[Samba] Windows 10 Office 2016 slow accessing samba network shares

Rowland Penny rpenny at samba.org
Thu Feb 8 08:35:25 UTC 2018 

On Wed, 7 Feb 2018 19:47:49 +0000
Daulton Theodore via samba <samba at lists.samba.org> wrote:

> I have a to a samba server (4.4.16) on built on Solaris 11 samba pkg.
> It is a member of an Active directory domain. Users, for some time,
> have been experiencing long (20 -40 second) delays when browsing to,
> opening and writing a network share on the server.  Attempts to do
> any of those results in a dialogue box being displayed showing:
> 
> Contacting server: \\<server-name> \share
> 
> Workstations: Windows 10
> Application: MS Office 2016
> 
> I would appreciate if anyone has suggestions to getting past this
> hurdle. Here is a sanitized copy of smb.conf.
> 
> # Global parameters
> [globals]
>    netbios name  = NBNAME
>    server string = %L
>    workgroup     = DOMAIN_NAME
>    browsable     = no
>    local master  = no
> 
>    allow hosts   = 127.0.0.1 aaa.bbb.10. aaa.bbb.dd.
> aaa.bbb.cc.1kk/255.255.255.192 aaa.bbb.cc.ll/255.255.255.224
> aaa.bbb.cc.69 aaa.bbb.18.1/255.255.255.224 aaa.bbb.18.30 10.0.2.15
> aaa.bbb .116.0/23
> 
>    hosts deny = 0.0.0.0/0
> 
>    security      = ADS
>    realm         = xx.yy.ca
> 
> 
>    machine password timeout = 314496000
>    name resolve order = wins lmhosts host bcast
> 
>    remote announce = aaa.bbb.nnn.mmm
> 
> #   wins support = yes
>    wins server = aaa.bbb.x.y aaa.bbb.x.z
>    winbind use default domain = true
> 
> #  force Samba to bind only to public network
>    interfaces    = aaa.bbb.ff.gg/255.255.255.0
>    bind interfaces only = yes
>    socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
>    deadtime     = 0
> 
> #  added 20150422
>    server signing = auto
>    client signing = auto
> 
> #  from MIKEY's Readme
>    client lanman auth = no
>    client ntlmv2 auth = yes
>    client plaintext auth = no
>    client use spnego = yes
>    client schannel = yes
>    lanman auth = no
>    ntlm auth = no
> 
> #  20171101
>    server min protocol = SMB2_10
>    client min protocol = SMB2
>    client max protocol = SMB3
> 
> 
> #  Encrypt all passwords stored in /etc/sfw/samba/private/smbpasswd
>    encrypt passwords = yes
>    username map = /etc/samba/lib/nt-names
> 
> 
> #  not allowed to log in
>    invalid users = root daemon bin sys adm lp listen sshd\
>                    erl webspirs samba rob jan daulton
> 
>    writeable     = yes
> 
> #  A wormable code-execution bug has lurked in Samba for 7 years -
> 20170528 #
> https://arstechnica.com/security/2017/05/a-wormable-code-execution-bug-has-lurked-in-samba-for-7-years-patch-now/
> nt pipe support = no
> 
> #  Debug Logging information
>    log level = 5
>    log file = /etc/samba/var/log.%m:%U:%I
>    max log size = 2000
>    debug timestamp = yes
> 

You have everything in there apart from the kitchen sink AND the
'idmap config' lines.

Rowland

More information about the samba mailing list