[Samba] Problem with login win10
Rowland penny
rpenny at samba.org
Thu Aug 20 10:35:52 UTC 2020
On 20/08/2020 11:20, admin at prawda.net.pl wrote
> Hi
> Samba is installed on Debian
> I install from source ./configure --enable-debug --enable-selftest && make
> && make install
> Packages get from samba.org
No, you got a tarball from Samba, if you are interested, you can get
Debian Samba packages here: http://apt.van-belle.nl/
> My smb.conf
>
> # Global parameters
> [global]
> #<----->smb ports = 139
You are shooting yourself in the foot, this is a DC, you need port 445,
so I suggest you remove that line.
> <------>workgroup = WORK
> <------>realm = WORK.LOCAL
Using '.local' is not recommended.
> <------>netbios name = DEBIAN
> <------>server role = active directory domain controller
> <------>server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate
> #<----->log level = 4
> <------>log level = 2 passdb:5 auth:5
> <------>log file = /var/log/samba/samba.log.%m
> max log size = 50
> <------>debug timestamp = yes
> #<----->server max protocol = nt1
> <------>min protocol = SMB2
SMBv2 is now the default and is one reason you need port 445
> ntlm auth = yes
Do you really need ntlm auth ?
> [netlogon]
> <------>path = /usr/local/samba/var/locks/sysvol/work.local/scripts
> <------>read only = No
>
> [sysvol]
> <------>path = /usr/local/samba/var/locks/sysvol
> <------>read only = No
>
> [profiles]
> comment = Network Profiles Service
> path = /mnt/profile/profiles
> read only = No
> store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
>
Sorry, but you do not set up the profiles share on a Samba DC like that,
see here:
https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles#Using_Windows_ACLs
Rowland
More information about the samba
mailing list