[Samba] File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name
Rowland Penny
rpenny at samba.org
Tue Dec 6 21:24:59 UTC 2022
On 06/12/2022 20:58, Travis Wenks via samba wrote:
> Hi all,
> First, thank you for such an amazing project!
>
> Second an apology for an extremely long post, I tried to add all the info I
> could think of so this is a quick fix!
>
> I support multiple client sites that we built samba dc’s from source.
>
> I wrote a quick script to update our client dc’s. As it has no sanity
> checks or safety’s to not destroy data I will not post a functional copy of
> it here. If anyone would like it I would be glad to email it to anyone who
> wants it.
>
> Here is the issue, we started updating 5 sites and once those were done we
> started getting reports of network drives failing.
>
> If a user is in a group and that group defines the permissions to access a
> share they cannot access it. If the ip address is used it works fine.
>
> So if a user is a member of a group this is the behavior,
>
> \\file-server.domain\share
> Fails
> \\file-server\share
> Fails also, but
> \\ip-of-file-server\share
> works fine
>
Sounds like kerberos is failing, but NTLM is working. Try getting the
windows machine to leave the domain and rejoin, this will rewrite the
machines kerberos ticket.
Have you considered using Debian ? Bullseye now comes with Samba 4.17.3
from backports, this will save you having to build it yourself.
Rowland
More information about the samba
mailing list