[Samba] Upgrading Samba 3 to Samba 4 - Domain Controller unreachable
Luke Barone
lukebarone at gmail.com
Sat Apr 2 17:06:42 UTC 2016
OK, I've tried commenting the line out. Ran /etc/init.d/samba reload, but
no change. Should I try a full server reboot then?
On Sat, Apr 2, 2016 at 9:51 AM, Rowland penny <rpenny at samba.org> wrote:
> On 02/04/16 17:37, Luke Barone wrote:
>
>> [global]
>> server max protocol = SMB2
>> # Line above added by lbarone - March 30, 2016
>> name resolve order = host wins lmhosts bcast
>> write list = @domainadmins
>> passwd chat = *new*password* %n\n *new*password* %n\n *updated*
>> admin users = machine,add,lbarone, at domainadmins
>> smb ports = 139
>> lock directory = /var/cache/samba
>> preserve case = yes
>> passwd program = /usr/bin/passwd %u
>> netbios name = jmac
>> printing = lprng
>> logon script = login.bat
>> local master = yes
>> workgroup = jmc
>> os level = 255
>> printcap name = /dev/null
>> security = user
>> disable spoolss = yes
>> log file = /var/log/samba/log.%m
>> log level = 2
>> load printers = yes
>> logon drive = h:
>> domain master = yes
>> interfaces = eth1
>> encrypt passwords = true
>> wins support = yes
>> server string = jmac
>> wide links = no
>> path = /var/spool/lpd/samba
>> unix password sync = true
>> preferred master = yes
>> bind interfaces only = yes
>> pam password change = yes
>> domain logons = yes
>> dns proxy = yes
>> idmap config * : range = 1000-1999999
>> # Above line added by lbarone - March 29, 2016
>>
>> ################## SHARES ########################
>>
>> [netlogon]
>> path = /usr/local/share/netlogon
>> browseable = no
>> ##profile acls = yes
>> write list = @domainadmins
>> inherit permissions = yes
>>
>> [homes]
>> browseable = no
>> read only = no
>> path = /home/%U/
>>
>> [Programs]
>> path = /usr/local/share/Apps/NetApps
>> inherit permissions = yes
>> writeable = yes
>>
>> [Windsor]
>> path = /usr/local/share/Windsor
>> inherit permissions = yes
>> writeable = yes
>>
>> [Career]
>> path = /usr/local/share/Staff/CLA/Career
>> inherit permissions = yes
>> writeable = yes
>> comment = Career Programs
>>
>> [Office]
>> path = /usr/local/share/Office
>> writeable = yes
>> inherit permissions = yes
>>
>> [Admin]
>> path = /usr/local/share/Admin
>> inherit permissions = yes
>> writeable = yes
>>
>> [Student_Share]
>> comment = Classwork Share
>> path = /usr/local/share/Student
>> writeable = yes
>> inherit permissions = yes
>>
>> [Tech_Tips]
>> comment = Tech Applications and tips. Public to see/read.
>> path = /usr/local/share/TECH_TIPS
>> writeable = yes
>> valid users = @staff
>> inherit permissions = yes
>>
>> [Tech_Apps]
>> comment = Tech Applications.
>> path = /usr/local/share/Tech_Apps
>> writeable = no
>> inherit permissions = yes
>> valid users = @domainadmins, at admin
>> browseable = no
>>
>> [DropBox]
>> comment = Classwork Hand-in
>> path = /usr/local/share/Classwork
>> writeable = yes
>> create mode = 700
>> force directory mode = 1777
>> inherit owner = yes
>>
>> [SSS]
>> comment = Student Support Services
>> path = /usr/local/share/Staff/SSS
>> writeable = yes
>> inherit permissions = yes
>>
>> [JMC]
>> comment = JMC Global Share
>> path = /usr/local/share/Staff/JMC
>> writeable = yes
>> write list = @staff
>> read list = @staff
>>
>> [DRC]
>> comment = DRC
>> path = /usr/local/share/Staff/DRC
>> writeable = yes
>> inherit permissions = yes
>>
>> [CLA]
>> comment = CLA
>> path = /usr/local/share/Staff/CLA
>> writeable = yes
>> inherit permissions = yes
>>
>> [YAPS]
>> path = /usr/local/share/YAPS
>> inherit permissions = yes
>> writeable = yes
>>
>>
>> [IMAGES]
>> comment = System images. Keep out.
>> path = /usr/local/share/IMAGES
>> valid users = blast,lbarone, at domainadmins
>> writeable = yes
>> inherit permissions = yes
>>
>> [Printer_Drivers]
>> comment = Printer Drivers for any printers in the building.
>> path = /usr/local/share/Printer_Drivers
>> writeable = no
>> inherit permissions = yes
>>
>> I commented when and where I changed the file, based on advice from
>> various forums when I was trying to figure out this issue. The upgrade
>> occurred on March 17th, so the changes I made were after issues were
>> reported to me.
>>
>> On Fri, Apr 1, 2016 at 1:53 PM, Rowland penny <rpenny at samba.org <mailto:
>> rpenny at samba.org>> wrote:
>>
>> On 01/04/16 21:20, Luke Barone wrote:
>>
>> Anyone able to chime in? Suggestions on where to go?
>>
>> On Thu, Mar 31, 2016 at 11:21 AM, Luke Barone
>> <lukebarone at gmail.com <mailto:lukebarone at gmail.com>> wrote:
>>
>> Hi all,
>>
>> I upgraded Samba 3 to 4 when doing a Debian Wheezy to
>> Jessie upgrade over
>> the last couple of weeks. Most things worked, but now that
>> staff are back,
>> we're seeing more and more issues.
>>
>> Computers are logging in using their cached credentials
>> only. The
>> computers are not using updated password information from
>> the server
>> anymore. The computers will not connect to the server via
>> it's NetBIOS name
>> unless I add the entry under the hosts and lmhosts file on
>> each workstation
>> (which is a pain...). My remote management won't work
>> either for using the
>> server credentials, I need to use a local username and
>> password.
>>
>> It's running Samba 4.1.17-debian, as a Windows NT Domain
>> Controller, NOT
>> Active Directory.
>>
>> I have also edited the /etc/nsswitch.conf file so that:
>>
>> passwd: files winbind
>> shadow: files
>> group: files winbind
>> hosts: files wins
>>
>> instead of:
>> passwd: compat
>> group: compat
>> shadow: compat
>> hosts: files dns
>>
>>
>> ... based on advice around the getpwuid error that seems
>> so famous.
>>
>> My goal is to get this up and running *properly* without
>> needing to touch
>> every computer, and so that user changes (i.e. password
>> changes, new users,
>> users getting deleted, etc) take effect immediately.
>>
>> If I need to post other config files, please let me know
>>
>>
>> OK, lets start with the smb.conf, please post it.
>> I take it you haven't modified it after the upgrade.
>>
>> Rowland
>>
>> -- To unsubscribe from this list go to the following URL and read
>> the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
> OK, try removing this line:
>
> smb ports = 139
>
> You have turned off port 445
>
>
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list