Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 649421

Summary: Issues maintaining trust relationship (?) with Windows 2008 R2 domain controllers
Product: Red Hat Enterprise Linux 4 Reporter: Ray Van Dolson <rvandolson>
Component: sambaAssignee: Guenther Deschner <gdeschner>
Status: CLOSED DUPLICATE QA Contact: qe-baseos-daemons
Severity: medium Docs Contact:
Priority: low    
Version: 4.8CC: gdeschner
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-16 11:40:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Samba configuration file.
none
Samba logfile showing errors we're seeing. none

Description Ray Van Dolson 2010-11-03 17:40:00 UTC 
Description of problem:
We recently upgraded several of our domain controllers from Windows 2008 to Windows 2008 R2.  After performing this upgrade, many of our Samba servers intermittently begin rejecting browse requests from users.  The Samba logs show errors that seem to point to problems talking to only the Windows 2008 R2 servers:

domain_client_validate: unable to validate password for user ray5147 in domain AVWORLD to Domain controller REDDC1. Error was NT_STATUS_INVALID_PARAMETER.

Currently, our Samba servers are set in DOMAIN mode with a password server set to a list of servers and/or a wildcard (*).  It _seems_ as though when we configure our servers to talk to the non-R2 Windows 2008 servers the problems go away.

Though I am not as certain, it seems that this problem does not exist under Samba 3.3.x -- however, there is no supported package of Samba 3.3.x for RHEL4.

Version-Release number of selected component (if applicable):
samba-3.0.33-0.19.el4_8.3
Fully patched RHEL 4.8

How reproducible:
So far always...

Steps to Reproduce:
1. Configure Windows 2008 R2 DC's
2. Configure RHEL4.8 Samba 3.0.x domain members.
3. Ensure that the RHEL4.8 servers are talking to the 2K8 RC2 servers.
4. Begin accessing shares.  After a while the above errors will occur.

Actual results:
Errors above.

Expected results:
Successful authentications.

Additional info:
I will attach Samba configurations and logfile entries.  I can likely generate packet dumps as well and perhaps the configuration settings used on our 2008 R2 server if needed.
Comment 1 Ray Van Dolson 2010-11-03 17:40:58 UTC 
Created attachment 457525 [details]
Samba configuration file.

This is our Samba configuration file.  Domain join is being done via:

  # net rpc join -U ray5147 -W AVWORLD
Comment 2 Ray Van Dolson 2010-11-03 17:41:40 UTC 
Created attachment 457526 [details]
Samba logfile showing errors we're seeing.
Comment 3 Ray Van Dolson 2010-11-04 20:00:38 UTC 
Opened SR#00371934 for this issue with Red Hat Support.
Comment 4 Ray Van Dolson 2010-11-16 00:37:34 UTC 
Would someone close this and mark it as a duplicate of #585360?
Comment 5 Guenther Deschner 2010-11-16 11:40:59 UTC 
Closing as duplicate, Thanks!

*** This bug has been marked as a duplicate of bug 585360 ***