Not a question.
Brief report that hopefully saves time for others.

CentOS ver. 7.1503
SerNet Samba ver. 4.1.16 > 4.1.17 > 4.1.18

Upon performing system updates including Samba 4, some windows domain users will randomly lose the ability to access file shares and receive an error message stating essentially --- cannot access host ABC. The affected domain users remain authenticated on the domain controller and dns continues to function normally, but file shares not accessible.

Restarting the affected domain users' computers does not always resolve the issue and is time-consuming. I have found sending a rapid succession of the following commands on the domain controller:

clears the block without disrupting access for other domain users.
I know it's very un-scientific but I have used it with success across two production upgrades without restarting the domain controller.

HTH

I have also installed you meas serner-samba? but yet i have not problem like that.

you are fortunate :-)

i had disscusions about samba ad security on this forum and people say that it is not secured, and if i have linux users in network that makes much more unsecure my samba ad
what you think about it?

My Samba 4 AD knowledge is definitely NOT expert level.....I wish I were a network engineer, but honestly nowhere close.

I'm guessing the concerns were about linux users on the network authenticating to the AD server by unencrypted connection.
I think those situations are limited.
Now that Samba 4 has been a stable release for a while, the tools are available and tested to authenticate linux users on a Samba 4 AD domain with encrypted connection using kerberos and sssd.

It's discussed better here: https://wiki.samba.org/index.php/Loc...ntication/sssd

Method 1: Connecting to AD via Kerberos (recommended) --- this provides encrypted kerberos authentication.