Can't change password in samba from a windows client if samba runs on ipv6 only interface.
Hi,
during upgrading our whole system to ipv6, latest samba AD ( 3 DCs ) Version 4.6.8 and windows 10 clients i noticed the problem, that users are unable to change their password in the AD Domain from a Windows Client.
The samba DCs run on a ipv6 address (interfaces = 2a00:xxx:xxx::9; bind interfaces only = Yes). So does the Clients.
It is compiled by ourself in a custom sbuild environment. We took the 4.6.7 artful debian package and build a backport for 4.6.8 with xenial. (and of course the dependency packages: cmocka, talloc, tdb, tevent, ldb)
During password change the windows clients always says that the domain is currently unavailable.
After digging into it i found the problem in the krb5_samba.c file, Line150 and 183. The Part with "#if defined(HAVE_IPV6) && defined(
Our - i guess dirty - solution was, to add a patch "99_xx.diff" (see below):
With this patch we were able to build the 4.6.8 Samba on xenial as ubuntu package, and the clients are able to change their password now. - So, everything works now as expected.
I'm currently not sure if that is a "real" ubuntu or samba bug, or if it only affects us because of the custom build environment / artful to xenial backport.
Maybe someone who is familiar with the samba project / code can have short look for it.
This is the patch, that fixed it for us:
Index: samba-4.
=======
--- samba-4.
+++ samba-4.
@@ -150,7 +150,7 @@ bool smb_krb5_
{
-#if defined(HAVE_IPV6) && defined(
+#if defined(HAVE_IPV6)
if (paddr->ss_family == AF_INET6) {
@@ -183,7 +183,7 @@ bool smb_krb5_
{
-#if defined(HAVE_IPV6) && defined(
+#if defined(HAVE_IPV6)
if (paddr->ss_family == AF_INET6) {
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Michael Alzheimer for more information if necessary.