[Samba] Random disconnects from Samba server
Rowland Penny
rpenny at samba.org
Fri Mar 16 21:15:32 UTC 2018
On Fri, 16 Mar 2018 20:24:47 +0000
"Hirayama, Pat" <phirayam at fredhutch.org> wrote:
> In the past I've used winbind -- though, I've had issues where it
> just stops working until the service is restarted again. Was hoping
> to get away from that, hence trying sssd and ldap with Kerberos.
>
This sometimes happened in the early days of Samba 4, but it isn't a
problem now.
Try this smb.conf, I have removed all the default settings, but you
will need to uncomment one of the 'idmap conf DOMAIN' blocks, see the
inline comments.
[global]
security = ADS
workgroup = XXXXX
realm = XXXXX.ORG
server role = member server
server string = %h server (Samba)
log level = 2
max log size = 1000
server min protocol = SMB2_10
ntlm auth = no
idmap config * : backend = tdb
idmap config * : range = 3000-4999
restrict anonymous = 2
# You seem to like living dangerously
# Do you really need the wide links ?
unix extensions = no
wide links = yes
allow insecure wide links = yes
idmap config * : backend = tdb
idmap config * : range = 3000-4999
### As you are using Samba 4.4.4 on your centos 7 machine
### Uncomment one of the following
#
# 'ad' backend
# If uidNumber & gidNumber attributes in AD
# They must be inside 5000-1999999
# winbind nss info = rfc2307
#idmap config XXXXX:backend = ad
#idmap config XXXXX:range = 5000-1999999
#idmap config XXXXX:schema_mode = rfc2307
#
# 'rid' backend
# if NO uidNumber or gidNumber attributes in AD
#idmap config XXXXX:backend = rid
#idmap config XXXXX:range = 5000-1999999
#
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
# For ACL support on domain member
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
# These should be in 'shares'
#create mask = 0664
#force create mode = 0664
#directory mask = 2770
#force directory mode = 2770
# You only need one !!
# '[home]' for preference
# '[homes]' doesn't really work with AD
[home]
###comment = %U's Home Directory
path = /home/%U
read only = No
create mask = 0664
directory mask = 02775
inherit acls = Yes
case sensitive = No
veto files = /.tnatr:*/
mangled names = No
wide links = Yes
follow symlinks = Yes
dos filemode = Yes
#[homes]
# comment = %U's Home Directory
# read only = No
# create mask = 0664
# directory mask = 02775
# inherit acls = Yes
# case sensitive = No
# veto files = /.tnatr:*/
# mangled names = No
# dos filemode = Yes
# follow symlinks = Yes
# wide links = Yes
Rowland
More information about the samba
mailing list