[Samba] Problem after upgrading to Debian 10
Alberto José García Fumero
alberto at ettpartagas.co.cu
Mon Jul 15 19:14:36 UTC 2019
El sáb, 13-07-2019 a las 09:24 +0100, Rowland penny via samba escribió:
> On 12/07/2019 22:01, Rowland penny via samba wrote:
> > On 12/07/2019 21:29, Alberto José García Fumero wrote:
> > > El vie, 12-07-2019 a las 21:05 +0100, Rowland penny via samba
> > > escribió:
> > > > On 12/07/2019 20:23, Alberto José García Fumero via samba
> > > > wrote:
> > > > > Excuse me if I bother you, but I badly need help.
> > > > >
> > > > > Let me describe the situation. In my network there is a group
> > > > > of
> > > > > Windows boxes in a Windows domain (THE_DOMAIN),
> > > > What is the Windows DC ?
> > > > > three computers with
> > > > > Debian 9.x not linked to the domain (in a workgroup named
> > > > > TECHNOLOGY,
> > > > > and the parameter security=user) one of which I use, and
> > > > > other
> > > > > three
> > > > > computers with Debian 7.x in another workgroup (and
> > > > > security=share,
> > > > > so
> > > > > no problem accessing these).
> > > > You will have a problem when you upgrade the EOL Debian Wheezy,
> > > > 'security = share' no longer exists.
> > > > > When using Debian 9.x I was able to access (by way of
> > > > > Nautilus) the
> > > > > shared resources in all boxes in the domain THE_DOMAIN
> > > > > identifying
> > > > > me
> > > > > as the user administrator of the Samba 4 domain in the dialog
> > > > > window.
> > > > > After upgrading to Debian 10, this is no longer possible.
> > > > >
> > > > > What I am doing wrong? Is it necessary to join the domain,
> > > > > after
> > > > > this
> > > > > upgrade?
> > > > This is probably down to the value for 'ntlm auth' being
> > > > changed
> > > > from
> > > > 'yes' to 'ntlmv2-only' at 4.7.0
> > > >
> > > > Rowland
> > > >
> > > >
> > > The domain controller is a Samba 4.
> > >
> > > So what could I do? Is it possible to modify that parameter?
> >
> > What version of Samba is running on the DC ?
> >
> > What is the OS the DC is running on ?
> >
> > How is Samba running on the DC, as an NT4-style PDC or an AD DC ?
> >
> > Rowland
> >
> >
> >
> Whilst waiting for my questions to be answered, I took another look
> at
> the smb.conf.
>
> After removing all the default lines, it becomes this:
>
> [global]
> workgroup = TECHNOLOGY
> server string = Desarrollo
> security = user
> hosts allow = 192.168.0. 127.
> cups options = raw
> username map = /etc/samba/smbusers
> log file = /var/log/samba/%m.log
> max log size = 50
> local master = no
>
> [homes]
> comment = Home Directories
> browseable = no
> read only = no
>
> [printers]
> comment = All Printers
> path = /usr/spool/samba
> guest ok = yes
> printable = yes
>
> [compartido]
> comment = Lo que comparte Desarrollo
> path = /Compartido
> guest ok = yes
>
> I have to ask, did this ever work ?
>
> You have 'guest ok = yes' set in two of the shares, but the default
> for
> 'map to guest' is 'never', so you cannot have guest access, for this
> you
> need 'map to guest = bad user' set in [global]. Not that this really
> matters because you do not have 'unix passwd sync = yes' set in
> [global]. This means that nobody can connect to any of your shares.
>
> With a properly set up Samba standalone server on Devuan Ascii (aka
> Debian Stretch without systemd), I can connect to shares on a Domain
> computer as a Domain user. I can also connect to a Domain share as a
> guest user.
>
> Rowland
>
>
Thanks!
Certainly it worked, up to Debian 9.x. I used it every day.
The Samba 4 version is 4.6.5. It works as an Active Domain Controller
on a Debian 7.9.
--
M.Sc. Alberto García Fumero
Usuario Linux 97 138, registrado 10/12/1998
http://interese.cubava.cu
No son las horas que pones en tu trabajo lo que cuenta, sino el trabajo
que pones en esas horas.
More information about the samba
mailing list