Web lists-archives.com

Re: [Samba] Samba v3 works with LDAP, but not Samba v4

Am Dienstag, 16. Oktober 2018, 20:20:49 CEST schrieb Emil Henry via 
> Hi Andrew!
> I am not 100% sure that the password is correct. I was told that it
> was changed to the one I am testing.
To be unsure is bad in our business.

Their maybe three password stored in ldap for a regular user.

> But, when I try the old
> password, I get a different error message (NT_STATUS_INVALID_SID).
I assume that your server was working before you upgrade to 4.7.1

Until now we dont know if the admin password is correct, so we use 
anonymous bind for ldap.

Invalid Sid happens often on upgrading. If for any reason i.e. wrong ldap 
admin password smbd can not read ldap db.

# ldapsearch -xLLL 'sambadomainname=*' sambaDomainName sambaSID
dn: sambaDomainName=SCHULE,dc=afrika,dc=xx
sambaDomainName: SCHULE
sambaSID: S-1-5-21-1507708399-2130971284-2230424465

These sid is your domain sid. Compare it with the sid samba uses:
# net getdomainsid
SID for local machine ALIX is: 
SID for domain SCHULE is: S-1-5-21-1507708399-2130971284-2230424465

you may wish to verify your account sids:
# ldapsearch -xLLL 'sambasid=S-1-5-21*' sambaSID|less

"man net" will give you the command to reset the domain sid to the old 

> I
> will attached the output.
> I added the 'ntlm auth = yes' to the smb.conf. How would I change the
> client?
> The version of Samba that we are running is 4.7.1, which is the latest
> version that is available in the yum repository.
> Thanks.


	Harry Jede
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba