coxster dillon
2016-Sep-29 16:17 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
hi, I have samba 4.3.9-Ubuntu setup. followed a guide to get a windows 10 client to join my pdc OK but cannot get netlogon scripts to run. I can see them in the share \\<server>\netlogon and I can manually run them from windows shell or by double clicking them. They just won't run by themselves. I have done the registry pokes + policy changes as: https://community.spiceworks.com/topic/1389891-windows-10-and-sysvol-netlogon https://support.microsoft.com/en-us/kb/2895815 https://s18.postimg.org/643ketg49/regedit_samba.png https://s22.postimg.org/6awshoi8h/network_samba.png https://s16.postimg.org/aul5oxh91/grouppolicy_samba.png everything appears to work just no execution of script automatically. I have made sure they are windows line ending format (via unix2dos). testparm output: Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[share]" Processing section "[temp]" Processing section "[netlogon]" Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions # Global parameters [global] workgroup = COMPO server string = %h server (Samba, Ubuntu) security = USER log file = /var/log/samba/all_log server max protocol = NT1 max protocol = NT1 protocol = NT1 name resolve order = wins lmhosts hosts bcast add machine script = sudo /usr/sbin/useradd -N -g pdcmachines -c Machine -d /var/lib/samba -s /bin/false %u logon script = logon.bat logon drive = H: domain logons = Yes preferred master = Yes domain master = Yes wins support = Yes idmap config * : backend = tdb [homes] comment = Home Directories valid users = %S read only = No create mask = 0700 directory mask = 0700 directory mode = 0700 browseable = No [share] comment = Global shared directory path = /home/share valid users = %U read only = No create mask = 0700 directory mask = 0700 directory mode = 0700 [temp] comment = Temporary shared data directory path = /home/temp valid users = %U read only = No create mask = 0700 directory mask = 0700 directory mode = 0700 [netlogon] comment = Network Logon Service path = /srv/samba/netlogon create mask = 0700 directory mask = 0700 directory mode = 0700 browseable = No any suggestions going forward? regards
coxsterdillon
2016-Sep-30 08:10 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
update: using virtual box and windows 7 IE 10 test ovp, I can join same pdc and the netlogon scripts run so it's something to do with samba and windows 10. regards -- View this message in context: http://samba.2283325.n4.nabble.com/win-10-client-on-linux-pdc-join-domain-ok-logon-script-fails-to-run-tp4708871p4708911.html Sent from the Samba - General mailing list archive at Nabble.com.
Rowland Penny
2016-Sep-30 08:44 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
On Fri, 30 Sep 2016 01:10:14 -0700 (PDT) coxsterdillon via samba <samba at lists.samba.org> wrote:> update: > > > using virtual box and windows 7 IE 10 test ovp, I can join same pdc > and the netlogon scripts run so it's something to do with samba and > windows 10. >If it works with win7 and Samba, then Samba must be working, ergo the problem must be with win10. Microsoft seem to be making it harder and harder to use win10 with an NT4-style domain, there have been some updates recently that have been causing problems, I suggest you investigate them. Can I also suggest that you consider upgrading to an AD domain. Rowland
L.P.H. van Belle
2016-Sep-30 08:50 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
> using virtual box and windows 7 IE 10 test ovp, I can join same pdc and > the > netlogon scripts run so it's something to do with samba and windows 10.Your totaly correct. ( and that can happen also with win7 ) Call you script like \\host.domain.tld\netlogon\... Dont use \\IP\... Or \\Hostname Best is you read : http://www.windowstricks.in/2016/07/group-policy-setting-not-applying-windows-10-computers.html and this is what your looking for. Check UNC hardening for netlogon and sysvol Shares policies. And most of these problems are due to one or more of these. Incorrect Primary DNS-Suffix Incorrect Incorrect DNS Search order. Incorrect Connection DNS suffix The use of \\hostname\ or \\IP_Number\ Incorrect samba TLS settings. Outdated GPO policies. good info here : https://technet.microsoft.com/en-us/itpro/windows/manage/new-policies-for-windows-10 https://www.microsoft.com/en-us/download/details.aspx?id=25250 excel with all policies, and in my options a MUST HAVE ! Im running samba 4.4.5 win7 and win10 64bit without any problem. ok the printer driver thing is last, but for that there is a good workaround. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens coxsterdillon via > samba > Verzonden: vrijdag 30 september 2016 10:10 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] win 10 client on linux pdc, join domain ok, logon > script fails to run > > update: > > > using virtual box and windows 7 IE 10 test ovp, I can join same pdc and > the > netlogon scripts run so it's something to do with samba and windows 10. > > > regards > > > > -- > View this message in context: http://samba.2283325.n4.nabble.com/win-10- > client-on-linux-pdc-join-domain-ok-logon-script-fails-to-run- > tp4708871p4708911.html > Sent from the Samba - General mailing list archive at Nabble.com. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
coxsterdillon
2016-Sep-30 14:36 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
Hi, On windoze 10, I can only access "//hostname", i.e. "//DEV2" (net bios name) How do I tell it to access samba as "//DEV2.COMPO" (latter is domain?) I have looked at entries in lmhosts.sam - is this correct? DNS is not on linux box, google 8.8.8.8 through my router. Also, \\dev2\netlogon is accessible but \\dev2\sysvol is not. should I copy the smb.conf from [netlogon] for [sysvol]? regards -- View this message in context: http://samba.2283325.n4.nabble.com/win-10-client-on-linux-pdc-join-domain-ok-logon-script-fails-to-run-tp4708871p4708951.html Sent from the Samba - General mailing list archive at Nabble.com.
Adam Tauno Williams
2016-Oct-05 17:31 UTC
[Samba] win 10 client on linux pdc, join domain ok, logon script fails to run
On Thu, 2016-09-29 at 16:17 +0000, coxster dillon via samba wrote:> I have samba 4.3.9-Ubuntu setup. followed a guide to get a windows > 10 client to join my pdc OK but cannot get netlogon scripts to run. > I can see them in the share \\<server>\netlogon and I can manually > run them from windows shell or by double clicking them. They just > won't run by themselves.What are your logon scripts? If they are BAT (Batch) files they won't work. You need to use something more current; VBS scripts will work. -- Meetings Coordinator, Michigan Association of Railroad Passengers 537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.8010 E-mail: awilliam at whitemice.org GPG#D95ED383 Web: http://www.marp.org
Possibly Parallel Threads
- win 10 client on linux pdc, join domain ok, logon script fails to run
- win 10 client on linux pdc, join domain ok, logon script fails to run
- win 10 client on linux pdc, join domain ok, logon script fails to run
- pdc win10 change password not working?
- win 10 client on linux pdc, join domain ok, logon script fails to run