[Samba] Fwd: Re: Member server losing smb connection [solved]
Bob of Donelson Trophy
bob at donelsontrophy.net
Mon Nov 14 16:23:45 UTC 2016
Oops, sent it to Louis directly. My bad. See conclusion below.
-------- Original Message --------
SUBJECT:
Re: [Samba] Member server losing smb connection [solved]
DATE:
2016-11-14 10:22
FROM:
Bob of Donelson Trophy <bob at donelsontrophy.net>
TO:
"L.P.H. van Belle" <belle at bazuin.nl>
REPLY-TO:
bob at donelsontrophy.net
On 2016-11-14 09:47, L.P.H. van Belle via samba wrote:
> Ah, ok.
>
> Fist configure the standalone like this :
>
> preferred master = no
> domain master = no
>
> configure ONE and only one!! AD member like this.
> Preferred a member of the AD domain, i did choose my user profile server.
>
> preferred master = yes
> domain master = yes
> dns proxy = yes
>
> and remove the wins server lines.
> Reboot that member and check again.
>
> Best it not to use :
> \\hostname\share
> And also not
> \\IP_NUMBER\share
>
> But
> \\FQ.DN\share
>
> And please setup the TLS for your servers.
> It really really helps a lot.
>
> Make sure your dns resolving is correct and read the man smb.conf for the dns proxy paramter.
>
> That should help out for you.
>
> Greetz,
>
> Louis
>
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson
> Trophy via samba
> Verzonden: maandag 14 november 2016 16:21
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Member server losing smb connection
>
> On 2016-11-14 09:04, Bob of Donelson Trophy via samba wrote:
>
> On 2016-11-14 08:39, L.P.H. van Belle via samba wrote:
>
> Is this on a windows 7 or 10 client or both?
> Are you useing \\FQ.DN\share or \\hostname\share
> Try the FQ.DN, as Microsoft advices.
>
> And where are the TLS parameters in the below config.
> Did you set this up?
>
> Greetz,
>
> Louis
>
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson
> Trophy via samba
> Verzonden: maandag 14 november 2016 15:18
> Aan: SAMBA MailList
> Onderwerp: [Samba] Member server losing smb connection
> Urgentie: Hoog
>
> I have a member server running Ubuntu 16.10, Samba 4.4.5 that is serving
> files to W10 and W7 clients. Things appear fine and suddenly the server
> share disappears and the W clients "cannot see" the server. The client
> error message is: "The device or resource (member hostname) is nt setup
> to accept is not setup to accept connections on port "The file and print
> sharing (SMB)"."
>
> Here is the smb.conf file from the member:
>
> root at dtmbr02:~# cat /etc/samba/smb.conf
> [global]
> workgroup = DTDOM
> server string = Samba Server Version %v
> security = ads
> realm = DTSHRM.DT
> use sendfile = true
>
> log level = 4
>
> domain master = no
> host msdfs = no
>
> idmap_ldb:use rfc2307 = yes
> idmap config * : backend = tdb
> idmap config * : range = 50001-80000
> ## map ids from the domain the range may not overlap !
> idmap config DTDOM : backend = ad
> idmap config DTDOM : schema_mode = rfc2307
> idmap config DTDOM : range = 10000-40000
> winbind separator = +
> winbind nss info = rfc2307
> winbind trusted domains only = no
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
> winbind refresh tickets = yes
> winbind offline logon = yes
>
> wins server = 192.168.116.49 192.168.116.50
>
> template shell = /bin/bash
> template homedir = /home/samba/DTDOM/users/%U
>
> # user Administrator workaround, without it you are unable to set
> privileges
> username map = /etc/samba/samba_usermapping
>
> # For ACL support on member file server
>
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
>
> # Share Setting Globally
> usershare allow guests = no
> unix extensions = no
> reset on zero vc = yes
> veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
> hide unreadable = yes
>
> # disable printing completely
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> restrict anonymous = 2
> log file = /var/log/samba/log.%m
> max log size = 50
>
> #============================ Share Definitions
> ============================
>
> [testshare]
> comment = Test share
> path = /samba/testshare
> read only = no
> force group = "domain users"
> directory mask = 0770
> force directory mode = 0770
> create mask = 0660
> force create mode = 0660
> follow symlinks = yes
> wide links = yes
>
> #[Myshare] ## an example found at askubuntu.com
> # writeable = yes
> # path = /shares/office
> # force directory mode = 770
> # force create mode = 770
> # force group = bureau
> # valid users = @bureau
> # write list = @bureau
>
> [data]
> comment = Shared DT data
> path = /home/samba/DTDOM/companydata
> read only = no
> force group = "domain users"
> directory mask = 0770
> force directory mode = 0770
> create mask = 0660
> force create mode = 0660
> follow symlinks = no
> wide links = no
>
> [Demo]
> path = /srv/samba/Demo
> read only = no
>
> follow symlinks = no
> wide links = no
>
> [thome]
> path = /srv/samba/thome/
> read only = No
>
> follow symlinks = no
> wide links = no
>
> ##4444444444444444444444444444444444444444
> ##4444444444444444444444444444444444444444
>
> [home]
> path = /home/samba/DTDOM/users
> read only = no
> follow symlinks = yes
> wide links = yes
>
> [profiles]
> path = /home/samba/DTDOM/profiles
> read only = no
> admin users = +"DTDOM\domain admins"
> profile acls = yes
> csc policy = disable
>
> follow symlinks = no
> wide links = no
>
> Everything seemed to be working fine yesterday while I was moving files
> from old server to newer server. Then this morning I am seeing this
> complaint.
>
> I have tailed log files and, being somewhat unfamiliar, cannot see
> anything significant. As this is a member server am I wrong, it is
> running smbd, nmbd, & winbind and NOT samba as there is no log file for
> samba?
>
> I have created this smb.conf by copy/paste old server config to new. (I
> thought I was careful.)
>
> Does anyone see anything that might clash with SMB services? That could
> be creating this SMB problem?
>
> Have I copy/pasted a error somewhere that I am overlooking?
>
> --
> _______________________________
>
> Bob Wooden of Donelson Trophy
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
> Thanks, Louis.
>
> The old member server was the Debian Wheezy running SernetSamba
> 4.2.whatever setup with your old script. It did not have any TLS
> parameters so, the newer member does NOT have TLS either.
>
> Since my initial post I have discovered, via the nmbd log that a
> "standalone server" (U16.04, Samba 4.3.11) is acting a domain master.
> This "standalone server is NOT joined to the domain. When I shutdown the
> "standalone" (to see what happens) the network becomes sluggish via
> either W10 or W7 clients. However, access to the newer member server is
> NOT allowed.
>
> (This was working yesterday just fine. I'm baffled.)
>
> I would be using a "\\hostname\share structure".
>
> --
> _______________________________
>
> Bob Wooden of Donelson Trophy
>
> Never mind, I have a hardware failure issue!
>
> --
> _______________________________
>
> Bob Wooden of Donelson Trophy
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
THANKS, LOUIS!!!
Made you suggested changes and have my newer member server connected and
working like yesterday.
(I'll be checking into that TLS "thing" soon, thanks for the
suggestion.)
--
_______________________________
Bob Wooden of Donelson Trophy
--
_______________________________
Bob Wooden of Donelson Trophy
615.885.2846
www.donelsontrophy.com [1]
"Everyone deserves an award!!"
Links:
------
[1] http://www.donelsontrophy.com
More information about the samba
mailing list