View Issue Details

IDProjectCategoryView StatusLast Update
0015525CentOS-7sambapublic2018-12-06 09:34
Status newResolutionopen 
Platformx86_64OSCentOSOS Version7.6.1810 (Core)
Product Version 
Target VersionFixed in Version 
Summary0015525: Samba on CentOS 7.x suddenly ceases to authenticate

As of December 4th, 2018, Samba shares on (official) CentOS 7.x
*suddenly* become inaccessible from Windows 10 workstations, reporting
"bad password".

Authentication failure is reported, but the same shares *are*
accessible from GNU/Linux workstations, using the known credentials
(user, password).

Samba server: samba-4.8.3-4.el7.x86_64
(official package from CentOS 7.x repo)

Samba clients: Windows 10 + all updates, as of December 4th, 2018

No errors or rejects are reported in logs, log level 4 ("Allowing
Access", etc.).

Thanks a lot for your kind help!

Best regards,
Steps To ReproduceI suddenly happened on December 4th, 2018 on many CentOS 7.x systems.

Additional InformationI cannot verify if this is a Samba or a Windows issue (occuring after automatic updates).
TagsNo tags attached.




2018-12-05 21:12

reporter   ~0033229

I can confirm similar behavior in our environment. Servers are SSSD + AD configured. Mac and WIndows clients fail with either username/pass or Kerberos auth. Samba claims that cifs/ SPN is missing for kerberos auth, and simply bad password for user/pass clients.

Server on Centos 7.5 is still authenticating clients no issue


2018-12-05 22:02

reporter   ~0033230

Update: Removing SSSD and Samba from Centos 7.6 server and manually installing SSSD and Samba RPMs from Centos 7.5 base/updates restored service.


2018-12-06 00:38

reporter   ~0033234

Confirming in our environment also. Several file servers (10+) patched overnight from Samba 4.7.1-9.el7_5 to 4.8.3-4.el7 on x86_64 cause the behaviour documented above. Also using SSSD+AD server side, with Windows and Mac clients. Seems to occur on client machines that aren't bound to AD, and connecting with a password challenge. AD bound machines (machines with a kerberos object in AD) don't appear to have the problem.

Will attempt the Samba+SSSD rollback shortly.


2018-12-06 09:34

reporter   ~0033241

Downgrading samba packages to 4.7* solved our issue for now.

Issue History

Date Modified Username Field Change
2018-12-04 15:30 rsandu New Issue
2018-12-05 21:12 ghuntress Note Added: 0033229
2018-12-05 22:02 ghuntress Note Added: 0033230
2018-12-06 00:38 cecentos Note Added: 0033234
2018-12-06 09:34 oernii Note Added: 0033241