[CentOS] upg. CentOS 7.5 to 7.6: unable to mount smb shares - samba NT domain member using ldap

Thu Jan 3 14:09:16 UTC 2019
Miroslav Geisselreiter <mg at intar.cz>

Dne 2.1.2019 v 21:54 Gordon Messmer napsal(a):
> On 1/2/19 12:09 PM, Miroslav Geisselreiter wrote:
>> some parameters from smb.conf:
>> [global]
>>     workgroup = NT4DOMAIN
>>     netbios name = nt4member
>>         security = domain
>>         passdb backend = ldapsam:"ldap://ldap1server.intranet.xx 
>> ldap://ldap2server.intranet.xx" 
> I'm not sure it makes sense to use "security = domain" with an ldap 
> passdb backend.  If you're using a real NT4 domain, then you shouldn't 
> need a passdb backend at all.  If you're not in an NT4 domain, then 
> you should set "security = USER".
> The man page for smb.conf notes "This mode will only work correctly if 
> net(8) has been used to add this machine into a Windows NT Domain."  
> Did you add this host to a Windows NT domain, using "net join ..."?
Yes, I add this host with command:

I tried to change "security = USER" but it did not help.

I have to say that before upgrade samba from 4.7.1-9 to 4.8.3-4 I did 
not use and did not run winbind daemon. But now it is necessary to run 
winbind according to samba documentation:

Domain member setups require winbindd
Setups with "security = domain" or "security = ads" require a
running 'winbindd' now. The fallback that smbd directly contacts
domain controllers is gone.

Without windbind running samba 4.8 do not allow mount smb shares so I 
have to run winbind.