samba - Mar 2021 - Windows 10 cannot connect without SMB1

On 3/1/21 2:26 AM, Rowland penny via samba wrote:
> On 28/02/2021 21:23, K. R. Foley wrote:
>>
>> On 2/28/21 2:52 PM, Rowland penny via samba wrote:
>>> On 28/02/2021 20:30, K. R. Foley wrote:
>>>>
>>>> Contents of /etc/named.conf
>>>>
>>>> # Global Configuration Options
>>>> options {
>>>>
>>>> ??? # Forward queries that can not be answered from own zones
>>>> ??? # to these DNS servers:
>>>> #??? forwarders {
>>>> #??????? 8.8.8.8;
>>>> #??????? 8.8.4.4;
>>>> #??? };
>>>>
>>>
>>> Are your clients using something else for their nameserver and if 
>>> so, what ?
>> No. Currently only this server so I can control everything.
>>>
>>> If there is another nameserver is this forwarding the AD dns domain
>>> to the DC ?
>>>
>>> If none of the above applies and you want your clients to have 
>>> internet access, uncomment the 'forwarders' lines.
>>
>> The client already has access to the internet. The name server on 
>> this server acts as a caching name server and resolves names itself. 
>> That is why I have the forwarders disabled.
>
>
> Your DC must be authoritative for the AD dns domain and whilst your 
> clients can use another dns server as a caching name server, the 
> caching name server must forward anything? for your AD dns domain to a 
> DC.
>
> Rowland
>
In case there was any misunderstanding due to my rattling on, the DC is 
the only DNS that the client is pointing to. I uncommented the 
forwarders section. Still the error persists.

kr

On 01/03/2021 13:15, K. R. Foley wrote:
>
> On 3/1/21 2:26 AM, Rowland penny via samba wrote:
>> On 28/02/2021 21:23, K. R. Foley wrote:
>>>
>>> On 2/28/21 2:52 PM, Rowland penny via samba wrote:
>>>> On 28/02/2021 20:30, K. R. Foley wrote:
>>>>>
>>>>> Contents of /etc/named.conf
>>>>>
>>>>> # Global Configuration Options
>>>>> options {
>>>>>
>>>>> ??? # Forward queries that can not be answered from own
zones
>>>>> ??? # to these DNS servers:
>>>>> #??? forwarders {
>>>>> #??????? 8.8.8.8;
>>>>> #??????? 8.8.4.4;
>>>>> #??? };
>>>>>
>>>>
>>>> Are your clients using something else for their nameserver and
if
>>>> so, what ?
>>> No. Currently only this server so I can control everything.
>>>>
>>>> If there is another nameserver is this forwarding the AD dns
domain
>>>> to the DC ?
>>>>
>>>> If none of the above applies and you want your clients to have 
>>>> internet access, uncomment the 'forwarders' lines.
>>>
>>> The client already has access to the internet. The name server on 
>>> this server acts as a caching name server and resolves names
itself.
>>> That is why I have the forwarders disabled.
>>
>>
>> Your DC must be authoritative for the AD dns domain and whilst your 
>> clients can use another dns server as a caching name server, the 
>> caching name server must forward anything? for your AD dns domain to 
>> a DC.
>>
>> Rowland
>>
> In case there was any misunderstanding due to my rattling on, the DC 
> is the only DNS that the client is pointing to. I uncommented the 
> forwarders section. Still the error persists.
>
> kr
>
Everything seems okay, just about the only other things I can think of are:

Is a firewall getting in the way, AD uses a lot more ports than an 
NT4-style domain.

How are you starting Samba, You should just be starting the 'samba' 
daemon which will start any other required daemons.

Rowland