Re: [Samba] User mapping/login issue
- Date: Thu, 25 Apr 2019 16:04:18 +0930
- From: Stephen Davies via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] User mapping/login issue
On 24/04/19 19:51, L.P.H. van Belle wrote:
Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens
Rowland Penny via samba
Verzonden: woensdag 24 april 2019 12:13
Onderwerp: Re: [Samba] User mapping/login issue
On Wed, 24 Apr 2019 11:38:58 +0200
"L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:
Im wondering here.. If the client is a windows 10 pc connecting,
../source3/smbd/negprot.c:419(reply_nt1) using SPNEGO
../source3/smbd/negprot.c:761(reply_negprot) Selected protocol NT
LM 0.12 ../source3/smbd/process.c:554(receive_smb_talloc)
receive_smb_raw_talloc failed for client
ipv4:10.55.66.82:59271 read error = NT_STATUS_CONNECTION_RESET.
And i see this..
Then why use these settings if its win10?
I sort of wondered about that, but only way to be sure was to add it
to the smb.conf for testing purposes. If it worked, then go one way,
if it didn't then go another way ;-)
@Rowland your are mislead.. ;-)
Ah, it is a PDC
Hm, no its a stand alone, the member references in my option.
security = user << stand alone ?
domain logons = yes << member ?
Nope, it is a PDC, from 'man smb.conf':
domain master (G)
When domain logons = Yes the default setting for this
parameter is Yes, with the result that Samba will be a PDC.
The OP has:
domain master = yes
domain logons = yes
Oeps, your totaly right. I missed that.
It would appear that there may be more than one issue with my smb.conf.
The scenario is a Centos 7 Linux server with a bunch of LAN connected windows
10 clients and several remote windows 10 clients which connect via VPN.
The server firewall accepts everything from the VPN.
The server and local clients are all in workgroup BENPARTS while the remote
clients are either stand-alone or in different workgroups/domains.
Local SMB access works as expected but remote access does not due to password
failures (as described in earlier log excerpts).
What should the domain-related entries in smb.conf be to support this scenario?
Cheers and thanks,
To unsubscribe from this list go to the following URL and read the