RHBA-2011:0054: samba3x bug fix and enhancement update

First published: Thu Jan 13 2011(Updated: )

Samba is a suite of programs used by machines for authentication, and file and<br>printer sharing.<br>These updated samba3x packages provide fixes for the following bugs:<br><li> Users of trusted child domains were not authenticated correctly. As a result,</li> some users of such domains did not appear as members of the parent domain even<br>if the child domain allowed full inheriting from the parent domain. With this<br>update, all users of a trusted child domain are authenticated successfully.<br>(BZ#459842)<br><li> The smb.conf manual page contained an ambiguous description of the 'default</li> case' parameter. With this update, the description is updated and gives a clear<br>description. (BZ#480405)<br><li> Service principal names were not always created correctly and as a result, the</li> system was attempting to acquire a service ticket using a wrong hostname. This<br>caused the Kerberos authentication to fail. With this update, service principal<br>names are created correctly. (BZ#560239)<br><li> CUPS printing could fail in an Active Directory environment with Kerberos.</li> With this update, regular users can print in such environment. (BZ#565774)<br><li> When the 'normalize names' setting was enabled, the winbindd service could</li> have failed after user authentication. With this update, authentication is<br>successful. (BZ#565915)<br><li> Packages requiring samba cannot recognize samba3x as an updated samba version.</li> With this update, dependent packages recognize samba3x as the new samba version.<br>(BZ#582756)<br><li> Some remote users could not authenticate from workstations running Windows.</li> This occurred, because the winbind service failed to authenticate to Windows<br>Server 2008 using the "ntlm-server-1" ntm_auth protocol. With this update, the<br>service works correctly. (BZ#590766)<br><li> In the offline mode, the winbind service could have logged the following</li> message: "Exceeding 200 client connections, no idle connection found." With this<br>update, the error no longer occurs and you can set the client limit manually<br>with the command 'winbind max clients'. (BZ#604081)<br><li> The winbindd client limit was set to 200 and could not be changed. With this</li> update, you can set the client limit manually with the command 'winbind max<br>clients'. (BZ#641379)<br><li> Previously, the samba3x package considered any samba package a conflicting</li> package. With this update, samba3x checks for possible non-conflicting versions<br>of the samba package. (BZ#609578)<br><li> When using non-standard character sets, the command 'wbinfo' displayed user</li> and group names with accented characters incorrectly. With this update, those<br>names are displayed correctly with all supported character sets. (BZ#649708)<br><li> Samba could have failed to connect to workstations running Windows 7 with Live</li> Essentials installed due to a SPNEGO parsing failure. With this update, the<br>connection succeeds. (BZ#651722)<br>In addition, these updated packages provide the following enhancements:<br><li> Interoperation with Windows 7 and Windows Server 2008 was fixed. Secure</li> channel connections to servers with Windows Server 2008 R2 and interdomain<br>trusts with Windows Server 2008 domains are now supported. Previously also, due<br>to errors in the secure channel to Windows 7 and Windows Server 2008 R2, the<br>winbind daemon could corrupt the secure channel. With this update, this no<br>longer occurs. (BZ#527997)<br><li> In Red Hat Enterprise Linux 5.6, the samba3x package no longer provides the</li> libtalloc library. The library is now provided in a separate source RPM.<br>(BZ#596883)<br><li> In Red Hat Enterprise Linux 5.6, the samba3x package no longer provides the</li> libtdb library. The library is now provided in a separate source RPM.<br>(BZ#596886)<br>Users are advised to upgrade to these updated samba3x packages, which resolve<br>these issues and add these enhancements.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHBA-2011:0054
• agent/software-canonical-lookup
• package-manager/redhat