Web lists-archives.com

Re: [Samba] Windows clients require reboot once a day in order to access mapped drives




Hai, 

If i may suggest.. 

AD-DC, fine no changes needed. 
File server smb.conf, i made some changes, see below. 

I change the keytab and kerberos methode because your thinking that related to the problem. 
And i changed some settings below, which are moved from Global setting to Share setting. 

3 settings where defined as (S) as in, its a "share" setting, so put it in the share definition. 
Now i suggest, play with these 2:
    access based share enum = yes
    smb encrypt = desired

Other option try :  acl_xattr:ignore system acls = yes 
In place of acl_xattr:default acl style = windows 

Try as shown with the config below, then turn the smb encrypt off, try again.
Then the other, try again.  You know the drill.  ;-) test the 3 changes share settings. 

Stop and start samba after changing these settings ( no restart ).
Just to make sure everything is loaded as it should. 

(the file server's ) adjusted smb.conf


[global]

dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab

workgroup = REALM
security = ads
realm = REALM.EXAMPLE.COM

# Logging
log file = /var/log/samba/%m.log
log level = 3

idmap config REALM : range = 2000000-2999999
idmap config REALM : backend = rid
idmap config * : range = 10000-999999
idmap config * : backend = tdb

winbind use default domain = no
winbind refresh tickets = yes
winbind offline logon = yes
winbind enum groups = no
winbind enum users = no

username map = /etc/samba/user.map
bind interfaces only = yes
interfaces = lo eth0

vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes

#disable netbios = yes
# just disable the start up of nmbd. 

template shell = /bin/false
template homedir = /srv/samba/Users/%U


[Users]
	  acl_xattr:default acl style = windows
        access based share enum = yes
	  smb encrypt = desired
        path = /srv/samba/Users
        comment = Share for user home dirs
        guest ok = no
        read only = no

[Shared]
	 acl_xattr:default acl style = windows
       access based share enum = yes
       smb encrypt = desired 
       path = /srv/samba/Shared
       guest ok = no
       read only = no

Greetz Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> Mason Schmitt via samba
> Verzonden: donderdag 25 april 2019 5:29
> Aan: Rowland Penny
> CC: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Windows clients require reboot once a 
> day in order to access mapped drives
> 
> >
> > At this point I'm starting to get in over my head and could use some
> > direction.  This looks like a Windows 10 client bug, but 
> given that I can't
> > see the full SMB conversation (due to encryption) I'm not 
> certain whether
> > the samba server is replying in the way the client expects. 
>  Can you or
> > someone else help me either find a work around or a 
> resolution?  Because
> > the Windows 7 clients (SMB2 not SMB3) don't exhibit this 
> behaviour, I'm
> > thinking that forcing all clients to downgrade to SMB2 
> would probably work
> > around the issue.  Can you confirm this?  If not, I can 
> just try it and see
> > what happens.
> >
> 
> I added "server max protocol = SMB2" to my smb.conf file.  
> After restarting
> smbd, I tried to connect using a windows 10 client and was 
> denied (error
> message on the client and server says that a parameter is 
> incorrect).  I
> rebooted the PC and tried again.  No go...  So apparently 
> it's not possible
> to force W10 to downgrade to SMB2?
> 
> I'm really hoping someone is able to give me something to go on here,
> because now I'm really stuck....
> 
> >
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba