[Samba] File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name

Luke Barone lukebarone at gmail.com
Tue Dec 6 21:32:56 UTC 2022

This sounds a lot like my problem. No issue with the IP address, but all
the drive maps and file shares use the FQDN, and those have been failing
unless I add another UID to shares with `setfacl`.

The other thing I did was create a new group, copy all the members over,
then assign that group the same permissions on the file server as the
previous group. I have yet to delete the original group, but I'll be
attempting that over the winter break coming up.

On Tue, Dec 6, 2022 at 1:25 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On 06/12/2022 20:58, Travis Wenks via samba wrote:
> > Hi all,
> > First, thank you for such an amazing project!
> >
> > Second an apology for an extremely long post, I tried to add all the
> info I
> > could think of so this is a quick fix!
> >
> > I support multiple client sites that we built samba dc’s from source.
> >
> > I wrote a quick script to update our client dc’s. As it has no sanity
> > checks or safety’s to not destroy data I will not post a functional copy
> of
> > it here. If anyone would like it I would be glad to email it to anyone
> who
> > wants it.
> >
> > Here is the issue, we started updating 5 sites and once those were done
> we
> > started getting reports of network drives failing.
> >
> > If a user is in a group and that group defines the permissions to access
> a
> > share they cannot access it. If the ip address is used it works fine.
> >
> > So if a user is a member of a group this is the behavior,
> >
> > \\file-server.domain\share
> > Fails
> > \\file-server\share
> > Fails also, but
> > \\ip-of-file-server\share
> > works fine
> >
> Sounds like kerberos is failing, but NTLM is working. Try getting the
> windows machine to leave the domain and rejoin, this will rewrite the
> machines kerberos ticket.
> Have you considered using Debian ? Bullseye now comes with Samba 4.17.3
> from backports, this will save you having to build it yourself.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list