[Samba] testparm comaprison

Trenta sis trenta.sis at gmail.com
Mon Sep 23 09:22:39 UTC 2019


Hi,

I have used testparm.

smb.conf from dc1 4.4.5
# Global parameters
[global]

        bind interfaces only = Yes
        interfaces = lo eth0 eth0:0
        netbios name = server1
        realm = DOMAIN.COM
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
        workgroup = DOMAIN
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
        comment =

        winbind enum users = yes
        winbind enum groups = yes

        tls enabled = yes
        tls keyfile = tls/server1.pem.key
        tls certfile = tls/server1.pem.crt
        tls cafile = tls/ca.pem.crt


        tls verify peer = ca_and_name

        ldap server require strong auth = no


[netlogon]
        path = /usr/local/samba/var/locks/sysvol/domain.com/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No


smb.conf dc2 4.10.7
# Global parameters
[global]
        bind interfaces only = Yes
        interfaces = lo eth0 eth0:0
        netbios name = server2
        realm = DOMAIN.COM
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
        workgroup = DOMAIN
        idmap_ldb:use rfc2307  = yes

        winbind enum users = yes
        winbind enum groups = yes

        tls enabled = yes
        tls keyfile = tls/server2.pem.key
        tls certfile = tls/server2.pem.crt
        tls cafile = tls/ca.pem.crt


        tls verify peer = ca_and_name

        ldap server require strong auth = no

       # tmp lan
       ntlm auth = yes


[netlogon]
        path = /usr/local/samba/var/locks/sysvol/domain.com/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

It seems that samba-tool testparm doesn't show
        map readonly = no
        store dos attributes = Yes

Our actual config is good?
Next step is demote and rejoin 4.4.5, and then I'll suspect that this
attributes will be removed with 4.10.7, but not sure if this can have
any impact to our infraestructure

thanks


Missatge de Trenta sis <trenta.sis at gmail.com> del dia dl., 23 de set.
2019 a les 10:46:
>
> Hi,
>
> Recently we have added 4.10.7 as additional dc, to our existing 4.4.5
> samba AD DC, comparing output testparm I have detected that 4.4.5 has
>         map readonly = no
>         store dos attributes = Yes
>
> but 4.10.7 doesn't have
>
> Also compared smb.conf and both has the same configuration.
>
> Is this correct? Are required this configurations on 4.10.7?
> In a few day I want to upgrade this 4.4.5 with rejoin, but I'm not
> sure what I have to do with this two differences
>
> Thanks



More information about the samba mailing list