Samba update 4.10.16-17.el7_9 breaks ad joined servers

General support questions
Post Reply
bmckee
Posts: 3
Joined: 2022/01/10 21:15:17

Samba update 4.10.16-17.el7_9 breaks ad joined servers

Post by bmckee » 2022/01/10 21:37:39

I have a number of Cent 7 machines joined to a domain using sssd. Please note they've been working well for years.

The latest set of samba patches 4.10.16-17.el7_9 seem to break something.
Immediately after applying, the file shares drop off the network.
In the logs I see

Code: Select all

smbd[2535]: [2022/01/10 15:45:42.832096,  0] ../../source3/auth/auth_generic.c:127(auth3_generate_session_info_pac)
smbd[2535]:  auth3_generate_session_info_pac: winbindd not running - but required as domain member: NT_STATUS_NO_LOGON_SERVERS
Reverting the update and things work again.

Note winbind is not running and has never been installed on these machines, and doesn't need to be as far as I know? It's not listed in systemctl --list-unit-files

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Samba update 4.10.16-17.el7_9 breaks ad joined servers

Post by TrevorH » 2022/01/11 00:58:54

I am fairly sure that in the release notes for a past RHEL 7 update it said explicitly that winbind was a requirement for doing this (this was a change from before that set of RN).
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

falcione
Posts: 1
Joined: 2022/01/11 19:25:09

Re: Samba update 4.10.16-17.el7_9 breaks ad joined servers

Post by falcione » 2022/01/11 19:29:37

I saw this same issue. It also occurs on Centos 8 with the 4.14.5-7.el8_5 patch.


The current solution I have found:

- install samba-winbind
- enable winbind
- start winbind
- restart smb

The coders for samba apparently broke it so that now it looks to make sure winbindd is running, and if not, returns an error.

You don't have to change your configuration at all.... you just need the winbindd process to be running. More information on the bug is here:

https://bugs.launchpad.net/ubuntu/+sour ... ug/1956635

bmckee
Posts: 3
Joined: 2022/01/10 21:15:17

Re: Samba update 4.10.16-17.el7_9 breaks ad joined servers

Post by bmckee » 2022/01/17 20:47:46

Thanks for that info - it didn't occur to me I could install winbind and not configure anything.

I will try when I get a minute and report back.

bmckee
Posts: 3
Joined: 2022/01/10 21:15:17

Re: Samba update 4.10.16-17.el7_9 breaks ad joined servers

Post by bmckee » 2022/01/18 16:46:42

OK - prelim results look good. Simply

Code: Select all

sudo yum update samba
# note share falls over at this point
sudo yum install samba-winbind
sudo systemctl enable --now winbind.service
sudo systemctl restart smb
# and it comes right up now
Thanks again for the input!

Of note - log in via ssh, by a domain user who's never used that system before, now auto creates a /home/user@example.com folder, and populates it with .bashrc etc...

That's new. Previously it would allow log in, and complain about no home dir (which was fine for my purposes)

Post Reply