[Samba] Windows 10 and Samba 4.1.17-debian (NT Domain)
Rowland penny
rpenny at samba.org
Sat Apr 2 19:22:20 UTC 2016
On 02/04/16 20:02, Luke Barone wrote:
> Also, when I run testparm -svv | less I can find these four lines on
> both the working and non-working servers:
>
> server max protocol = SMB3
> server min protocol = LANMAN1
> client max protocol = NT1
> client min protocol = CORE
>
>
> On Sat, Apr 2, 2016 at 11:57 AM, Luke Barone <lukebarone at gmail.com
> <mailto:lukebarone at gmail.com>> wrote:
>
> OK, then here's the weird part. I have another server, hosting
> other files, lets my Windows 10 system connect. The main server
> won't though. They are both running Debian Jessie 8.3, and Samba
> 4.1.17-debian. Below is the /etc/samba/smb.conf file /that works
> with Windows 7 and 10/:
>
> [global]
> workgroup = SD57
> netbios name = SAMBA
> server string = sss
> interfaces = eth1, tun0, eth0
> bind interfaces only = Yes
> pam password change = Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *new*password* %n\n *new*password* %n\n
> *updated*
> unix password sync = Yes
> name resolve order = wins, hosts, bcast
> printcap name = /etc/printcap
> logon script = login.bat
> logon path =
> logon drive = h:
> domain logons = Yes
> preferred master = Auto
> local master = No
> domain master = Yes
> wins support = Yes
> idmap config * : backend = tdb
> admin users = tech, machine, lbarone, @domainadmins
> write list = @domainadmins
> printing = lprng
> print command = lpr -r -P'%p' %s
> lpq command = lpq -P'%p'
> lprm command = lprm -P'%p' %j
> lppause command = lpc hold '%p' %j
> lpresume command = lpc release '%p' %j
> queuepause command = lpc stop '%p'
> queueresume command = lpc start '%p'
>
> [netlogon]
> path = /usr/local/share/netlogon
> read only = No
> oplocks = No
> level2 oplocks = No
>
>
> On Sat, Apr 2, 2016 at 11:37 AM, Rowland penny <rpenny at samba.org
> <mailto:rpenny at samba.org>> wrote:
>
> On 02/04/16 19:17, Luke Barone wrote:
>
> Hi all,
>
> After some config changes and reboots, I got the Samba
> server running
> properly for my client computers running Windows 7. My
> issue now is with
> Windows 10.
>
> I see threads relating to setting "max protocol = NT1",
> but this seems to
> break the Windows 7 clients (which are finally working
> again). Below is my
> smb.conf file (which works for Windows 7):
>
> [global]
> workgroup = JMC
> netbios name = JMAC
> server string = jmac
> interfaces = eth1
> bind interfaces only = Yes
> pam password change = Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *new*password* %n\n *new*password*
> %n\n *updated*
> unix password sync = Yes
> log file = /var/log/samba/log.%m
> name resolve order = host, wins, lmhosts, bcast
> printcap name = /dev/null
> disable spoolss = Yes
> logon script = login.bat
> logon drive = h:
> domain logons = Yes
> os level = 255
> preferred master = Yes
> domain master = Yes
> wins support = Yes
> lock directory = /var/cache/samba
> idmap config * : range = 1000-1999999
> idmap config * : backend = tdb
> admin users = machine, add, lbarone, @domainadmins
> write list = @domainadmins
> printing = lprng
> print command = lpr -r -P'%p' %s
> lpq command = lpq -P'%p'
> lprm command = lprm -P'%p' %j
> lppause command = lpc hold '%p' %j
> lpresume command = lpc release '%p' %j
> queuepause command = lpc stop '%p'
> queueresume command = lpc start '%p'
>
> [netlogon]
> path = /usr/local/share/netlogon
> inherit permissions = Yes
> browseable = No
>
>
> Again, I had to turn off the max protocol = NT1 option in
> order to get the
> Windows 7 clients to connect, but I need Windows 10
> clients to be able to
> connect. This is for both a domain-joined machine, and
> some stand-alone
> clients. The reghack for joining the domain have been
> applied. I have tried
> rebooting the server as well, so I know the services are
> not hanging right
> now.
>
> Suggestions on what to try next?
>
>
> That is the only way to get windows 10 to connect to an NT
> domain, it is windows subtle way of telling you to upgrade to
> an active directory domain.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
>
OK, there was a similar thread recently, I dug out a link to it:
https://lists.samba.org/archive/samba/2016-March/198527.html
What Andrew Bartlett say in the link is that you need a 4.2 Samba, can I
suggest you upgrade yet again, 4.1 is EOL anyway and I really really
suggest you upgrade now! You can get 4.2.x from Sernet. Debian probably
will be upgrading Samba shortly, but just when ?
I would suggest you test this in VMs if at all possible.
Rowland
More information about the samba
mailing list