Bug 154558 - Winbind refuses to authenticate against Windows 2003 SP1
Winbind refuses to authenticate against Windows 2003 SP1
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: samba (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
David Lawrence
Depends On:
Blocks: 156323
  Show dependency treegraph
Reported: 2005-04-12 13:53 EDT by Tarun Reddy
Modified: 2014-08-31 19:27 EDT (History)
7 users (show)

See Also:
Fixed In Version: RHBA-2005-629
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-10-05 11:33:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:629 qe-ready SHIPPED_LIVE Updated Samba packages 2005-10-05 00:00:00 EDT

  None (edit)
Description Tarun Reddy 2005-04-12 13:53:02 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.6) Gecko/20050331 Camino/0.8.3

Description of problem:
When authenticating against Windows 2003 SP1, there is a problem with LSAOPEN that doesn't occur with non-SP1 systems. This is fixed in Samba 3.0.14.

Specifically, this appears to be the patch for the problem against 3.0.13...


Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Setup system-config-authentication to use winbind against a 2003 server (non-sp1)
2. Check authentication. Works.
3. Upgradet 2003 server to SP1
4. Check authentication. Doesn't work.
5. Remove SP1 from 2003 server.
6. Check authentication. Works again.

Additional info:
Comment 6 Marcin Krzysztof Porwit 2005-06-01 19:47:03 EDT
The temporary workaround for this is to set the following in the [global]
section of the smb.conf file:
  "client schannel = no"
This allows samba to fall back to an alternate crypto api and work with 2003sp1
Comment 10 Vince Worthington 2005-06-15 15:15:53 EDT
Will build a 3.0.10-1.4E-based Samba RPM for RHEL4 and try this patch out and
report back on how it works.  I have a Windows 2003 server here in my test
environ  so should be able to confirm if it works.  Will post an update here to

Comment 14 Tarun Reddy 2005-07-06 11:30:27 EDT
Work around provided by Marcin works. Also the FC4 samba RPM works without the
workaround (on FC4. Did not attempt to recompile for RHEL3/4)

Comment 15 David Jansen 2005-07-21 08:57:03 EDT
Will we see an updated samba package for RHEL 4 (and possibly FC3 as well) in
the forseable future?
Comment 18 Matt Seitz 2005-09-28 12:33:53 EDT
I'm surprised to see that a fix was just released for RHEL 3, but not RHEL 4. 
Hopefully that will follow soon.

Comment 19 Matt Seitz 2005-09-28 12:49:30 EDT
I just found out there is a beta fix available on the RHEL 4 beta channel:


Comment 20 Red Hat Bugzilla 2005-10-05 11:33:54 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.