Bug 165607
| Summary: | Interoperability problems with Win2003-SP1 & Win2000-SP4.SR1 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Pasi Sjöholm <tigeli> |
| Component: | samba | Assignee: | Simo Sorce <ssorce> |
| Status: | CLOSED WONTFIX | QA Contact: | David Lawrence <dkl> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.0 | CC: | samba-bugs-list |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-10-19 18:56:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of 156068 *** Actually this bug is not the same as 156068. The newest redhat's samba package does not authenticate againts windows when using security=domain. However 2.0.20a is working fine. Samba 2.0.20a release notes: --cut-- Winbind, security = domain, and Active Directory ================================================ Recent security updates for Windows 2000 and Windows 2003 have changed the fashion in which user and group lists can be obtained from domain controllers. In short, the RPC mechanisms used by "security = domain" to retrieve users and groups is not compatible with these changes. The "security = ads" configuration is not affected by the Windows protocol changes. Samba developers are actively working to correct this problem in the 3.0.21 release. In the meantime, Administrators who are unable to migrate to "security = ads" and must continue using "security = domain", can define credentials to be used by winbindd for account enumeration by executing the following command as root. wbinfo --set-auth-user='DOMAIN\username%password' --cut-- REOPENED status has been deprecated. ASSIGNED with keyword of Reopened is preferred. This bug is filed against RHEL 3, which is in maintenance phase. During the maintenance phase, only security errata and select mission critical bug fixes will be released for enterprise products. Since this bug does not meet that criteria, it is now being closed. For more information of the RHEL errata support policy, please visit: http://www.redhat.com/security/updates/errata/ If you feel this bug is indeed mission critical, please contact your support representative. You may be asked to provide detailed information on how this bug is affecting you. |
From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Description of problem: Winbindd stopped working after upgrading Windows machines. Fixed in Samba 3.0.20. --cut-- Release Notes for Samba 3.0.20rc1 * Disable schannel on the LSA and SAMR pipes in winbindd client code to deal with Windows 2003 SP1 and Windows 2000 SP4 SR1. --cut-- Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Upgrade your windows servers 2. 3. Additional info: