[Samba] Samba 4.2.6 PDC+Ldap Upgrade Reject Windows XP Boxes
Periko Support
pheriko.support at gmail.com
Fri Apr 13 04:57:39 UTC 2018
Hi guys.
I finally upgrade my old centos 6 as PDC with samba 3.6.x+LDAP 2.3.X
to centos 7 with Samba 4.6.2 and ldap 2.4
All my windows 7,8,10, Winserver 2012 R2 are working no issue, users
can login and see share folders and share printers.
But I still have 2 machines running windows xp pro(this month will be
the end finally) that can login into the domain but they cannot see
share folders and printers.
Every time they try to access any machine or share folders on servers,
the system request to input the username+password.
I had check my settings but don't detect which parameter affect this OS.
My smb.conf is this one:
[global]
workgroup = MYDOMAIN
server string = PDC Domain Controller
netbios name = PDC-SRV
hosts allow = 192.168.1. 192.168.2. 127.
interfaces = enp3s0 lo0
bind interfaces only = Yes
hosts deny = 0.0.0.0
smb ports = 139 445
remote announce = 192.168.1.255
lanman auth = Yes
client lanman auth = Yes
security=USER
server max protocol=NT1
server min protocol=CORE
allow trusted domains = Yes
socket options = IPTOS_LOWDELAY TCP_NODELAY
# passwd backend
encrypt passwords = yes
passdb backend = ldapsam:ldap://127.0.0.1/
pam password change= Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %nn
*ReType*new*UNIX*password* %nn *
passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
# Log options
log level = 3
log file = /var/log/samba/%m.log
max log size = 2048
# syslog = 1
# Name resolution
name resolve order = wins bcast hosts lmhost
# misc
time server = No
# socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
use sendfile = yes
# Dos-Attribute
map hidden = No
map system = No
map archive = No
map read only = No
store dos attributes = Yes
Map to Guest = Bad User
# printers - configured to use CUPS and automatically load them
load printers = No
printcap name =
# printing =
cups options =
show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -m %u
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p %g
delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
set primary group script = /usr/sbin/smbldap-usermod -g %g %u
add machine script = /usr/sbin/smbldap-useradd -w %u
# LDAP-iConfiguration
#ldap delete dn = Yes
ldap ssl = off
ldap passwd sync = Yes
ldap suffix = dc=MYDOMAIN,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=root,dc=MYDOMAIN,dc=com
# setting up as domain controller
username map = /etc/samba/usermap
preferred master = Yes
wins support = Yes
winbind nested groups = Yes
ea support = Yes
domain logons = Yes
domain master = Yes
local master = Yes
map acl inherit = Yes
unix charset = UTF8
case sensitive = No
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
Locking = no
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
Any recommendation will be appreciated, thanks.
More information about the samba
mailing list