[Samba] Windows clients require reboot once a day in order to access mapped drives
L.P.H. van Belle
belle at bazuin.nl
Wed May 1 09:30:09 UTC 2019
Hi Viktor,
Do note,
> winbind enum users = yes
> winbind enum groups = yes
Set these to
winbind enum users = no
winbind enum groups = no
It's only slowing down your server and if you need the outputs, use :
getent passwd username
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Viktor Trojanovic via samba
> Verzonden: woensdag 1 mei 2019 11:24
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Windows clients require reboot once a
> day in order to access mapped drives
>
> Hi Mason,
>
> On 30.04.2019 19:41, Mason Schmitt wrote:
> > Hi Viktor,
> >
> > I didn't go through all the conversations and I'm not
> sure if this will
> > be of any help, I just wanted to inform that I've been
> using mapped
> > drives with Windows 10 for ages and never had the problems you
> > described. I also never added or changed the "smb
> encrypt" option. My
> > Samba file server (AD member) was set up pretty much
> the way as is
> > described in the official Wiki and it just works. I can
> confirm this
> > for
> > several versions from Samba 4.2.x to 4.9.x. And I never changed
> > anything
> > in the Windows 10 registry either.
> >
> >
> > Would you be willing to share your config files? I'd be
> curious to see
> > what's different between yours and mine.
> >
> > Probably having the smb.conf and krb5.conf files from both
> a samba DC
> > and file server would be helpful.
> >
>
> Sure, here you go:
>
> For the DC:
>
> /etc/samba/smb.conf
> --------------------
>
> [global]
> workgroup = SAMDOM
> realm = SAMDOM.EXAMPLE.COM
> netbios name = DC1
> server role = active directory domain controller
> dns forwarder = 8.8.8.8
> idmap_ldb:use rfc2307 = yes
> interfaces = eth0
> bind interfaces only = Yes
>
> [netlogon]
> path = /var/lib/samba/sysvol/samdom.example.com/scripts
> read only = No
> write ok = Yes
> acl_xattr:ignore system acls = yes
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
> write ok = Yes
> acl_xattr:ignore system acls = yes
>
>
> /etc/krb5.conf
> --------------
>
> default_realm = SAMDOM.EXAMPLE.COM
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
> For the domain member (krb5.conf same as on DC)
>
> /etc/samba/smb.conf
> -------------------
> [global]
>
> netbios name = FILESERVER
> workgroup = SAMDOM
> security = ADS
> realm = SAMDOM.EXAMPLE.COM
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
>
> username map = /etc/samba/samba_usermap
>
> idmap config *:backend = tdb
> idmap config *:range = 2000-9999
> idmap config SAMDOM:backend = ad
> idmap config SAMDOM:schema_mode = rfc2307
> idmap config SAMDOM:range = 10000-99999
> idmap config SAMDOM:unix_nss_info = yes
>
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
> winbind refresh tickets = Yes
>
> vfs objects = acl_xattr
> map acl inherit = Yes
> store dos attributes = Yes
>
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> [exampleshare]
> path = /srv/samba/exampleshare
> comment = "Example Data"
> writeable = yes
>
> These particular files are on Samba 4.9.4, clients are Win10.
>
> Just fyi, I have a second installation where I'm not using keytabs on
> the member and it works just as well.
>
> Viktor
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list