Bug 40378 – Windows client join via netbios workgroup name fails in UCS 4.1

Bug 40378 - Windows client join via netbios workgroup name fails in UCS 4.1


Summary:	Windows client join via netbios workgroup name fails in UCS 4.1

Status:	RESOLVED WORKSFORME

Product:	UCS
Classification:	Unclassified
Component:	Samba4
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Samba maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2016-01-06 20:46 CET by Arvid Requate
Modified:	2016-10-06 12:36 CEST (History)
CC List:	2 users (show)

See Also:	40374
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
univention-samba-debug-20141126162601.pcap (394.82 KB, application/vnd.tcpdump.pcap) 2016-01-06 20:55 CET, Arvid Requate	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Arvid Requate

2016-01-06 20:46:21 CET

Windows client join via netbios workgroup name fails in UCS 4.1.

So  join to DOMAIN fails but join to domain.local works.


The client error message is pretty generic: "Der angegebene Netzwerkname ist nicht mehr erreichbar" ("The network name cannot be found").

A tcpdump shows that the client receives no answer to its SAM LOGON request from the DC. At samba/debug/level=10 the logs show that the \MAILSLOT\NET\NETLOGON is received by nmbd, but that seems to be the dead end.

In UCS 4.0-4 this still works and the logs show that the nmbd performs a typical netlogon LDAP search against the local SAM rootDSE. Somehow this doesn't happen in UCS 4.1-0.

Comment 1 Arvid Requate

2016-01-06 20:55:03 CET

Created attachment 7394 [details]
univention-samba-debug-20141126162601.pcap

This is basically what happens in UCS 4.0-4:

===================== log.nmbd =====================
[2014/11/26 16:26:23.491690,  4, pid=9882, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_packets.c:1295(process_dgram)
  process_dgram: datagram from WIN7PRO2<00> to AR40I1<1c> IP 10.200.8.232 for \MAILSLOT\NET\NETLOGON of type 18 len=63
[2014/11/26 16:26:23.492470,  1, pid=9882, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
       &request: struct nbt_netlogon_packet
          command                  : LOGON_SAM_LOGON_REQUEST (18)
          req                      : union nbt_netlogon_request(case 18)
          logon: struct NETLOGON_SAM_LOGON_REQUEST
              request_count            : 0x0000 (0)
              computer_name            : 'WIN7PRO2'
              user_name                : ''
              mailslot_name            : '\MAILSLOT\NET\GETDC174'
              acct_control             : 0x00000000 (0)
              sid_size                 : 0x00000000 (0)
              _pad                     : DATA_BLOB length=0
              sid                      : S-0-0
              nt_version               : 0x0000000b (11)
                     1: NETLOGON_NT_VERSION_1    
                     1: NETLOGON_NT_VERSION_5    
                     0: NETLOGON_NT_VERSION_5EX  
                     1: NETLOGON_NT_VERSION_5EX_WITH_IP
                     0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
                     0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
                     0: NETLOGON_NT_VERSION_PDC  
                     0: NETLOGON_NT_VERSION_IP   
                     0: NETLOGON_NT_VERSION_LOCAL
                     0: NETLOGON_NT_VERSION_GC   
              lmnt_token               : 0xffff (65535)
              lm20_token               : 0xffff (65535)

===================== log.samba =====================
[2014/11/26 16:26:23.493511, 10, pid=9989, effective(0, 0), real(0, 0), class=ldb] ../lib/ldb-samba/ldb_wrap.c:72(ldb_wrap_debug)
  ldb: ldb_trace_request: SEARCH
   dn: <rootDSE>
   scope: base
   expr: (&(NtVer=\0B\00\00\00)(Host=WIN7PRO2)(AAC=\00\00\00\00))
   attr: NetLogon
   control: <NONE>
[and some more..]

====================== log.nmbd =====================
[2014/11/26 16:26:23.532318,  1, pid=9882, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
       &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
          sbz                      : 0x0000 (0)
          server_type              : 0x000003fd (1021)
                 1: NBT_SERVER_PDC           
                 1: NBT_SERVER_GC            
                 1: NBT_SERVER_LDAP          
                 1: NBT_SERVER_DS            
                 1: NBT_SERVER_KDC           
                 1: NBT_SERVER_TIMESERV      
                 1: NBT_SERVER_CLOSEST       
                 1: NBT_SERVER_WRITABLE      
                 1: NBT_SERVER_GOOD_TIMESERV 
                 0: NBT_SERVER_NDNC          
                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
                 0: NBT_SERVER_FULL_SECRET_DOMAIN_6
                 0: NBT_SERVER_ADS_WEB_SERVICE
                 0: NBT_SERVER_HAS_DNS_NAME  
                 0: NBT_SERVER_IS_DEFAULT_NC 
                 0: NBT_SERVER_FOREST_ROOT   
          domain_uuid              : 3395e01f-996b-4b9c-8905-e0e3d825ca1d
          forest                   : 'ar40i1.qa'
          dns_domain               : 'ar40i1.qa'
          pdc_dns_name             : 'master50.ar40i1.qa'
          domain_name              : 'AR40I1'
          pdc_name                 : 'MASTER50'
          user_name                : ''
          server_site              : 'Default-First-Site-Name'
          client_site              : 'Default-First-Site-Name'
          sockaddr_size            : 0x10 (16)
          sockaddr: struct nbt_sockaddr
              sockaddr_family          : 0x00000002 (2)
              pdc_ip                   : 10.200.8.50
              remaining                : DATA_BLOB length=8
  [0000] 00 00 00 00 00 00 00 00                            ........ 
          next_closest_site        : NULL
          nt_version               : 0x0000000d (13)
                 1: NETLOGON_NT_VERSION_1    
                 0: NETLOGON_NT_VERSION_5    
                 1: NETLOGON_NT_VERSION_5EX  
                 1: NETLOGON_NT_VERSION_5EX_WITH_IP
                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
                 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
                 0: NETLOGON_NT_VERSION_PDC  
                 0: NETLOGON_NT_VERSION_IP   
                 0: NETLOGON_NT_VERSION_LOCAL
                 0: NETLOGON_NT_VERSION_GC   
          lmnt_token               : 0xffff (65535)
          lm20_token               : 0xffff (65535)
[2014/11/26 16:26:23.532651,  4, pid=9882, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_packets.c:2129(send_mailslot)
  send_mailslot: Sending to mailslot \MAILSLOT\NET\GETDC174 from MASTER50<00> IP 10.200.8.50 to WIN7PRO2<00> IP 10.200.8.232



The attached tcpdump shows the corresponding network trace of the successful join.

In contrast: In UCS 4.1-0 there is no corresponding activity in log.samba.
I also tried with samba/interfaces/bindonly=yes samba/interfaces=eth0.

Comment 2 Stefan Gohmann

2016-10-05 16:02:18 CEST

Does it still occur?

Comment 3 Arvid Requate

2016-10-06 12:35:50 CEST

Just checked, works. I guess the docker interface might have interfered in 4.0.

Comment 4 Arvid Requate

2016-10-06 12:36:26 CEST

In 4.1..