Web lists-archives.com

Re: [Samba] Windows clients require reboot once a day in order to access mapped drives




Forgot to mention, are sure your time sync over AD is working correctly. 
One to add to you list, check times of server and clients, (* yes again, if needed just to be sure). 
 

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> L.P.H. van Belle via samba
> Verzonden: donderdag 25 april 2019 9:03
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Windows clients require reboot once a 
> day in order to access mapped drives
> 
> Hai, 
> 
> If i may suggest.. 
> 
> AD-DC, fine no changes needed. 
> File server smb.conf, i made some changes, see below. 
> 
> I change the keytab and kerberos methode because your 
> thinking that related to the problem. 
> And i changed some settings below, which are moved from 
> Global setting to Share setting. 
> 
> 3 settings where defined as (S) as in, its a "share" setting, 
> so put it in the share definition. 
> Now i suggest, play with these 2:
>     access based share enum = yes
>     smb encrypt = desired
> 
> Other option try :  acl_xattr:ignore system acls = yes 
> In place of acl_xattr:default acl style = windows 
> 
> Try as shown with the config below, then turn the smb encrypt 
> off, try again.
> Then the other, try again.  You know the drill.  ;-) test the 
> 3 changes share settings. 
> 
> Stop and start samba after changing these settings ( no restart ).
> Just to make sure everything is loaded as it should. 
> 
> (the file server's ) adjusted smb.conf
> 
> 
> [global]
> 
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> 
> workgroup = REALM
> security = ads
> realm = REALM.EXAMPLE.COM
> 
> # Logging
> log file = /var/log/samba/%m.log
> log level = 3
> 
> idmap config REALM : range = 2000000-2999999
> idmap config REALM : backend = rid
> idmap config * : range = 10000-999999
> idmap config * : backend = tdb
> 
> winbind use default domain = no
> winbind refresh tickets = yes
> winbind offline logon = yes
> winbind enum groups = no
> winbind enum users = no
> 
> username map = /etc/samba/user.map
> bind interfaces only = yes
> interfaces = lo eth0
> 
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
> 
> #disable netbios = yes
> # just disable the start up of nmbd. 
> 
> template shell = /bin/false
> template homedir = /srv/samba/Users/%U
> 
> 
> [Users]
> 	  acl_xattr:default acl style = windows
>         access based share enum = yes
> 	  smb encrypt = desired
>         path = /srv/samba/Users
>         comment = Share for user home dirs
>         guest ok = no
>         read only = no
> 
> [Shared]
> 	 acl_xattr:default acl style = windows
>        access based share enum = yes
>        smb encrypt = desired 
>        path = /srv/samba/Shared
>        guest ok = no
>        read only = no
> 
> Greetz Louis
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> > Mason Schmitt via samba
> > Verzonden: donderdag 25 april 2019 5:29
> > Aan: Rowland Penny
> > CC: samba@xxxxxxxxxxxxxxx
> > Onderwerp: Re: [Samba] Windows clients require reboot once a 
> > day in order to access mapped drives
> > 
> > >
> > > At this point I'm starting to get in over my head and 
> could use some
> > > direction.  This looks like a Windows 10 client bug, but 
> > given that I can't
> > > see the full SMB conversation (due to encryption) I'm not 
> > certain whether
> > > the samba server is replying in the way the client expects. 
> >  Can you or
> > > someone else help me either find a work around or a 
> > resolution?  Because
> > > the Windows 7 clients (SMB2 not SMB3) don't exhibit this 
> > behaviour, I'm
> > > thinking that forcing all clients to downgrade to SMB2 
> > would probably work
> > > around the issue.  Can you confirm this?  If not, I can 
> > just try it and see
> > > what happens.
> > >
> > 
> > I added "server max protocol = SMB2" to my smb.conf file.  
> > After restarting
> > smbd, I tried to connect using a windows 10 client and was 
> > denied (error
> > message on the client and server says that a parameter is 
> > incorrect).  I
> > rebooted the PC and tried again.  No go...  So apparently 
> > it's not possible
> > to force W10 to downgrade to SMB2?
> > 
> > I'm really hoping someone is able to give me something to 
> go on here,
> > because now I'm really stuck....
> > 
> > >
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> > 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba