[Samba] Upgrade from 4.1.9-Zentyal to Version 4.7.6-Ubuntu

Mark b zoogate.1.markbann at spamgourmet.com
Sun Jan 19 19:29:33 UTC 2020

I upgrade from 4.1.9 to 4.7.6. Workstations are Win10 .

I have a legacy program (Corel Paradox  using Borland BDE) that cannot 
properly access the network share.

When starting the BDE creates lock files on the network share. The lock 
files are created but then it fails with a generic network that it 
cannot access the network file it just created. File is created by 
"nobody:sambashare" permissions 0664.  Paradox and the BDE can only use 
SMB1.  SMB1 is added to windows 10.

As a user I can manually delete the lock file either through mapped 
drive or UNC path.

I don't see anything that looks like an error in the logs (log level 
4).  I added ntlm auth=true to see if that did anything but no changes.

Need help fast or I will have to role back the server upgrades tonight.  
Is this a simple permission issue or SMB1 maybe?

Samba vesion: Version 4.7.6-Ubuntu

Samba as Primary Domain Controller  - simple file sharing
Server name:  APPSERVER1.local
Domain Name: LINGROUP
Win 10 updated to all latest.  SMB1 added in Windows Features

  testparm -s
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[DATA]"
Loaded services file OK.
idmap range not specified for domain '*'
ERROR: Invalid idmap range for domain *!

Server role: ROLE_DOMAIN_PDC

# Global parameters
         add machine script = sudo /usr/sbin/useradd -g machines -c "%u 
machine account" -d /var/lib/samba -s /bin/false %u
         add user script = /usr/sbin/adduser --quiet --disabled-password 
--gecos "" %u
         bind interfaces only = Yes
         dns proxy = No
         domain logons = Yes
         domain master = Yes
         load printers = No
         log file = /var/log/samba/log.%m
         logon drive = H:
         logon home =
         logon path =
         logon script = logon.bat
         map to guest = Bad User
         max log size = 1000
         name resolve order = wins lmhosts host bcast
         ntlm auth = ntlmv1-permitted
         obey pam restrictions = Yes
         pam password change = Yes
         panic action = /usr/share/samba/panic-action %d
         passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
         passwd program = /usr/bin/passwd %u
         preferred master = Yes
         security = USER
         server max protocol = NT1
         server role = classic primary domain controller
         server string = APP Samba %v %h
         template shell = /bin/bash
         unix password sync = Yes
         wins support = Yes
         workgroup = LINGROUP
         idmap config * : backend = tdb
         admin users = sysadmin
         create mask = 0660
         force create mode = 0770
         force directory mode = 0770
         hosts allow = 192.168.1. 10.10.10.
         hosts deny =
         use client driver = Yes
         veto oplock files = 

         browseable = No
         comment = Home Directories
         create mask = 0700
         directory mask = 0700
         read only = No
         valid users = %S
         vfs objects = recycle
         recycle:exclude = *.tmp, *~, *.bak
         recycle:keeptree = yes
         recycle:repository = Recycle_Bin

         comment = Network Logon Service
         guest ok = Yes
         path = /srv/samba/netlogon ; path = /home/samba/netlogon

         browseable = No
         comment = All Printers
         create mask = 0700
         guest ok = Yes
         path = /var/spool/samba
         printable = Yes

         comment = Cups Virtual PDF Printer
         guest ok = Yes
         lpq command =
         path = /var/spool/samba
         printable = Yes
         write list = root @lpadmin [PDFprinter]

         comment = APP Files
         force group = sambashare
         force user = nobody
         path = /mnt/APPDATA
         read only = No

More information about the samba mailing list