samba - Mar 2021 - Linux workstations lose relationship with domain

Thank you Rowland!

I have another clue for my problem (The lost of domain relationship). 
The problem began just after the change of time in my country on Sunday. 
I changed the time manually on both domain servers

(They use ntp for the clients to sync with they) and after that, on 
Monday, some linux workstations lost the relationship. But you know 
what? none of my Windows 10 workstations lost the domain relationship!

We use pbis en Ubuntu 18.04 and Linux Mint 20 workstations to connect to 
the domain. I suspect that the change of time was the cause. But even 
changing the time on those linux workstations first (For some reason ntp 
didn't work, but this is not the point right now), they didn't connected
to the domain! And It was necessary to join again manually (One by one!).


This is the smb.conf of a workstation that lost the domain ralationship


[global]
 ??? server string = %h server (Samba, Ubuntu)
;?? wins server = w.x.y.z
 ?? dns proxy = no
;?? interfaces = 127.0.0.0/8 eth0
;?? bind interfaces only = yes
 ?? log file = /var/log/samba/log.%m
 ?? max log size = 1000
 ?? syslog = 0
 ?? panic action = /usr/share/samba/panic-action %d
 ?? server role = standalone server
 ?? passdb backend = tdbsam
 ?? obey pam restrictions = yes
 ?? unix password sync = yes
 ?? passwd program = /usr/bin/passwd %u
 ?? passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
 ?? pam password change = yes
 ?? map to guest = bad user
;?? logon path = \\%N\profiles\%U
;?? logon drive = H:
;?? logon script = logon.cmd
; add user script = /usr/sbin/adduser --quiet --disabled-password 
--gecos "" %u
; add machine script? = /usr/sbin/useradd -g machines -c "%u machine 
account" -d /var/lib/samba -s /bin/false %u
; add group script = /usr/sbin/addgroup --force-badname %g
;?? include = /home/samba/etc/smb.conf.%m
;?? idmap uid = 10000-20000
;?? idmap gid = 10000-20000
;?? template shell = /bin/bash
;?? usershare max shares = 100
 ?? usershare allow guests = yes

;[homes]
;?? comment = Home Directories
;?? browseable = no
;?? read only = yes
;?? create mask = 0700
;?? directory mask = 0700
;?? valid users = %S

;[netlogon]
;?? comment = Network Logon Service
;?? path = /home/samba/netlogon
;?? guest ok = yes
;?? read only = yes

;[profiles]
;?? comment = Users profiles
;?? path = /home/samba/profiles
;?? guest ok = no
;?? browseable = no
;?? create mask = 0600
;?? directory mask = 0700

[printers]
 ?? comment = All Printers
 ?? browseable = no
 ?? path = /var/spool/samba
 ?? printable = yes
 ?? guest ok = no
 ?? read only = yes
 ?? create mask = 0700

[print$]
 ?? comment = Printer Drivers
 ?? path = /var/lib/samba/printers
 ?? browseable = yes
 ?? read only = yes
 ?? guest ok = no

;?? write list = root, @lpadmin

On 23/03/2021 14:47, Denis Morejon via samba wrote:
> Thank you Rowland!
>
> I have another clue for my problem (The lost of domain relationship). 
> The problem began just after the change of time in my country on 
> Sunday. I changed the time manually on both domain servers
>
> (They use ntp for the clients to sync with they) and after that, on 
> Monday, some linux workstations lost the relationship. But you know 
> what? none of my Windows 10 workstations lost the domain relationship!
>
> We use pbis en Ubuntu 18.04 and Linux Mint 20 workstations to connect 
> to the domain. I suspect that the change of time was the cause. But 
> even changing the time on those linux workstations first (For some 
> reason ntp didn't work, but this is not the point right now), they 
> didn't connected to the domain! And It was necessary to join again 
> manually (One by one!).
>
> This is the smb.conf of a workstation that lost the domain ralationship
>
> [global]
> ??? server string = %h server (Samba, Ubuntu)
> ?? dns proxy = no
> ?? log file = /var/log/samba/log.%m
> ?? max log size = 1000
> ?? syslog = 0
> ?? panic action = /usr/share/samba/panic-action %d
> ?? server role = standalone server
> ?? obey pam restrictions = yes
> ?? unix password sync = yes
> ?? passwd program = /usr/bin/passwd %u
> ?? passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> ?? pam password change = yes
> ?? map to guest = bad user
> ?? usershare allow guests = yes
>
> [printers]
> ?? comment = All Printers
> ?? browseable = no
> ?? path = /var/spool/samba
> ?? printable = yes
> ?? create mask = 0700
>
> [print$]
> ?? comment = Printer Drivers
> ?? path = /var/lib/samba/printers
>
As we do not produce PBIS, we do not (cannot) provide support for it. 
Also that smb.conf is for a standalone server and, as such, it cannot be 
an AD domain member.

Is winbind running ?

Rowland