Hai basti, Few tips here you can check/try. A know problem, this might happen if your primary dns and/or search dns are not correct when connected to the VPN. See if you can use \\host.dnsdomain.tld\share and not \\host\share Then test \\dnsdomain.tld\sysvol and \\dc.dnsdomain.tld\sysvol Last, if you trying to access through CNAME, you might have hit this bug. https://support.microsoft.com/nl-nl/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias Also what might be handy for us. OS and version? Samba version? And windows eventID's might help and post the eventID description also, yes i know, its german, thats ok. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > basti via samba > Verzonden: dinsdag 23 april 2019 15:31 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Win10 cant connect to DomainController > > On 23.04.19 14:51, Rowland Penny via samba wrote: > > On Tue, 23 Apr 2019 14:35:16 +0200 > > basti via samba <samba at lists.samba.org> wrote: > > > >> Hello, > >> I have a Win10 Client connected via openVPN to the company LAN. > >> openVPN seem to work fine. I get Routes, the AD DNS > server, can ping > >> domain controller file Server etc. > > > > It looks like you have connected to the internal lan via > VPN, so your > > Win10 client is now part of the lan, but is it a domain member ? > > Yes the win10, client is a domain member. > > > > >> > >> Authendicaten on Fileserver fail (cant connect to domaincontroller) > >> gpupdate fail with the same error. > > > > Where is the error message coming from ? on your Win10 > client ? or the > > fileserver ? > > The error come from win10 cleint, i can login with username > and password. > > > >> > >> Firewall haas open all port list here: > >> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage > > > > Which firewall ? > > The firewall is on the company router which is also the vpn endpoint. > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Thank you Louis, I have fixed it. I had changed an hosts deny = 10.0.8. to hosts deny = 10.0.8.xx and only reload the config. After restart samba-ad-dc i can connect to \\dc1.dnsdomain.tld\sysvol On 23.04.19 15:41, L.P.H. van Belle via samba wrote:> Hai basti, > > Few tips here you can check/try. > > A know problem, this might happen if your primary dns and/or search dns are not correct when connected to the VPN. > > See if you can use \\host.dnsdomain.tld\share and not \\host\share > Then test \\dnsdomain.tld\sysvol and \\dc.dnsdomain.tld\sysvol > > Last, if you trying to access through CNAME, you might have hit this bug. > https://support.microsoft.com/nl-nl/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias > > Also what might be handy for us. > > OS and version? > Samba version? > > And windows eventID's might help and post the eventID description also, yes i know, its german, thats ok. > > > Greetz, > > Louis
Hai Basti, Just make sure you can also connect to : \\dnsdomain.tld\sysvol That should work also, if you have multiple servers it's a random DC your accessing. But good know you found it. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > basti via samba > Verzonden: dinsdag 23 april 2019 16:24 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Win10 cant connect to DomainController > > Thank you Louis, > I have fixed it. > > I had changed an hosts deny = 10.0.8. to hosts deny = > 10.0.8.xx and only > reload the config. After restart samba-ad-dc i can connect to > \\dc1.dnsdomain.tld\sysvol > > On 23.04.19 15:41, L.P.H. van Belle via samba wrote: > > Hai basti, > > > > Few tips here you can check/try. > > > > A know problem, this might happen if your primary dns > and/or search dns are not correct when connected to the VPN. > > > > See if you can use \\host.dnsdomain.tld\share and not \\host\share > > Then test \\dnsdomain.tld\sysvol and \\dc.dnsdomain.tld\sysvol > > > > Last, if you trying to access through CNAME, you might have > hit this bug. > > > https://support.microsoft.com/nl-nl/help/3181029/smb-file-serv > er-share-access-is-unsuccessful-through-dns-cname-alias > > > > Also what might be handy for us. > > > > OS and version? > > Samba version? > > > > And windows eventID's might help and post the eventID > description also, yes i know, its german, thats ok. > > > > > > Greetz, > > > > Louis > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >