Web lists-archives.com

Re: [Samba] Flooding Samba DC with random requests




On Tue, 25 Apr 2017 12:07:35 +0000
Julian Zielke via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Smb.conf on our clients:
> ==================
> #Ansible managed
> # global options
> [global]
>   workgroup = NLI
>   realm = NLI.LOCAL
>   netbios name = xxxxxx
>   server string = Samba AD Client Version %v
>   security = ads
>   password server = dc3.nli.local, dc4.nli.local, dc2.nli.local,
> dc1.nli.local, * server role = member server
>   socket options = TCP_NODELAY SO_KEEPALIVE=4
>   deadtime = 15
> 
> # winbind options
>   winbind enum users = yes
>   winbind enum groups = yes
>   winbind refresh tickets = yes
>   winbind offline logon = true
>   winbind nested groups = yes
>   winbind use default domain = yes
>   winbind cache time = 300
> 
>   winbind nss info = template
>   template shell = /bin/bash
>   template homedir = /home/NLI.LOCAL/%U
> 
> # local user id mapping
>   idmap config * : backend = tdb
>   idmap config * : range = 3000-7999
> 
> # domain user id mapping
>   idmap config NLI : backend = rid
>   idmap config NLI : range = 10000-999999
> 
> # log configuration
>   log file = /var/log/samba/log.%m
>   log level = 1
>   max log size = 1000
> 
> # root to domain admin mapping
>   username map = /etc/samba/user.map

It is probably as Andrew has said, but I would make a few changes to
the clients smb.conf:
Remove the  'password server' line, you should allow the client to find
the DC via DNS
Remove the 'socket options' line, this really isn't required now.
Remove the 'winbind enum' lines, you definitely don't need these. 

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba