 at 8:52 AM, Johan GLENAC <johan.glenac at ac-guyane.fr> wrote:> Hi, > > Due to "Red Hat Vulnerability Response: BADLOCK", an automatic samba > package RHEL5 update was apply on our system. > This broke "The trust relationship between this workstation and the > primary domain failed" (error message logon client) in my environnement > production. > > So, I use now 3.6.23-12.el5_11, I see they are new directive for smb.conf > and some others more restrict by default. > > My question (even if I bypass security Badlock): it's possible to get the > right functionnal fallback directive smb.conf without downgrade samba > version? > > All computers clients are windows7 (up2date) and we use samba with > openldap. > > Thank you and sorry for my english. > > PS: we are planning a samba 4 installation as soon as possible. > > -- > AC-GUYANE <mailto:Johan.Glenac at ac-guyane.fr> > *Johan GLENAC* > *DSI* > Administrateur Système, Réseaux et Télécom > *TROUBIRAN :* Route de Baduel - BP 6011 97306 Cayenne > *Tél. :* +594 (0) 594 27 22 08 > *Fax :* +594 (0) 594 27 22 20 > Rectorat - Académie de la Guyane > www.ac-guyane.fr <http://www.ac-guyane.fr> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- LIving the dream...
Hi, Finally, I have launched "yum downgrade samba*" too for best effort. I am waiting for news until my samba 4 migration. AC-GUYANE <mailto:Johan.Glenac at ac-guyane.fr> *Johan GLENAC* *DSI* Administrateur Système, Réseaux et Télécom *TROUBIRAN :* Route de Baduel - BP 6011 97306 Cayenne *Tél. :* +594 (0) 594 27 22 08 *Fax :* +594 (0) 594 27 22 20 Rectorat - Académie de la Guyane www.ac-guyane.fr <http://www.ac-guyane.fr> Le 14/04/2016 17:13, Alberto Moreno a écrit :> I will follow this, I have the same issue, I had to downgrade...centos > 5.11 latest. > > On Thu, Apr 14, 2016 at 8:52 AM, Johan GLENAC > <johan.glenac at ac-guyane.fr <mailto:johan.glenac at ac-guyane.fr>> wrote: > > Hi, > > Due to "Red Hat Vulnerability Response: BADLOCK", an automatic > samba package RHEL5 update was apply on our system. > This broke "The trust relationship between this workstation and > the primary domain failed" (error message logon client) in my > environnement production. > > So, I use now 3.6.23-12.el5_11, I see they are new directive for > smb.conf and some others more restrict by default. > > My question (even if I bypass security Badlock): it's possible to > get the right functionnal fallback directive smb.conf without > downgrade samba version? > > All computers clients are windows7 (up2date) and we use samba with > openldap. > > Thank you and sorry for my english. > > PS: we are planning a samba 4 installation as soon as possible. > > -- > AC-GUYANE <mailto:Johan.Glenac at ac-guyane.fr > <mailto:Johan.Glenac at ac-guyane.fr>> > *Johan GLENAC* > *DSI* > Administrateur Système, Réseaux et Télécom > *TROUBIRAN :* Route de Baduel - BP 6011 97306 Cayenne > *Tél. :* +594 (0) 594 27 22 08 > *Fax :* +594 (0) 594 27 22 20 > Rectorat - Académie de la Guyane > www.ac-guyane.fr <http://www.ac-guyane.fr> <http://www.ac-guyane.fr> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > LIving the dream...