Dne 7.1.2019 v 12:36 Miroslav Geisselreiter napsal(a): > Dne 5.1.2019 v 0:46 Gordon Messmer napsal(a): >> On 1/3/19 11:46 PM, Miroslav Geisselreiter wrote: >>> >>> Previously I deleted all files from /var/lib/samba, than set ldap >>> admin password: >>> smbpasswd -W >>> Than I re-join DC, it did not help. >> >> >> Shame. I'm not really sure what else to try, beyond my previous >> suggestion that it doesn't make sense to be both a domain member and >> use an ldap passdb backend. >> >> Try reverting the configuration file to the last known-good state. >> Leave the domain. Change "security = user". I'd expect that your >> system would work without any interactions with the DC. >> > I found some solution which solve only part of my problem and is not > very "clean". > > When I run winbind with these options client which are member of my > NT4DOMAIN are now able to mout smb shares from NT4MEMBER server: > > # winbindd -i -d 3 -S -n --option="netbios name"=NT4DOMAIN > --option="ntlm auth"=yes > > option "netbios name"=NT4DOMAIN overwrites this option from smb.conf: > "netbios name"=NT4MEMBER > > Nevertheless I am not able to mount smb shares from clients which are > not members of NT4DOMAIN. > SOLVED: I had to change only two parameters in smb.conf: security = user ntlm auth = yes Everything works now like before upgrade and I do not even run winbind daemon. Thanks to all for help and hints.