[Samba] Difficulty with samba after updating from 3.6.6 to 4.9.0.0
Rowland penny
rpenny at samba.org
Tue Jun 4 11:10:52 UTC 2019
On 03/06/2019 20:41, Rowland penny via samba wrote:
> On 03/06/2019 20:07, McGraw, Charles wrote:
>> The HP-UX Server is nothing more than a batch job server with file
>> shares
>
> OK, I will try another tack, is the smb.conf from the HP-UX ?
>
> If not, where is it from ?
>
> Also, in a slightly different way, what does the authentication, an AD
> DC or what ?
>
> If it is a an AD DC, is IDMU installed ?
>
> Rowland
>
>
>
>
OK, I will take a chance that the smb.conf is from the the HP (not that
this really matters), that it is joined to an AD domain and IDMU is not
installed.
These parameters no longer exist:
       update encrypted = Yes
       directory security mask = 0700
       force directory security mode = 0700
       unix ignore mask = No
You should allow Samba to find the best DC to use, so you don't need this:
       password server = DomainController01
The passwords are stored in AD, so don't need these:
       smb passwd file = /etc/opt/samba/private/smbpasswd
       passwd program = /usr/bin/passwd %u
These only make sense on a PDC:
       add user script = /opt/samba/bin/smbpasswd -%S -a -e -n
       logon path = \\%L\profiles\.msprofile
       logon drive = H:
       logon home = \\%L\%U\.9xprofile
       os level = 33
Finally, 'idmap uid/gid' has been replaced by 'idmap config' lines
       idmap uid = 10000-20000
       idmap gid = 10000-20000
Bearing the above in mind, I would try the following smb.conf:
global]
       workgroup = BCACD001
       realm = BCACD001.ATL.BLUECROSS.CA
       server string = SERVER
       security = ADS
       log level = 3
       log file = /var/adm/samba/samba-log.%m
       domain master = No
       lock directory = /etc/opt/samba/lock
       ## map ids outside of domain to tdb files.
       idmap config * : backend = tdb
       idmap config * : range = 2000-9999
       ## map ids from the domain the ranges may not overlap !
       idmap config BCACD001 : backend = rid
       idmap config BCACD001 : range = 10000-20000
       winbind separator = /
       print command = lp -c -d%p %s
There are other parameters that could be added, but one fence at a time ;-)
Rowland
More information about the samba
mailing list