Red Hat Bugzilla – Bug 165607
Interoperability problems with Win2003-SP1 & Win2000-SP4.SR1
Last modified: 2007-11-30 17:07:08 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Description of problem:
Winbindd stopped working after upgrading Windows machines. Fixed in Samba 3.0.20.
Release Notes for Samba 3.0.20rc1
* Disable schannel on the LSA and SAMR pipes in winbindd client
code to deal with Windows 2003 SP1 and Windows 2000 SP4 SR1.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Upgrade your windows servers
*** This bug has been marked as a duplicate of 156068 ***
Actually this bug is not the same as 156068.
The newest redhat's samba package does not authenticate againts windows when
However 2.0.20a is working fine.
Samba 2.0.20a release notes:
Winbind, security = domain, and Active Directory
Recent security updates for Windows 2000 and Windows 2003 have
changed the fashion in which user and group lists can be obtained
from domain controllers. In short, the RPC mechanisms used by
"security = domain" to retrieve users and groups is not compatible
with these changes. The "security = ads" configuration is not
affected by the Windows protocol changes.
Samba developers are actively working to correct this problem in
the 3.0.21 release. In the meantime, Administrators who are unable
to migrate to "security = ads" and must continue using "security =
domain", can define credentials to be used by winbindd for account
enumeration by executing the following command as root.
REOPENED status has been deprecated. ASSIGNED with keyword of Reopened is preferred.
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.