<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font face="Courier New, Courier, monospace">Hi all,</font></p>
<p><font face="Courier New, Courier, monospace">I'm not sure if I
have the same issue but from impossible for my users to connect
the shared folders with samba>4.13.5 from windows desktop.<br>
Password popup is coming back. Everything works fine with samba
4.13.5</font></p>
<p><font face="Courier New, Courier, monospace">I though the last
update would fix the issue but nop.<br>
</font></p>
<p><br>
<font face="Courier New, Courier, monospace"><font face="Courier
New, Courier, monospace">This server is a member of the
domain.</font></font></p>
<p><font face="Courier New, Courier, monospace">Server conf:</font></p>
<p><font face="Courier New, Courier, monospace">[global]<br>
<br>
workgroup = MYDOMAIN<br>
server string = myserver.corp.com<br>
realm = MYDOMAIN.corp.com<br>
security = ADS<br>
min protocol = SMB2<br>
client signing = mandatory<br>
server signing = mandatory<br>
netbios name = SBFS5<br>
<br>
password server = AD1.MYDOMAIN.corp.com<br>
wins server = 000.000.15.44<br>
<br>
dedicated keytab file = /etc/krb5.keytab<br>
kerberos method = secrets and keytab<br>
<br>
hosts allow = 000.000. 000.000. 127. 10.95.<br>
<br>
dns proxy = no<br>
local master = no<br>
domain master = no<br>
log level = 3<br>
log file = /var/log/samba/log.%I<br>
max log size = 3000<br>
template shell = /bin/bash<br>
winbind use default domain = no<br>
<br>
deadtime = 30<br>
<br>
# winbind settings<br>
idmap config * : range = 3000 - 8500<br>
idmap config *: backend = tdb<br>
<br>
idmap config MYDOMAIN: range = 9000 - 9000000<br>
idmap config MYDOMAIN: backend = ad<br>
idmap config MYDOMAIN: schema_mode = rfc2307<br>
<br>
panic action = /usr/share/samba/panic-action %d<br>
passdb backend = tdbsam<br>
<br>
username map = /etc/samba/smbusers<br>
username map script = /bin/echo<br>
unix password sync = yes<br>
<br>
domain logons = yes<br>
<br>
load printers = no<br>
disable spoolss = yes<br>
<br>
usershare allow guests = yes</font></p>
<p><font face="Courier New, Courier, monospace">And by the way, I
enabled this dummy "username map script", else, the password
popup keeps showing too!</font></p>
<p><font face="Courier New, Courier, monospace">In the logs</font></p>
<p><font face="Courier New, Courier, monospace"> check_account:
Failed to find local account with UID 3000 for SID
S-1-5-21-77949841-363743269-439555115-142182
(dom_user[MYDOMAIN\myusername])<br>
[2022/02/16 10:58:52.246885, 2]
../../source3/auth/auth.c:344(auth_check_ntlm_password)<br>
check_ntlm_password: Authentication for user [myusername]
-> [myusername] FAILED with error NT_STATUS_NO_SUCH_USER,
authoritative=1<br>
Auth: [SMB2,(null)] user [MYDOMAIN]\[myusername] at [Wed, 16
Feb 2022 10:58:52.246922 CET] with [NTLMv2] status
[NT_STATUS_NO_SUCH_USER] workstation [DESKTOP-KQKF394] remote
host [ipv4:xxx.xxx.159.189:50840] mapped to
[MYDOMAIN]\[myusername]. local host [ipv4:xxx.xxx.241.3:445] <br>
gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login
failed: NT_STATUS_NO_SUCH_USER <br>
</font></p>
<p><font face="Courier New, Courier, monospace">Thanks in advance
for your help.<br>
</font></p>
</body>
</html>