[Samba] Windows 10 cannot connect without SMB1
L.P.H. van Belle
belle at bazuin.nl
Mon Mar 1 16:03:52 UTC 2021
Account: local.richardshapiro.com\administrator
change it to
Account: administrator at local.richardshapiro.com
should work, i seen same here.
but, only works AFTER all old drives are disconnected.
03/01/2021 09:43:28:749 NetpDsGetDcName: failed to find a DC having
account 'KR-DEV$': 0x525, last error is 0x0
on this, verify the A and PTR records of your AD-DC.
still smells like a windows thingy..
you can also try upgrading samba, 4.14 is almost out which makes 4.11 old/unspported.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens K. R. Foley via
> samba
> Verzonden: maandag 1 maart 2021 16:57
> Aan: Rowland penny; sambalist
> Onderwerp: Re: [Samba] Windows 10 cannot connect without SMB1
>
>
> On 3/1/21 9:40 AM, Rowland penny via samba wrote:
> > On 01/03/2021 15:35, K. R. Foley wrote:
> >>
> >> On 3/1/21 9:19 AM, Rowland penny via samba wrote:
> >>> On 01/03/2021 15:04, K. R. Foley wrote:
> >>>>
> >>>> The firewall is disabled on the client PC. The client and the
> >>>> server are on 2 separate subnets separated by a VPN. I am not aware
> >>>> of any filtering going on between the two, but I can't say for sure
> >>>> without checking. Is there a list of ports somewhere that I can
> >>>> check to make sure that they are all being routed over the VPN? I
> >>>> have already checked everything that I can see in netstat on the
> >>>> server.
> >>>
> >>>
> >>> For port usage, see these wiki pages:
> >>>
> >>> https://wiki.samba.org/index.php/Samba_NT4_PDC_Port_Usage
> >>>
> >>> https://wiki.samba.org/index.php/Samba_Domain_Member_Port_Usage
> >>>
> >>> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
> >>>
> >>>>
> >>>> Keep in mind that the client can join the domain fine if I enable
> >>>> SMB1 on the client. I don't want to use SMB1. That is why I am
> >>>> trying to figure this out. The client seems to think that the
> >>>> server is asking for SMB1.
> >>>
> >>>
> >>> This is what I am struggling with, by default SMBv1 is turned off
> >>> from Samba 4.11.0 , if you want to use SMBv1 then you have to
> >>> explicitly set it in smb.conf. You haven't set it, so your DC
> >>> shouldn't be using it, perhaps it is the client that is using it ?
> >>>
> >>> Rowland
> >>>
> >> I have disabled SMB1 using "Disable-WindowsOptionalFeature -Online
> >> -FeatureName SMB1Protocol". If I enable it, it works.
> >>
> >> kr
> >>
> >
> > When you join to a domain, the client searches for a DC, I am now
> > wondering if something else (that is SMBv1 aware) is replying and
> > causing the error message, perhaps the old PDC ?
> >
> > Rowland
> >
> Here is the debug from the Windows client. The domain for the old domain
> is different.
>
> 03/01/2021 09:43:27:468 NetpDoDomainJoin
> 03/01/2021 09:43:27:468 NetpDoDomainJoin: using current computer names
> 03/01/2021 09:43:27:468 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios)
> returned 0x0
> 03/01/2021 09:43:27:468 NetpDoDomainJoin:
> NetpGetComputerNameEx(DnsHostName) returned 0x0
> 03/01/2021 09:43:27:468 NetpMachineValidToJoin: 'KR-DEV'
> 03/01/2021 09:43:27:468 NetpMachineValidToJoin: status: 0x0
> 03/01/2021 09:43:27:468 NetpJoinDomain
> 03/01/2021 09:43:27:468 HostName: KR-Dev
> 03/01/2021 09:43:27:468 NetbiosName: KR-DEV
> 03/01/2021 09:43:27:468 Domain: local.richardshapiro.com
> 03/01/2021 09:43:27:468 MachineAccountOU: (NULL)
> 03/01/2021 09:43:27:468 Account:
> local.richardshapiro.com\administrator
> 03/01/2021 09:43:27:468 Options: 0x25
> 03/01/2021 09:43:27:484 NetpValidateName: checking to see if
> 'local.richardshapiro.com' is valid as type 3 name
> 03/01/2021 09:43:27:484 NetpValidateName: 'local.richardshapiro.com' is
> not a valid NetBIOS domain name: 0x7b
> 03/01/2021 09:43:27:577 NetpCheckDomainNameIsValid [ Exists ] for
> 'local.richardshapiro.com' returned 0x0
> 03/01/2021 09:43:27:577 NetpValidateName: name
> 'local.richardshapiro.com' is valid for type 3
