[Samba] Windows clients require reboot once a day in order to access mapped drives
L.P.H. van Belle
belle at bazuin.nl
Fri Apr 26 06:33:22 UTC 2019
I'll fire up the ubuntu test vm..
Report back later..
I.. Need... More... Cofee.....First ;-)
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Rowland Penny [mailto:rpenny at samba.org]
> Verzonden: donderdag 25 april 2019 20:08
> Aan: samba at lists.samba.org
> CC: L.P.H. van Belle
> Onderwerp: Re: [Samba] Windows clients require reboot once a
> day in order to access mapped drives
>
> On Thu, 25 Apr 2019 10:34:24 -0700
> Mason Schmitt <mason at ftlcomputing.com> wrote:
>
> > >
> > >
> > > Forgot to mention, are sure your time sync over AD is working
> > > correctly. One to add to you list, check times of server and
> > > clients, (* yes again, if needed just to be sure).
> > >
> >
> > Yes, I have double check that time is correctly being synced.
> >
> > FYI, Rowland, the process outlined in the wiki for using
> chronyd does
> > not work on Ubuntu 18.04 (my AD DC is on Ubuntu, but my
> file server is
> > CentOS). I can only successfully sync windows clients with ntpd
> > running on the DC. Also, if using apparmor, the default apparmor
> > rules don't work. Here's what I had to do to get windows clients to
> > successfully sync with my Ubuntu DC.
> >
> > # Install ntp (if chrony is installed, this will disable and mask
> > chrony in systemd)
> > apt install ntp
> >
> > # First comment out the default NTP ACLs
> > sed -i 's/^restrict -/#restrict -/g' /etc/ntp.conf
> >
> > # Then add some samba specific settings to /etc/ntp.conf
> > cat << EOF >> /etc/ntp.conf
> >
> > # Use AD for authenticanting Windows NTP clients
> > ntpsigndsocket /var/lib/samba/ntp_signd
> >
> > # Acess control
> > # Default restriction: Allow clients to only query the time
> > restrict -4 default kod notrap nomodify nopeer noquery mssntp
> > restrict -6 default kod notrap nomodify nopeer noquery mssntp
> >
> > # We're running in a VM, so we need to protect ntpd from waking up
> > # in a panic, in a situation where a VM has been shutdown for an
> > # extended period of time
> > tinker panic 0
> > EOF
> >
> > # There is a bug in Ubuntu's apparmor config for ntp, so
> this fixes it
> > sed -i /ntp_signd/c'\ /var/lib/samba/ntp_signd/socket rw,'
> > /etc/apparmor.d/usr.sbin.ntpd
> > apparmor_parser --replace /etc/apparmor.d/usr.sbin.ntpd
> >
> > # Set the necessary permissions on the ntp signed socket
> > chmod 750 /var/lib/samba/ntp_signd
> > chown root:ntp /var/lib/samba/ntp_signd
> > systemctl enable ntp.service
> > systemctl restart ntp.service
> >
> >
> > # Test to make sure NTP is working
> > ntpq -p
>
> Louis, you use Ubuntu 18.04, can you confirm this ? (note to Mason: I
> do not disbelieve you, I just need confirmation before changing the
> wiki, I do not use Ubuntu so cannot confirm the changes)
>
> Rowland
>
>
More information about the samba
mailing list