Greetings. Once again I have stumbled across a problem, and maybe caused it by trusting that bug fixes should really work.
Starting on Wednesday users on machines not bound to the TILBREDNAV domain are being rejected when trying to mount a shared directory from from a SAMBA server. AD credentials are being rejected on CentOS6 servers where the SMB patch has been applied but the server has not been rebooted. AD credentials are being rejected on CentOS7 servers where the SMB patch has been applied and the server has been rebooted. AD credentials are being accepted on CentOS6 servers where the SMB patch has been applied and server has been rebooted but they are only able to mount there home shares but not able to mount shared group volumes. Most of our users use Apple Macintosh computers so most of the reports come from these users. i also have a report from one linux user using Ubuntu that is having the same issue. All of this worked fine on Monday and Tuesday. All of this works fine on machines that are bound to the TILBREDNAV domain. One Windows user has reported a problem but I discount it as a test of a non-domain bound Windows 7 VM seems to work just fine and mounted both group and personal directories. I also took a MacBook Air that was bound to the domain and unbound it and yet it still worked fine and was able to mount directories from all the SAMBA servers. The SAMBA servers authenticate with the TILBREDNAV Active Directory system but I have limited access to AD. I can Use the Active Directory Users and Computers app to manage thins within my own OU. I also have redundant NIS servers to manage directory mounts and group permissions. A few weeks ago I replaced the old CentOS5 NIS servers with CentOS7 servers. Things seemed to be working well with these. I think the Group directory issue points to the NIS servers. The authentication seems to point to AD but may also be an NIS issue as that determines who can authenticate via AD to access the department Linux servers. I understand that there are lots of variables here. I am trying to eliminate some variables so that I can concentrate on the ones I might be able to control. I have not made a Google query because I am not sure how to fabricate a query that has a good chance of getting an answer. Any assistance in fabricating an appropriate query for google will be welcome. Any nudge in the right direction to solve this will be appreciated. I hope someone from NLUG can help. Just got a message from an AD admin that said they did apply Badblock related patches to the domain controllers Tuesday evening. This may be the cause but does not suggest much of a solution. Getting all machines bound to the domain is not a viable solution even if it is the obvious one at the moment. -- Bruce Martin -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
