Re: [Samba] Help win10 join
- Date: Thu, 14 Sep 2017 08:37:00 -0400
- From: Gaiseric Vandal via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Help win10 join
If you have set an "classic" NT4 style domain, you may need to set the signorseal registry key
(same as Windows 7.)I would also check samba parameters to make sure that NTLM v2 is enabled for authentication. I don't know if Windows 10 supports NTLM v1.
Also, for Windows 10 you MAY want to disable smb v3. Windows 7 does not use SMB v3, but Windows 10 does, but the SMB3 compatibility between windows 10 and Samba 4.x is not very good. However, I don't think that would affect login.
I would also look at upgrading to Ubuntu 16 - I think Samba 4.3.11 is EOL which means that at some point a Windows security patch may break compatibility with Samba.
Obviously if you already have kerberos and ldap backend used for other stuff besides samba, switch to samba AD is a significant decision. While Samba in classic mode can use your OpenLDAP (or whatever) LDAP server, Samba in AD will expect to use its own LDAP server, and I think still expects Heimdal KRB server not MIT. Which means any LDAP and kerberos stuff used by your linux machines will need to be reconfigured.
My classic PDC (version 4.1.14) is configured with the following settings server max protocol = NT1 server min protocol = NT1 server signing = default ntlm auth = Yes ldap server require strong auth = Yes allow dcerpc auth level connect = No On 09/14/17 06:36, Rowland Penny via samba wrote:
On Thu, 14 Sep 2017 11:40:13 +0200 Marco Gemignani <marko.gem@xxxxxxxxx> wrote:Il 14/09/2017 11:24, Rowland Penny via samba ha scritto:On Thu, 14 Sep 2017 10:31:42 +0200 Marco Gemignani via samba <samba@xxxxxxxxxxxxxxx> wrote:Hi, i have a LDAP+Kerberos+nfs+samba server and Windows 7 workstation joined to domain now i have some new workstation to join samba AD, but unable to join them i try and try many solution, but no success need some helpAnd we need some help to try and help you ;-) How is Samba set up ?install in this way sudo apt-get install samba Version 4.3.11-Ubuntu server configured as that guide: https://www.danbishop.org/2015/01/30/ubuntu-14-04-ultimate-server-guide/Hmm, you do realise that should be called the 'Ubuntu 14.04 Ultimate Old Type Server Guide', quite a few of the stages could be removed if you set it up as an AD DC instead. Why have you set up Samba as an NT4-Style PDC ? Why haven't you set up an AD DC instead ? Rowland
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba