[Samba] Strange problem accessing sysvol share....

Bo Kersey bo at vircio.com
Mon Nov 1 16:32:10 UTC 2021 

>From a Windows 10 (21H1) machine against Samba 4.12.15 single active directory server 

samba domain is samdom.example.com 
server is fs.samdom.example.com 

\\fs.samdom.example.com\sysvol works just fine.... 
\\samdom.example.com\sysvol asks for user/pass (even as a domain admin). 

Other shares can be accessed via either name: 
e.g. 
\\fs.samdom.example.com\home 
\\samdom.example.com\home 
both work just fine. 

if fact the netlogon share, which is s subdirectory of sysvol works just fine 

Both resolve to the same IP. No problems with DNS updates, etc... 


smb.conf 
[global] 
workgroup = SAMDOM 
realm = SAMDOM.EXAMPLE.COM 
server role = active directory domain controller 
passdb backend = samba_dsdb 
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate 
rpc_server:tcpip = no 
rpc_server:winreg = embedded 
rpc_server:ntsvcs = embedded 
rpc_server:eventlog = embedded 
rpc_server:srvsvc = embedded 
rpc_server:svcctl = embedded 
rpc_server:default = external 
winbindd:use external pipes = true 
map archive = No 
map readonly = No 
vfs objects = acl_xattr 

log level = 1 auth_audit:3 
log file = /var/log/samba/%M.log 


template homedir = /home/%U 
template shell = /bin/false 

ldap server require strong auth = allow_sasl_over_tls 

rpc_daemon:spoolssd = fork 
rpc_server:spoolss = embedded 
printing = cups 
printcap name = cups 
interfaces = eth0 

hostname lookups = yes 

deadtime = 15 


[netlogon] 
path = /var/lib/samba/sysvol/samdom.example.com/scripts 
read only = No 
browsable = No 

[sysvol] 
path = /var/lib/samba/sysvol 
read only = No 
browsable = No 

[home] 
comment = Home Directories 
path = /home 
read only = No 

[printers] 
comment = All Printers 
path = /var/spool/samba 
printable = Yes 
printing = CUPS 

[print$] 
comment = Printer Drivers 
path = /data/samba/prtdrv 
invalid users = @noaccess 


[profiles] 
comment = Roaming Profiles 
path = /data/samba/profiles 
read only = No 
browseable = No 
store dos attributes = Yes 
csc policy = disable

Bo Kersey 
VirCIO - managed network solutions 
4314 Avenue C 
Austin, TX 78751 
phone: (512)374-0500 

In theory there is no difference between theory and practice.  In practice, there is. - noted philosopher Yogi Berra

More information about the samba mailing list