[Samba] W10 workstations not connecting to Samba 4.10.5 member
Robert Wooden
bob at donelsontrophy.com
Tue Jul 2 13:13:58 UTC 2019
Last night I upgraded my AD domain controllers (Ubuntu18.04LTS) to Samba
4.10.5. These are a built from source install.
This morning my Windows 10 workstations cannot connect to the member server
(U18.04 and Samba 4.10.5) for find profiles and files needed.
Here is my smb.conf:
[global]
workgroup = MYDOM
server string = Samba Server Version %v
security = ads
realm = MYSHRM.DT
use sendfile = true
log level = 4
preferred master = no
domain master = no
dns proxy = no
host msdfs = no
idmap_ldb:use rfc2307 = yes
idmap config * : backend = tdb
idmap config * : range = 50001-80000 ##default was 10000-299999
## map ids from the domain the range may not overlap !
idmap config MYDOM : backend = ad
idmap config MYDOM : schema_mode = rfc2307
idmap config MYDOM : range = 10000-40000 ## default was 10000-99999
winbind nss info = rfc2307
## winbind trusted domains only = no
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind refresh tickets = yes
winbind offline logon = yes
template shell = /bin/bash
template homedir = /home/samba/MYDOM/users/%U
# user Administrator workaround, without it you are unable to set privileges
username map = /etc/samba/user.map
# For ACL support on member file server
##### vfs objects = acl_xattr ##moved to profiles 2017-11-25
map acl inherit = yes
##### store dos attributes = yes ##moved to progfiles 2017-11-25
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
# Share Setting Globally
usershare allow guests = no
unix extensions = no
reset on zero vc = yes
veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
hide unreadable = yes
# disable printing completely
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
restrict anonymous = 2
log file = /var/log/samba/log.%m
max log size = 50
#============================ Share Definitions ============================
[data]
comment = Shared MY data
path = /home/samba/MYDOM/companydata
read only = no
force group = "domain users"
directory mask = 0770
force directory mode = 0770
create mask = 0660
force create mode = 0660
follow symlinks = no
wide links = no
[home]
path = /home/samba/MYDOM/users
read only = no
follow symlinks = yes
wide links = yes
[profiles$]
comment = Users roaming profiles
path = /home/samba/MYDOM/profiles
# browseable = no
read only = no
admin users = +"MYDOM\domain admins"
force create mode = 0600
force directory mode = 0700
profile acls = yes
csc policy = disable
vfs objects = acl_xattr
store dos attributes = yes
Is there something I am not aware of that requires a change to my smb.conf
regarding Windows 10 and SMB1 or SMB2?
--
Thank you.
Bob Wooden
More information about the samba
mailing list