Windows clients unable to access Samba share on AD joined Linux box every 7 days
Posted
by
Hassle2
on Server Fault
See other posts from Server Fault
or by Hassle2
Published on 2011-11-08T14:27:51Z
Indexed on
2012/12/08
5:09 UTC
Read the original article
Hit count: 441
The problem:
Every 7 days, 2 Windows Servers are unable to access a SMB/CIFS share. It will start working after a handful of hours.The environment:
OpenFiler Linux box joined to 2003 AD Domain
Foreground app on Win2003 server access the SMB/CIFS share with windows credentials Another process on Win2008 access the share via SQL Server with windows credentials The Samba version on the Linux box is 3.4.5. Security is set to ADS wbinfo and getent return back expected users and groups Does not look to be a double hop issue as it's always the 2 accounts, regardless of the calling user. There is a DNS entry in both forward and reverse lookup zone for the linux box The linux box's computer object in active directory shows that it was modified around/at the same time that the two clients started failing to access the share Trying to access the share via IP works when by name does not Rebooting the Windows server takes care of it (it's production and only restarted it once) Restarting smbd, winbind, nmbd had no effect Error in samba log for the client in question: smbd/sesssetup.c:342(reply_spnego_kerberos) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE!The Question:
Does this look like the machine account password is changing (hence the AD object showing the updated modified date) or are the two windows clients unable to request a new ticket that works against this linux box?
© Server Fault or respective owner