> 03/01/2021 09:43:27:577 NetpDsGetDcName: trying to find DC in domain
> 'local.richardshapiro.com', flags: 0x1020
> 03/01/2021 09:43:28:046 NetpDsGetDcName: failed to find a DC having
> account 'KR-DEV$': 0x525, last error is 0x0
> 03/01/2021 09:43:28:046 NetpDsGetDcName: found DC
> '\\ss-prod.local.richardshapiro.com' in the specified domain
> 03/01/2021 09:43:28:046 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
> 03/01/2021 09:43:28:046 NetpDisableIDNEncoding: using FQDN
> local.richardshapiro.com from dcinfo
> 03/01/2021 09:43:28:046 NetpDisableIDNEncoding:
> DnsDisableIdnEncoding(UNTILREBOOT) on 'local.richardshapiro.com' succeeded
> 03/01/2021 09:43:28:046 NetpJoinDomainOnDs: NetpDisableIDNEncoding
> returned: 0x0
> 03/01/2021 09:43:28:140 NetUseAdd to
> \\ss-prod.local.richardshapiro.com\IPC$ returned 384
> 03/01/2021 09:43:28:140 NetpJoinDomainOnDs: status of connecting to dc
> '\\ss-prod.local.richardshapiro.com': 0x180
> 03/01/2021 09:43:28:140 NetpJoinDomainOnDs: Function exits with status
> of: 0x180
> 03/01/2021 09:43:28:140 NetpResetIDNEncoding:
> DnsDisableIdnEncoding(RESETALL) on 'local.richardshapiro.com' returned 0x0
> 03/01/2021 09:43:28:140 NetpJoinDomainOnDs: NetpResetIDNEncoding on
> 'local.richardshapiro.com': 0x0
> 03/01/2021 09:43:28:140 NetpDoDomainJoin: status: 0x180
> 03/01/2021 09:43:28:155
> -----------------------------------------------------------------
> 03/01/2021 09:43:28:155 NetpDoDomainJoin
> 03/01/2021 09:43:28:155 NetpDoDomainJoin: using current computer names
> 03/01/2021 09:43:28:155 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios)
> returned 0x0
> 03/01/2021 09:43:28:155 NetpDoDomainJoin:
> NetpGetComputerNameEx(DnsHostName) returned 0x0
> 03/01/2021 09:43:28:155 NetpMachineValidToJoin: 'KR-DEV'
> 03/01/2021 09:43:28:155 NetpMachineValidToJoin: status: 0x0
> 03/01/2021 09:43:28:155 NetpJoinDomain
> 03/01/2021 09:43:28:155 HostName: KR-Dev
> 03/01/2021 09:43:28:155 NetbiosName: KR-DEV
> 03/01/2021 09:43:28:155 Domain: local.richardshapiro.com
> 03/01/2021 09:43:28:155 MachineAccountOU: (NULL)
> 03/01/2021 09:43:28:155 Account:
> local.richardshapiro.com\administrator
> 03/01/2021 09:43:28:155 Options: 0x27
> 03/01/2021 09:43:28:155 NetpValidateName: checking to see if
> 'local.richardshapiro.com' is valid as type 3 name
> 03/01/2021 09:43:28:155 NetpValidateName: 'local.richardshapiro.com' is
> not a valid NetBIOS domain name: 0x7b
> 03/01/2021 09:43:28:281 NetpCheckDomainNameIsValid [ Exists ] for
> 'local.richardshapiro.com' returned 0x0
> 03/01/2021 09:43:28:281 NetpValidateName: name
> 'local.richardshapiro.com' is valid for type 3
> 03/01/2021 09:43:28:281 NetpDsGetDcName: trying to find DC in domain
> 'local.richardshapiro.com', flags: 0x1020
> 03/01/2021 09:43:28:749 NetpDsGetDcName: failed to find a DC having
> account 'KR-DEV$': 0x525, last error is 0x0
> 03/01/2021 09:43:28:749 NetpDsGetDcName: found DC
> '\\ss-prod.local.richardshapiro.com' in the specified domain
> 03/01/2021 09:43:28:749 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
> 03/01/2021 09:43:28:749 NetpDisableIDNEncoding: using FQDN
> local.richardshapiro.com from dcinfo
> 03/01/2021 09:43:28:749 NetpDisableIDNEncoding:
> DnsDisableIdnEncoding(UNTILREBOOT) on 'local.richardshapiro.com' succeeded
> 03/01/2021 09:43:28:749 NetpJoinDomainOnDs: NetpDisableIDNEncoding
> returned: 0x0
> 03/01/2021 09:43:28:765 NetUseAdd to
> \\ss-prod.local.richardshapiro.com\IPC$ returned 384
> 03/01/2021 09:43:28:765 NetpJoinDomainOnDs: status of connecting to dc
> '\\ss-prod.local.richardshapiro.com': 0x180
> 03/01/2021 09:43:28:765 NetpJoinDomainOnDs: Function exits with status
> of: 0x180
> 03/01/2021 09:43:28:765 NetpResetIDNEncoding:
> DnsDisableIdnEncoding(RESETALL) on 'local.richardshapiro.com' returned 0x0
> 03/01/2021 09:43:28:765 NetpJoinDomainOnDs: NetpResetIDNEncoding on
> 'local.richardshapiro.com': 0x0
> 03/01/2021 09:43:28:765 NetpDoDomainJoin: status: 0x180
>
> kr
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list