Bug #2780

Login to Samba fails after migration

Added by Nicola Rauso over 5 years ago. Updated over 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-samba
Target version:v6.5
Security class: Resolution:
Affected version:v6.5-final NEEDINFO:No

Description

After migration from NethService/SME Server you cannot access samba shares with migrated users:

    # smbclient //localhost/miaibay -U nico
Enter nico's password:
session setup failed: NT_STATUS_LOGON_FAILURE

Examining imported users properties, they all have no flag over "Shared Folders (Samba)" option "Services" tab.
Even flagging the option the problem remains:

   # smbclient //localhost/miaibay -U nico
Enter nico's password:
session setup failed: NT_STATUS_LOGON_FAILURE

Confirming user's password through "change password" option works around the problem.

Associated revisions

Revision 033f6505
Added by Davide Principi over 5 years ago

nethserver-samba-migrate-sam action: support WS migration. Refs #2780

When migrating a WS backup, only NTLM password hashes are pushed into
LDAP.

History

#1 Updated by Nicola Rauso over 5 years ago

# pdbedit -L -w
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MYNSRV))]
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
smbldap_search_paged: base => [dc=directory,dc=nh], filter => [(&(uid=*)(objectclass=sambaSamAccount))],scope => [2], pagesize => [1024]
smbldap_search_paged: search was successful
init_sam_from_ldap: Entry found for user: admin
admin:500:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU        ]:LCT-00000000:
init_sam_from_ldap: Entry found for user: massi
massi:5002:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:20029705C9F4DC5A2C3277881EB19BFC:[DU         ]:LCT-53A1715A:
init_sam_from_ldap: Entry found for user: nico
nico:5000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:E8A45B6077535AF3CD76EFBE5C4B5626:[U          ]:LCT-53A17163:
init_sam_from_ldap: Entry found for user: ola
ola:5001:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:C5619D9418669B6CE8C36A77C7032814:[U          ]:LCT-53A18581:

#2 Updated by Davide Principi over 5 years ago

  • Subject changed from Samba login doesn't work after migration to Login to Samba fails after migration
  • Description updated (diff)
  • Target version set to v6.5

#3 Updated by Davide Principi over 5 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#4 Updated by Nicola Rauso over 5 years ago

packages version:

nethserver-mail-server-1.7.0-1.ns6.noarch
nethserver-directory-2.0.2-1.ns6.noarch
nethserver-samba-1.4.3-1.ns6.noarch

#5 Updated by Davide Principi over 5 years ago

  • Affected version set to v6.5-final

#6 Updated by Davide Principi over 5 years ago

  • NEEDINFO changed from No to Yes

nethserver-samba-migrate-sam action quits before migrating users passwords, if the origin server role is not PDC.

Can you confirm the problem was reported during a WS migration?

#7 Updated by Nicola Rauso over 5 years ago

Confirmed: the migrated server had a WS role

#8 Updated by Davide Principi over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • % Done changed from 20 to 30
  • NEEDINFO changed from Yes to No

#9 Updated by Davide Principi over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

Test case

Check both WS and PDC scenarios are working correctly:

  • SIDs (PDC only)
  • users, passwords, enabled/disabled state
  • groups
  • machine accounts (PDC only)
  • ibays

#10 Updated by Davide Principi over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-samba-1.4.4-1.0git033f6505.ns6.noarch.rpm

#11 Updated by Nicola Rauso over 5 years ago

  • Assignee set to Nicola Rauso

#12 Updated by Nicola Rauso over 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Nicola Rauso)
  • % Done changed from 70 to 90

Tested: ok

#13 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-samba-1.4.5-1.ns6.noarch.rpm

Also available in: Atom PDF