[CentOS] upg. CentOS 7.5 to 7.6: unable to mount smb shares - samba NT domain member using ldap

Miroslav Geisselreiter mg at intar.cz
Fri Jan 4 07:46:29 UTC 2019 

Dne 4.1.2019 v 1:32 Gordon Messmer napsal(a):
> On 1/3/19 6:09 AM, Miroslav Geisselreiter wrote:
>> Yes, I add this host with command:
>> net rpc join MEMBER -S NT4LIKEDOMAINSERVER -U root
>
>
> I don't have any NT4-style domains handy to test with, so I can't be 
> very specific.  Your logs seem to indicate that Samba believes itself 
> to be the best DC for the domain.  See what you get from:
>
> net rpc info
> net rpc testjoin
>
> If nothing seems relevant, try leaving the domain and re-joining.
I had to change in smb.conf
client ipc signing = no

Than:
# net rpc info
Enter root's password:
Domain Name: NT4DOMAIN
Domain SID: S-1-5-21-somesid
Sequence number: somenubmer
Num users: xxx
Num domain groups: xxx
Num local groups: xxx

# net rpc testjoin
Join to 'NT4DOMAIN' is OK

Previously I deleted all files from /var/lib/samba, than set ldap admin 
password:
smbpasswd -W
Than I re-join DC, it did not help.

FYI: I have NT4-style domain configured on CentOS 6 linux server and 
here is part of smb.conf of this DC - NT4LIKEDOMAINSERVER:
[global]
         time server = yes
         workgroup = NT4DOMAIN
         server string = Samba Server Version %v
         netbios name = NT4LIKEDOMAINSERVER
          passdb backend = ldapsam:"ldap://ldap1server.intranet.xx 
ldap://ldap2server.intranet.xx"
          ldap ssl = start tls
          realm = INTRANET.XX
          kerberos method = system keytab
          ldap suffix = dc=intranet,dc=xx
          ldap admin dn = uid=ldapadmin,dc=intranet,dc=xx
          ldap group suffix = ou=Groups
          ldap user suffix = ou=Users
          ldap machine suffix = ou=Computers
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         domain master = yes
         domain logons = yes
         logon script = %U.bat
         logon path = ""
         wins support = yes
[netlogon]
         comment = Network Logon Service
         path = /var/lib/samba/netlogon
         guest ok = no
         writable = no
         browseable = no
         printable = no

Installed samba on DC:
# rpm -q samba
samba-3.6.23-51.el6.x86_64
and running smbd and nmbd

More information about the CentOS mailing list