Web lists-archives.com

Re: [Samba] Windows clients require reboot once a day in order to access mapped drives




Hi Louis,

Note taken, thank you! I guess I put those in in order to troubleshoot some issues I had in the very beginning and forgot to take them out later.

Viktor

On 01.05.2019 11:30, L.P.H. van Belle wrote:
Hi Viktor,

Do note,
    winbind enum users  = yes
    winbind enum groups = yes

Set these to
    winbind enum users  = no
    winbind enum groups = no

It's only slowing down your server and if you need the outputs, use :
getent passwd username


Greetz,

Louis


-----Oorspronkelijk bericht-----
Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens
Viktor Trojanovic via samba
Verzonden: woensdag 1 mei 2019 11:24
Aan: samba@xxxxxxxxxxxxxxx
Onderwerp: Re: [Samba] Windows clients require reboot once a
day in order to access mapped drives

Hi Mason,

On 30.04.2019 19:41, Mason Schmitt wrote:
Hi Viktor,

     I didn't go through all the conversations and I'm not
sure if this will
     be of any help, I just wanted to inform that I've been
using mapped
     drives with Windows 10 for ages and never had the problems you
     described. I also never added or changed the "smb
encrypt" option. My
     Samba file server (AD member) was set up pretty much
the way as is
     described in the official Wiki and it just works. I can
confirm this
     for
     several versions from Samba 4.2.x to 4.9.x. And I never changed
     anything
     in the Windows 10 registry either.


Would you be willing to share your config files?  I'd be
curious to see
what's different between yours and mine.

Probably having the smb.conf and krb5.conf files from both
a samba DC
and file server would be helpful.


Sure, here you go:

For the DC:

/etc/samba/smb.conf
--------------------

[global]
          workgroup = SAMDOM
          realm = SAMDOM.EXAMPLE.COM
          netbios name = DC1
          server role = active directory domain controller
          dns forwarder = 8.8.8.8
          idmap_ldb:use rfc2307 = yes
          interfaces = eth0
          bind interfaces only = Yes

[netlogon]
          path = /var/lib/samba/sysvol/samdom.example.com/scripts
          read only = No
          write ok = Yes
          acl_xattr:ignore system acls = yes

[sysvol]
          path = /var/lib/samba/sysvol
          read only = No
          write ok = Yes
          acl_xattr:ignore system acls = yes


/etc/krb5.conf
--------------

default_realm = SAMDOM.EXAMPLE.COM
          dns_lookup_realm = false
          dns_lookup_kdc = true


For the domain member (krb5.conf same as on DC)

/etc/samba/smb.conf
-------------------
[global]

    netbios name = FILESERVER
    workgroup = SAMDOM
    security = ADS
    realm = SAMDOM.EXAMPLE.COM
    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab

    username map = /etc/samba/samba_usermap

    idmap config *:backend = tdb
    idmap config *:range = 2000-9999
    idmap config SAMDOM:backend = ad
    idmap config SAMDOM:schema_mode = rfc2307
    idmap config SAMDOM:range = 10000-99999
    idmap config SAMDOM:unix_nss_info = yes

    winbind use default domain = yes
    winbind enum users  = yes
    winbind enum groups = yes
    winbind refresh tickets = Yes

    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes

[exampleshare]
    path = /srv/samba/exampleshare
    comment = "Example Data"
    writeable = yes

These particular files are on Samba 4.9.4, clients are Win10.

Just fyi, I have a second installation where I'm not using keytabs on
the member and it works just as well.

Viktor

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba