[Samba] clients not connecting to samba shares

Rowland Penny rpenny at samba.org
Tue Mar 28 16:46:16 UTC 2023

On 28/03/2023 17:30, Gary Dale via samba wrote:
> It reports an error and samba doesn't start.
>>> So now I'm at the point that the samba service refuses to start.
>> I cannot see why removing the lines I suggested would stop Samba 
>> starting, I take it that you are starting Samba with 'systemctl start 
>> samba-ad-dc'. Is there anything in the logs that shows why it no 
>> longer starts ?
> It seems to think it isn't a DC. 

Very strange, a typical Samba AD DC smb.conf would look like this:

	bind interfaces only = Yes
	dns forwarder =
	interfaces = lo eth0
	netbios name = RPIDC2
	server role = active directory domain controller
	workgroup = SAMDOM
	idmap_ldb:use rfc2307 = yes

	path = /var/lib/samba/sysvol
	read only = No

	path = /var/lib/samba/sysvol/samdom.example.com/scripts
	read only = No

> I tried removing the current smb.conf 
> and re-provisioning the domain but that has failed.

Did it give a reason, such as the smb.conf existed for instance ?

>>> I'm loath to upgrade the samba version from the Debian version 
>>> without a clear benefit, It doesn't look like it would fix the 
>>> problem I'm having. 
>> The benefit is that you would be running a Samba supported version.
> And losing the Debian/Stable one....

Which is maintained by the same guy that maintains the Debian backports 
Samba package.

>>> Nor does this look like it's related in any way to using the DC as a 
>>> file server - something I've been doing for two decades without 
>>> problems. 
>> I do not think you could have been running a Samba AD DC for two 
>> decades, you probably ran A PDC at the start and you could use those 
>> as fileservers. Right from the start, Samba (like Windows) has always 
>> recommended just using a DC for authentication, but hey, it is your 
>> computer, use it as you like, but just be aware of the limitations.
> It wasn't an AD DC but it was the DC for my Domain.

Win 2k or 2003 ??

>>> The Samba Wiki caveats seem more related to organizational issues 
>>> than technical ones.
>> The main technical one is that, because of the ACL's setup required 
>> for Sysvol, you must set any share permissions from Windows.
> And that's not organizational?

No, not really, I would have said using multiple DC's or Sites was 
organisational, setting permissions from Windows is technical in my book.

>>> I'm considering tearing down everything and starting fresh. Decades 
>>> of accumulated crud could be real problem, since virtually everything 
>>> I've read suggests that a simple setup like mine should just work.
>> It should just work, in the main it should be easier than a PDC, but 
>> when used as a fileserver it can get a little bit harder.
>> Rowland
> Something is seriously wrong now. I had some memory go bad on the server 
> not too long ago. Possibly that screwed up something.  I don't think 
> I've got any real choice now but to purge.

This could be anything, HDD failing, power supply, just about anything, 
but it does sound like starting again might be a good idea. If you are 
starting again, then I would urge you to consider having multiple DC's 
and a separate fileserver.


More information about the samba mailing list