[Samba] 4.2.14 (or newer) support "Windows for Workgroups 3.1a"?

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Apr 30 18:49:48 UTC 2018

Did you set a "security" value in smb.conf ?   If this is a domain 
controller, then I think it should be "security=user."

Are the Windows 7 and Windows 10 machines properly joined to the domain 
?   Are any of the Windows 7/10 machines used for industrial systems?

It might be helpful to know what was the OS version of the previous 
server, and whether it was  actually configured as a domain controller.  
Why did you remove the old server?     A long long time ago when I moved 
from NT4, I used the samba "net rpc vampire" command  to pull the 
Windows accounts into the samba server.   Did you do something similar?

Assuming you only have the industrial systems and not your corporate 
network using this server, a "classic" domain controller may be simple 
to setup than an AD domain controller.    Windows 3.11  won't benefit 
from AD.         Assuming you only have Windows 3.11 machines then there 
isn't even much point setting up the server as a domain controller at all.

On 04/30/18 14:32, Andrea Baldoni via samba wrote:
> On Mon, Apr 30, 2018 at 05:04:29PM +0100, Rowland Penny via samba wrote:
> Hello Rowland.
>> I had to read this several times to understand it, then a few more
>> because I didn't believe it.
> Well. In the industrial environment you may find everything ranging from
> CPM-86 onwards... old things talk via RS-232 or 422, the LAN equipped are
> regarded as "modern". In general all are non-upgradable closed systems.
>> Firstly, I think that you haven't got a PDC, you have an AD DC, the
>> 'windows 2008 PDC' bit gave that away ;-)
> Sorry, I am not a windows sysadm and I lack of correct terminology; I am not
> even sure if it was a 2008 or something else actually.
>> You then want to use something that is clagged on top of DOS 6.22 and
>> get that to talk to AD, something that really doesn't understand
>> domains (the hint is in what it is called)
> It cannot understand the domain and authenticate over it, but this is
> not a problem as the WfWg doesn't export any folder and nothing connects to it.
> I need the 3.11 be able to access a folder exported by something else and,
> with stability issues, it's working with windows 7/10 pro and it was working
> already before I replaced the windows server with a samba one... but I would
> really like not to have a machine-in-the-middle and have the samba serve
> those data instead. There are other reasons, but a good one is the presence of
> much more powerful debug instruments on samba to diagnose the instability.
>> Can you post your smb.conf from the Samba DC
> # Global parameters
> [global]
>          interfaces = br0
>          bind interfaces only = yes
>          workgroup = WORKGROUP
>          realm = MYDOMAIN.COM
>          netbios name = SERVER
>          server role = active directory domain controller
>          server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
>          idmap_ldb:use rfc2307 = yes
>          dns forwarder =
>          acl allow execute always = true
>          lanman auth = yes
> [netlogon]
>          path = /var/lib/samba/sysvol/mydomain.com/scripts
>          read only = No
> [sysvol]
>          path = /var/lib/samba/sysvol
>          read only = No
> [profiles]
>          path = /home/samba/profiles
>          read only = No
>          force create mode = 0600
>          create mask = 0600
>          force directory mode = 0700
>          directory mask = 0700
> [pubblica]
>          comment = Area pubblica
>          path = /home/samba/pubblica
>          read only = No
>          force create mode = 0660
>          create mask = 0660
>          force directory mode = 0770
>          directory mask = 0770
> ..other shares
> Andrea

More information about the samba mailing list