On 3/1/21 9:19 AM, Rowland penny via samba wrote:> On 01/03/2021 15:04, K. R. Foley wrote:
>>
>> The firewall is disabled on the client PC. The client and the server
>> are on 2 separate subnets separated by a VPN. I am not aware of any
>> filtering going on between the two, but I can't say for sure
without
>> checking. Is there a list of ports somewhere that I can check to make
>> sure that they are all being routed over the VPN? I have already
>> checked everything that I can see in netstat on the server.
>
>
> For port usage, see these wiki pages:
>
> https://wiki.samba.org/index.php/Samba_NT4_PDC_Port_Usage
>
> https://wiki.samba.org/index.php/Samba_Domain_Member_Port_Usage
>
> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
>
>>
>> Keep in mind that the client can join the domain fine if I enable
>> SMB1 on the client. I don't want to use SMB1. That is why I am
trying
>> to figure this out. The client seems to think that the server is
>> asking for SMB1.
>
>
> This is what I am struggling with, by default SMBv1 is turned off from
> Samba 4.11.0 , if you want to use SMBv1 then you have to explicitly
> set it in smb.conf. You haven't set it, so your DC shouldn't be
using
> it, perhaps it is the client that is using it ?
>
> Rowland
>
I have disabled SMB1 using "Disable-WindowsOptionalFeature -Online
-FeatureName SMB1Protocol". If I enable it, it works.
kr