Bug 713466 - Upgrading samba3x to samba3x-3.5.4-0.70.el5_6.1.x86_64 breaks ntlm auth
Upgrading samba3x to samba3x-3.5.4-0.70.el5_6.1.x86_64 breaks ntlm auth
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: samba3x (Show other bugs)
x86_64 Linux
urgent Severity urgent
: rc
: ---
Assigned To: Guenther Deschner
Martin Cermak
Depends On:
  Show dependency treegraph
Reported: 2011-06-15 09:48 EDT by Tom Diehl
Modified: 2012-02-21 00:44 EST (History)
5 users (show)

See Also:
Fixed In Version: samba3x-3.5.4-0.88.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-02-21 00:44:00 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tom Diehl 2011-06-15 09:48:04 EDT
Description of problem:Upgrading samba3x to samba3x-3.5.4-0.70.el5_6.1.x86_64 breaks ntlm auth. 

Version-Release number of selected component (if applicable):


How reproducible: Always

Steps to Reproduce:
1.Upgrade samba3x to samba3x-3.5.4-0.70.el5_6.1.x86_64
2. Run the following command /usr/bin/ntlm_auth --username=myuser
Actual results:

[2011/06/09 10:21:19.538041, 2] winbindd/winbindd_pam.c:2001(winbindd_dual_pam_auth_crap) NTLM CRAP authentication for user [mydomain]\[myuser] returned NT_STATUS_INVALID_HANDLE(PAM:4)

Expected results:
NT_STATUS_OK: Success (0x0)

Additional info: downgrading samba 3x to samba3x-3.3.8-0.52.el5_5.2 fixes the problem.

After down grading running the following command now works.

(indy pts3) # /usr/bin/ntlm_auth --username=myuser

NT_STATUS_OK: Success (0x0)
(indy pts3)#

In addition I get the following in the logs:

[2011/06/09 18:18:30, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)init_sam_from_ldap: Entry found for user: myuser
[2011/06/09 18:18:30, 2] auth/auth.c:check_ntlm_password(308) check_ntlm_password: authentication for user [myuser] -> [myuser] -> [myuser] succeeded
Comment 2 Guenther Deschner 2011-06-16 18:08:30 EDT
are you running ntlm_auth on a DC or on a MEMBER server ?
Comment 3 Tom Diehl 2011-06-16 19:44:17 EDT
It is running on a DC.
Comment 30 errata-xmlrpc 2012-02-21 00:44:00 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.