samba - Jun 2023 - Veto Op Locks does not seem to working properly after updates

Continuation of this thread: 
https://www.spinics.net/lists/samba/msg179456.html

I was able to get Samba working (properly I think) except my database 
cannot properly lock and unlock files.

Paradox database (corel, Borland BDE) depending on SMB1 protocols.? The 
database uses lock files to track database table and record usage.? 
Database locks are no longer being properly released after updating to 
Samba 4.18.3 from an old version (not sure which version 4.x of some sort).


# Global parameters
[global]
 ??????? add machine script = sudo /usr/sbin/useradd -g machines -c "%u 
machine account" -d /var/lib/samba -s /bin/false %u
 ??????? add user script = /usr/sbin/adduser --quiet --disabled-password 
--gecos "" %u
 ??????? client max protocol = NT1
 ??????? client min protocol = NT1
 ??????? dns proxy = No
 ??????? domain logons = Yes
 ??????? domain master = Yes
 ??????? load printers = No
 ??????? log file = /var/log/samba/log.%m
 ??????? logon drive = H:
 ??????? logon home  ??????? logon path  ??????? logon script = logon.bat
 ??????? map to guest = Bad User
 ??????? max log size = 1000
 ??????? name resolve order = wins lmhosts host bcast
 ??????? ntlm auth = ntlmv1-permitted
 ??????? obey pam restrictions = Yes
 ??????? pam password change = Yes
 ??????? panic action = /usr/share/samba/panic-action %d
 ??????? passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
 ??????? passwd program = /usr/bin/passwd %u
 ??????? preferred master = Yes
 ??????? server max protocol = NT1
 ??????? server min protocol = NT1
 ??????? server role = classic primary domain controller
 ??????? server string = APP Samba %v %h
 ??????? template homedir = /home/%U
 ??????? template shell = /bin/bash
 ??????? unix password sync = Yes
 ??????? username map = /usr/local/samba/etc/username.map
 ??????? wins support = Yes
 ??????? workgroup = LINGROUP
 ??????? idmap config lingroup : range = 10000-999999
 ??????? idmap config lingroup : backend = rid
 ??????? idmap config * : range = 3000-7999
 ??????? idmap config * : backend = tdb
 ??????? admin users = sysadmin
 ??????? hosts allow = 127.0.0.1 192.168.1. 192.168.0.0/26
 ??????? hosts deny = 0.0.0.0/0
 ??????? use client driver = Yes
 ??????? veto oplock files = 
/*.TV/*.FAM/*.dat/*.DAT/*.db/*.DB/*.X??/*.x??/*.Y??/*.y??/*.MB/*.mb/*.VAL/*.val/*.PX/*.px/*.mdb/*.MDB/*.lck/*.LCK/*.net/*.NET/


--
Mark B

I should mention I am still getting these errors from winbind

Jun 13 12:17:55 APPServer1 winbindd[2590]: [2023/06/13 12:17:55.791855,? 
0] ../../source3/param/loadparm.c:4143(lp_load_ex)
Jun 13 12:17:55 APPServer1 winbindd[2590]:?? lp_load_ex: Max protocol 
NT1 is less than min protocol SMB2_02.
Jun 13 12:17:55 APPServer1 winbindd[2589]: [2023/06/13 12:17:55.793195,? 
0] ../../source3/param/loadparm.c:4143(lp_load_ex)
Jun 13 12:17:55 APPServer1 winbindd[2589]:?? lp_load_ex: Max protocol 
NT1 is less than min protocol SMB2_02.
Jun 13 12:17:55 APPServer1 winbindd[2590]: [2023/06/13 12:17:55.794047,? 
0] ../../source3/param/loadparm.c:4143(lp_load_ex)
Jun 13 12:17:55 APPServer1 winbindd[2590]:?? lp_load_ex: Max protocol 
NT1 is less than min protocol SMB2_02.

even though I have both of these set:

client max protocol = NT1
 ??????? client min protocol = NT1

 ? server max protocol = NT1
 ??????? server min protocol = NT1


On 6/14/2023 1:13 PM, Mark Bannister via samba wrote:
> Continuation of this thread: 
> https://www.spinics.net/lists/samba/msg179456.html
>
> I was able to get Samba working (properly I think) except my database 
> cannot properly lock and unlock files.
>
> Paradox database (corel, Borland BDE) depending on SMB1 protocols.? 
> The database uses lock files to track database table and record 
> usage.? Database locks are no longer being properly released after 
> updating to Samba 4.18.3 from an old version (not sure which version 
> 4.x of some sort).
>
>
> # Global parameters
> [global]
> ??????? add machine script = sudo /usr/sbin/useradd -g machines -c "%u
> machine account" -d /var/lib/samba -s /bin/false %u
> ??????? add user script = /usr/sbin/adduser --quiet 
> --disabled-password --gecos "" %u
> ??????? client max protocol = NT1
> ??????? client min protocol = NT1
> ??????? dns proxy = No
> ??????? domain logons = Yes
> ??????? domain master = Yes
> ??????? load printers = No
> ??????? log file = /var/log/samba/log.%m
> ??????? logon drive = H:
> ??????? logon home > ??????? logon path > ??????? logon script =
logon.bat
> ??????? map to guest = Bad User
> ??????? max log size = 1000
> ??????? name resolve order = wins lmhosts host bcast
> ??????? ntlm auth = ntlmv1-permitted
> ??????? obey pam restrictions = Yes
> ??????? pam password change = Yes
> ??????? panic action = /usr/share/samba/panic-action %d
> ??????? passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> ??????? passwd program = /usr/bin/passwd %u
> ??????? preferred master = Yes
> ??????? server max protocol = NT1
> ??????? server min protocol = NT1
> ??????? server role = classic primary domain controller
> ??????? server string = APP Samba %v %h
> ??????? template homedir = /home/%U
> ??????? template shell = /bin/bash
> ??????? unix password sync = Yes
> ??????? username map = /usr/local/samba/etc/username.map
> ??????? wins support = Yes
> ??????? workgroup = LINGROUP
> ??????? idmap config lingroup : range = 10000-999999
> ??????? idmap config lingroup : backend = rid
> ??????? idmap config * : range = 3000-7999
> ??????? idmap config * : backend = tdb
> ??????? admin users = sysadmin
> ??????? hosts allow = 127.0.0.1 192.168.1. 192.168.0.0/26
> ??????? hosts deny = 0.0.0.0/0
> ??????? use client driver = Yes
> ??????? veto oplock files = 
>
/*.TV/*.FAM/*.dat/*.DAT/*.db/*.DB/*.X??/*.x??/*.Y??/*.y??/*.MB/*.mb/*.VAL/*.val/*.PX/*.px/*.mdb/*.MDB/*.lck/*.LCK/*.net/*.NET/
>
>
> -- 
> Mark B
--
Mark Bannister
COO
*American Precision Products* * 520 Green Cove Road * Huntsville, AL 
35803-3011
800.889.7674x107 * 256.882-2121x0107 fax: 256.882-2414
Cell: 256.509.2052
Mark at Injection-Moldings.com
*AS9100D | ISO9001:2015 | ITAR | WOSB*
Custom Molding and Assembly
https://www.injection-moldings.com <https://Injection-Moldings.com>

On a related note, is there a repository I can install 4.7.6 from for 
the short term?? Can't seem to find one that will work.


On 6/14/2023 1:13 PM, Mark Bannister via samba wrote:
> Continuation of this thread: 
> https://www.spinics.net/lists/samba/msg179456.html
>
> I was able to get Samba working (properly I think) except my database 
> cannot properly lock and unlock files.
>
> Paradox database (corel, Borland BDE) depending on SMB1 protocols.? 
> The database uses lock files to track database table and record 
> usage.? Database locks are no longer being properly released after 
> updating to Samba 4.18.3 from an old version (not sure which version 
> 4.x of some sort).
>
>
> # Global parameters
> [global]
> ??????? add machine script = sudo /usr/sbin/useradd -g machines -c "%u
> machine account" -d /var/lib/samba -s /bin/false %u
> ??????? add user script = /usr/sbin/adduser --quiet 
> --disabled-password --gecos "" %u
> ??????? client max protocol = NT1
> ??????? client min protocol = NT1
> ??????? dns proxy = No
> ??????? domain logons = Yes
> ??????? domain master = Yes
> ??????? load printers = No
> ??????? log file = /var/log/samba/log.%m
> ??????? logon drive = H:
> ??????? logon home > ??????? logon path > ??????? logon script =
logon.bat
> ??????? map to guest = Bad User
> ??????? max log size = 1000
> ??????? name resolve order = wins lmhosts host bcast
> ??????? ntlm auth = ntlmv1-permitted
> ??????? obey pam restrictions = Yes
> ??????? pam password change = Yes
> ??????? panic action = /usr/share/samba/panic-action %d
> ??????? passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> ??????? passwd program = /usr/bin/passwd %u
> ??????? preferred master = Yes
> ??????? server max protocol = NT1
> ??????? server min protocol = NT1
> ??????? server role = classic primary domain controller
> ??????? server string = APP Samba %v %h
> ??????? template homedir = /home/%U
> ??????? template shell = /bin/bash
> ??????? unix password sync = Yes
> ??????? username map = /usr/local/samba/etc/username.map
> ??????? wins support = Yes
> ??????? workgroup = LINGROUP
> ??????? idmap config lingroup : range = 10000-999999
> ??????? idmap config lingroup : backend = rid
> ??????? idmap config * : range = 3000-7999
> ??????? idmap config * : backend = tdb
> ??????? admin users = sysadmin
> ??????? hosts allow = 127.0.0.1 192.168.1. 192.168.0.0/26
> ??????? hosts deny = 0.0.0.0/0
> ??????? use client driver = Yes
> ??????? veto oplock files = 
>
/*.TV/*.FAM/*.dat/*.DAT/*.db/*.DB/*.X??/*.x??/*.Y??/*.y??/*.MB/*.mb/*.VAL/*.val/*.PX/*.px/*.mdb/*.MDB/*.lck/*.LCK/*.net/*.NET/
>
>
> -- 
> Mark B
--
Mark B

Maybe something else to look at.?? Suddenly Machine Trust Relationship 
issues.

This is? simple Primary Domain (not AD).? I rebooted the server. A few 
computers could log on.? Most could not "Machine Trust Relationship 
could not be established"

*?sudo samba-tool computer list*
INFO: Current debug levels:
 ? all: 10
 ? tdb: 10
 ? printdrivers: 10
 ? lanman: 10
 ? smb: 10
 ? rpc_parse: 10
 ? rpc_srv: 10
 ? rpc_cli: 10
 ? passdb: 10
 ? sam: 10
 ? auth: 10
 ? winbind: 10
 ? vfs: 10
 ? idmap: 10
 ? quota: 10
 ? acls: 10
 ? locking: 10
 ? msdfs: 10
 ? dmapi: 10
 ? registry: 10
 ? scavenger: 10
 ? dns: 10
 ? ldb: 10
 ? tevent: 10
 ? auth_audit: 10
 ? auth_json_audit: 10
 ? kerberos: 10
 ? drs_repl: 10
 ? smb2: 10
 ? smb2_credits: 10
 ? dsdb_audit: 10
 ? dsdb_json_audit: 10
 ? dsdb_password_audit: 10
 ? dsdb_password_json_audit: 10
 ? dsdb_transaction_audit: 10
 ? dsdb_transaction_json_audit: 10
 ? dsdb_group_audit: 10
 ? dsdb_group_json_audit: 10
lpcfg_do_global_parameter: WARNING: The "domain logons" option is
deprecated
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[PDFprinter]"
Processing section "[DATA]"
Processing section "[testing]"
pm_process() returned Yes
ldb_wrap open of secrets.ldb
Could not find machine account in secrets database: Failed to fetch 
machine account password for LINGROUP from both secrets.ldb (Could not 
find entry to match filter: 
'(&(flatname=LINGROUP)(objectclass=primaryDomain))' base:
'cn=Primary
Domains': No such object: dsdb_search at 
../../source4/dsdb/common/util.c:4862) and from 
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Security token SIDs (1):
 ? SID[? 0]: S-1-5-18
 ?Privileges (0xFFFFFFFFFFFFFFFF):
 ? Privilege[? 0]: SeMachineAccountPrivilege
 ? Privilege[? 1]: SeTakeOwnershipPrivilege
 ? Privilege[? 2]: SeBackupPrivilege
 ? Privilege[? 3]: SeRestorePrivilege
 ? Privilege[? 4]: SeRemoteShutdownPrivilege
 ? Privilege[? 5]: SePrintOperatorPrivilege
 ? Privilege[? 6]: SeAddUsersPrivilege
 ? Privilege[? 7]: SeDiskOperatorPrivilege
 ? Privilege[? 8]: SeSecurityPrivilege
 ? Privilege[? 9]: SeSystemtimePrivilege
 ? Privilege[ 10]: SeShutdownPrivilege
 ? Privilege[ 11]: SeDebugPrivilege
 ? Privilege[ 12]: SeSystemEnvironmentPrivilege
 ? Privilege[ 13]: SeSystemProfilePrivilege
 ? Privilege[ 14]: SeProfileSingleProcessPrivilege
 ? Privilege[ 15]: SeIncreaseBasePriorityPrivilege
 ? Privilege[ 16]: SeLoadDriverPrivilege
 ? Privilege[ 17]: SeCreatePagefilePrivilege
 ? Privilege[ 18]: SeIncreaseQuotaPrivilege
 ? Privilege[ 19]: SeChangeNotifyPrivilege
 ? Privilege[ 20]: SeUndockPrivilege
 ? Privilege[ 21]: SeManageVolumePrivilege
 ? Privilege[ 22]: SeImpersonatePrivilege
 ? Privilege[ 23]: SeCreateGlobalPrivilege
 ? Privilege[ 24]: SeEnableDelegationPrivilege
 ?Rights (0x?????????????? 0):
ERROR(ldb): uncaught exception - ldb_search: invalid basedn '(null)'
 ? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py",
line
186, in _run
 ??? return self.run(*args, **kwargs)
 ? File "/usr/lib/python3/dist-packages/samba/netcmd/computer.py",
line
564, in run
 ??? res = samdb.search(search_dn,

Not sure this nexr command is pertinent to my system but has similar errors:

*?samba-tool dns zonelist LINGROUP*
INFO: Current debug levels:
 ? all: 10
 ? tdb: 10
 ? printdrivers: 10
 ? lanman: 10
 ? smb: 10
 ? rpc_parse: 10
 ? rpc_srv: 10
 ? rpc_cli: 10
 ? passdb: 10
 ? sam: 10
 ? auth: 10
 ? winbind: 10
 ? vfs: 10
 ? idmap: 10
 ? quota: 10
 ? acls: 10
 ? locking: 10
 ? msdfs: 10
 ? dmapi: 10
 ? registry: 10
 ? scavenger: 10
 ? dns: 10
 ? ldb: 10
 ? tevent: 10
 ? auth_audit: 10
 ? auth_json_audit: 10
 ? kerberos: 10
 ? drs_repl: 10
 ? smb2: 10
 ? smb2_credits: 10
 ? dsdb_audit: 10
 ? dsdb_json_audit: 10
 ? dsdb_password_audit: 10
 ? dsdb_password_json_audit: 10
 ? dsdb_transaction_audit: 10
 ? dsdb_transaction_json_audit: 10
 ? dsdb_group_audit: 10
 ? dsdb_group_json_audit: 10
lpcfg_do_global_parameter: WARNING: The "domain logons" option is
deprecated
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[PDFprinter]"
Processing section "[DATA]"
Processing section "[testing]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:LINGROUP[,sign]
Mapped to DCERPC endpoint 135
added interface docker0 ip=172.17.0.1 bcast=172.17.255.255 
netmask=255.255.0.0
added interface ens160 ip=192.168.1.190 bcast=192.168.1.255 
netmask=255.255.254.0
added interface docker0 ip=172.17.0.1 bcast=172.17.255.255 
netmask=255.255.0.0
added interface ens160 ip=192.168.1.190 bcast=192.168.1.255 
netmask=255.255.254.0
print_socket_options: Could not test socket option TCP_NODELAY: 
Operation not supported.
print_socket_options: Could not test socket option TCP_KEEPCNT: 
Operation not supported.
print_socket_options: Could not test socket option TCP_KEEPIDLE: 
Operation not supported.
print_socket_options: Could not test socket option TCP_KEEPINTVL: 
Operation not supported.
print_socket_options: Could not test socket option TCP_QUICKACK: 
Operation not supported.
print_socket_options: Could not test socket option TCP_DEFER_ACCEPT: 
Operation not supported.
print_socket_options: Could not test socket option TCP_USER_TIMEOUT: 
Operation not supported.
socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=1, 
IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=212992, 
SO_RCVBUF=212992, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0
Queueing nbt packet to 127.0.0.1:137
 ???? request: struct nbt_name_packet
 ??????? name_trn_id????????????? : 0xe5b9 (58809)
 ??????? operation??????????????? : 0x0100 (256)
 ??????????? 0x00: NBT_RCODE???????????????? (0)
 ?????????????? 0: NBT_FLAG_BROADCAST
 ?????????????? 0: NBT_FLAG_RECURSION_AVAIL
 ?????????????? 1: NBT_FLAG_RECURSION_DESIRED
 ?????????????? 0: NBT_FLAG_TRUNCATION
 ?????????????? 0: NBT_FLAG_AUTHORITATIVE
 ??????????? 0x00: NBT_OPCODE??????????????? (0)
 ?????????????? 0: NBT_FLAG_REPLY
 ??????? qdcount????????????????? : 0x0001 (1)
 ??????? ancount????????????????? : 0x0000 (0)
 ??????? nscount????????????????? : 0x0000 (0)
 ??????? arcount????????????????? : 0x0000 (0)
 ??????? questions: ARRAY(1)
 ??????????? questions: struct nbt_name_question
 ??????????????? name: struct nbt_name
 ??????????????????? name???????????????????? : 'LINGROUP'
 ??????????????????? scope??????????????????? : NULL
 ??????????????????? type???????????????????? : NBT_NAME_SERVER (0x20)
 ??????????????? question_type??????????? : NBT_QTYPE_NETBIOS (0x20)
 ??????????????? question_class?????????? : NBT_QCLASS_IP (0x1)
 ??????? answers: ARRAY(0)
 ??????? nsrecs: ARRAY(0)
 ??????? additional: ARRAY(0)
 ??????? padding????????????????? : DATA_BLOB length=0
Received nbt packet of length 56 from 127.0.0.1:137
 ???? packet: struct nbt_name_packet
 ??????? name_trn_id????????????? : 0xe5b9 (58809)
 ??????? operation??????????????? : 0x8583 (34179)
 ??????????? 0x03: NBT_RCODE???????????????? (3)
 ?????????????? 0: NBT_FLAG_BROADCAST
 ?????????????? 1: NBT_FLAG_RECURSION_AVAIL
 ?????????????? 1: NBT_FLAG_RECURSION_DESIRED
 ?????????????? 0: NBT_FLAG_TRUNCATION
 ?????????????? 1: NBT_FLAG_AUTHORITATIVE
 ??????????? 0x00: NBT_OPCODE??????????????? (0)
 ?????????????? 1: NBT_FLAG_REPLY
 ??????? qdcount????????????????? : 0x0000 (0)
 ??????? ancount????????????????? : 0x0001 (1)
 ??????? nscount????????????????? : 0x0000 (0)
 ??????? arcount????????????????? : 0x0000 (0)
 ??????? questions: ARRAY(0)
 ??????? answers: ARRAY(1)
 ??????????? answers: struct nbt_res_rec
 ??????????????? name: struct nbt_name
 ??????????????????? name???????????????????? : 'LINGROUP'
 ??????????????????? scope??????????????????? : NULL
 ??????????????????? type???????????????????? : NBT_NAME_SERVER (0x20)
 ??????????????? rr_type????????????????? : NBT_QTYPE_NULL (0xA)
 ??????????????? rr_class???????????????? : NBT_QCLASS_IP (0x1)
 ??????????????? ttl????????????????????? : 0x00000000 (0)
 ??????????????? rdata??????????????????? : union nbt_rdata(case 0xA)
 ??????????????? data: struct nbt_rdata_data
 ??????????????????? length?????????????????? : 0x0000 (0)
 ??????????????????? data???????????????????? :
 ??????? nsrecs: ARRAY(0)
 ??????? additional: ARRAY(0)
 ??????? padding????????????????? : DATA_BLOB length=0
resolve_lmhosts: Attempting lmhosts lookup for name LINGROUP<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No 
such file or directory
Failed to connect host 192.168.1.190 on port 135 - 
NT_STATUS_CONNECTION_REFUSED
Failed to connect host 192.168.1.190 (LINGROUP) on port 135 - 
NT_STATUS_CONNECTION_REFUSED.
ERROR: Connecting to DNS RPC server LINGROUP failed with (3221226038, 
'The transport-connection attempt was refused by the remote system.')
 ? File "/usr/lib/python3/dist-packages/samba/netcmd/dns.py", line 52,
in dns_connect
 ??? dns_conn = dnsserver.dnsserver(binding_str, lp, creds)



On 6/14/2023 1:13 PM, Mark Bannister via samba wrote:
> Continuation of this thread: 
> https://www.spinics.net/lists/samba/msg179456.html
>
> I was able to get Samba working (properly I think) except my database 
> cannot properly lock and unlock files.
>
> Paradox database (corel, Borland BDE) depending on SMB1 protocols.? 
> The database uses lock files to track database table and record 
> usage.? Database locks are no longer being properly released after 
> updating to Samba 4.18.3 from an old version (not sure which version 
> 4.x of some sort).
>
>
> # Global parameters
> [global]
> ??????? add machine script = sudo /usr/sbin/useradd -g machines -c "%u
> machine account" -d /var/lib/samba -s /bin/false %u
> ??????? add user script = /usr/sbin/adduser --quiet 
> --disabled-password --gecos "" %u
> ??????? client max protocol = NT1
> ??????? client min protocol = NT1
> ??????? dns proxy = No
> ??????? domain logons = Yes
> ??????? domain master = Yes
> ??????? load printers = No
> ??????? log file = /var/log/samba/log.%m
> ??????? logon drive = H:
> ??????? logon home > ??????? logon path > ??????? logon script =
logon.bat
> ??????? map to guest = Bad User
> ??????? max log size = 1000
> ??????? name resolve order = wins lmhosts host bcast
> ??????? ntlm auth = ntlmv1-permitted
> ??????? obey pam restrictions = Yes
> ??????? pam password change = Yes
> ??????? panic action = /usr/share/samba/panic-action %d
> ??????? passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> ??????? passwd program = /usr/bin/passwd %u
> ??????? preferred master = Yes
> ??????? server max protocol = NT1
> ??????? server min protocol = NT1
> ??????? server role = classic primary domain controller
> ??????? server string = APP Samba %v %h
> ??????? template homedir = /home/%U
> ??????? template shell = /bin/bash
> ??????? unix password sync = Yes
> ??????? username map = /usr/local/samba/etc/username.map
> ??????? wins support = Yes
> ??????? workgroup = LINGROUP
> ??????? idmap config lingroup : range = 10000-999999
> ??????? idmap config lingroup : backend = rid
> ??????? idmap config * : range = 3000-7999
> ??????? idmap config * : backend = tdb
> ??????? admin users = sysadmin
> ??????? hosts allow = 127.0.0.1 192.168.1. 192.168.0.0/26
> ??????? hosts deny = 0.0.0.0/0
> ??????? use client driver = Yes
> ??????? veto oplock files = 
>
/*.TV/*.FAM/*.dat/*.DAT/*.db/*.DB/*.X??/*.x??/*.Y??/*.y??/*.MB/*.mb/*.VAL/*.val/*.PX/*.px/*.mdb/*.MDB/*.lck/*.LCK/*.net/*.NET/
>
>
> -- 
> Mark B
--
Mark