Web lists-archives.com

[Samba] Unable to access AD with ADExplorer




Hi,

I have a test AD running Samba on Ubuntu that I sometimes poke with Sysinternal's ADExplorer.
A few days ago I tried connecting to it, but got a short reply of "The directory service is not available."
As it was working earlier, I tried finding the problem.
After installing a few older releases, I found that it was working on Ubuntu 17.04, Samba 4.5.8 and stopped working on Ubuntu 17.10, Samba 4.6.7. Ubuntu 18.04 Beta's Samba 4.7 also fails to work.
I know 4.5 is EoL, but that is the last version that I could log successfully on.
The test ADs have exactly the same configuration, that was created during the AD provisioning.

Here are the log excerpts running on -d3:

Working logon:
==================================Version 4.5.8-Ubuntu==================================
[2018/03/26 16:32:38.889960,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:38.896147,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:38.897060,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:38.897302,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:38.901252,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:38.901492,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:38.901669,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:38.901878,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
[2018/03/26 16:32:38.910422,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2018/03/26 16:32:38.910667,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2018/03/26 16:32:38.911755,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:38.915128,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:38.915752,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:38.915983,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:38.919313,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:38.919555,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:38.919752,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:38.919923,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
[2018/03/26 16:32:39.571560,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2018/03/26 16:32:39.572294,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2018/03/26 16:32:39.575711,  3]  ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:39.579515,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:39.580258,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:39.580474,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:39.584407,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.584611,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:39.584793,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.584959,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
[2018/03/26 16:32:39.823078,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2018/03/26 16:32:39.823431,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2018/03/26 16:32:39.826504,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:39.830011,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:39.830652,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:39.830890,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:39.834247,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.834452,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:39.834601,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.834756,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
[2018/03/26 16:32:39.864216,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2018/03/26 16:32:39 .864480,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2018/03/26 16:32:39.880432,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:39.883778,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:39.884513,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:39.884731,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:39.888141,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.888350,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:39.888502,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.888656,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
[2018/03/26 16:32:39.911770,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2018/03/26 16:32:39.912037,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2018/03/26 16:32:39.933657,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:39.938632,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:39.939515,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:39.939988,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:39.944810,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.945222,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:39.945541,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:39.945808,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088235
==================================Version 4.5.8-Ubuntu==================================

Non-Working logon:
==================================Version 4.6.7-Ubuntu==================================
[2018/03/26 16:32:45.920989,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:45.926921,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:45.927514,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:45.927620,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:45.932479,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:45.932537,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:45.932576,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:45.932600,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:45.940988,  0]  ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
  NTLMSSP NTLM2 packet check failed due to invalid signature!
[2018/03/26 16:32:45.941244,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR'
[2018/03/26 16:32:45.941284,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
[2018/03/26 16:32:45.942532,  3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2018/03/26 16:32:45.946341,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088297
[2018/03/26 16:32:45.946846,  3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
  Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
[2018/03/26 16:32:45.946903,  3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
  auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
[2018/03/26 16:32:45.950762,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:45.950809,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:45.950847,  3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  NTLMSSP Sign/Seal - Initialising with flags:
[2018/03/26 16:32:45.950873,  3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0xe2088215
[2018/03/26 16:32:45.958662,  0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
  NTLMSSP NTLM2 packet check failed due to invalid signature!
[2018/03/26 16:32:45.958818,  3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR'
[2018/03/26 16:32:45.958850,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
==================================Version 4.6.7-Ubuntu==================================

I tried "ldap server require strong auth = no", Googling "NTLMSSP NTLM2 packet check failed due to invalid signature!", checking the mailing list archives, and a bit more, but none gave any result.

Can anyone help me how to proceed?

Thanks for your help!

Best regards,
Miklos Erdei



_________________________________________

Citromail.hu levelezőrendszerből küldve

Lépj be vagy regisztrálj
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba