Samba 4.x package support thread

I have to add this line to disable io_uring or file copy to samba fails.

config samba
	option disable_async_io 'yes'

Add AD-DC and Windows ACL supports please. smbd -b | grep HAVE_LIBACL returns nothing.

While we're making requests, Samba 4.14.x is still the package version, we missed 4.15.x, and now 4.16.1 is out. Could it be upgraded to that for the upcomng 22.03 release?

OpenWrt SNAPSHOT r19482 built by me, smbd v4.14.12. Client is Windows 7.

[global]
security = user
passdb backend = smbpasswd

null passwords = yes
# map to guest = Bad Password
# map to guest = never
# guest account = nobody
# guest ok = yes

ntlm auth = ntlmv2-only
invalid users = root

netbios name = GRAPHRT
interfaces = br-lan lan4
bind interfaces only = yes
server string = Samba
unix charset = UTF-8
workgroup = WORKGROUP

######### Dynamic written config options #########

[temp]
        path = /mnt/temp
        create mask = 0666
        directory mask = 0777
        read only = no
        guest ok = yes

[Work]
        path = /mnt/work
        valid users = SambaUser
        create mask = 0666
        directory mask = 0777
        read only = no
        guest ok = no

I have a weird problem with user accounts. Passwords don't work. I always get 0xc000006d STATUS_LOGON_FAILURE when I try to connect. I can see this in Wireshark / tcpdump.
I tried:

  • deleting and re-adding user in smbpasswd and /etc/passwd
    Didn't work.

  • add a new user with a very simple password "1234" and add the new logon credentials in Windows - Control Panel - Credential Manager
    Didn't work. I can see the new user trying to logon in Wireshark, but gets STATUS_LOGON_FAILURE as response.

  • enabling guest account and "map to guest = Bad Password"
    Works! I can connect, browse dirs, read/write files, according to guest permissions.

  • set "null passwords = yes" and using empty password for the account in smbpasswd and Windows
    Works! I can connect, browse dirs, read/write files, according to user's permissions.

I don't know what else to try. Is there any method to check if smbpasswd generates the correct password hash?
Thank you!

I did more tests.
samba logs show this:

[2022/05/12 18:30:16.283474,  2]   check_ntlm_password:  Authentication for user [SambaUser] -> [SambaUser] FAILED with error NT_STATUS_WRONG_PASSWORD, authoritative=1

I can connect using the same account and password from a Gentoo linux client (mount.cifs, kernel v5.15) and also from a Windows XP client. Windows 7 still doesn't work. I'm sure that the password is correct.