I have a member server running Ubuntu 16.10, Samba 4.4.5 that is serving
files to W10 and W7 clients. Things appear fine and suddenly the server
share disappears and the W clients "cannot see" the server. The client
error message is: "The device or resource (member hostname) is nt setup
to accept is not setup to accept connections on port "The file and print
sharing (SMB)"."
Here is the smb.conf file from the member:
root at dtmbr02:~# cat /etc/samba/smb.conf
[global]
workgroup = DTDOM
server string = Samba Server Version %v
security = ads
realm = DTSHRM.DT
use sendfile = true
log level = 4
domain master = no
host msdfs = no
idmap_ldb:use rfc2307 = yes
idmap config * : backend = tdb
idmap config * : range = 50001-80000
## map ids from the domain the range may not overlap !
idmap config DTDOM : backend = ad
idmap config DTDOM : schema_mode = rfc2307
idmap config DTDOM : range = 10000-40000
winbind separator = +
winbind nss info = rfc2307
winbind trusted domains only = no
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind refresh tickets = yes
winbind offline logon = yes
wins server = 192.168.116.49 192.168.116.50
template shell = /bin/bash
template homedir = /home/samba/DTDOM/users/%U
# user Administrator workaround, without it you are unable to set
privileges
username map = /etc/samba/samba_usermapping
# For ACL support on member file server
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
# Share Setting Globally
usershare allow guests = no
unix extensions = no
reset on zero vc = yes
veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
hide unreadable = yes
# disable printing completely
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
restrict anonymous = 2
log file = /var/log/samba/log.%m
max log size = 50
#============================ Share Definitions
===========================
[testshare]
comment = Test share
path = /samba/testshare
read only = no
force group = "domain users"
directory mask = 0770
force directory mode = 0770
create mask = 0660
force create mode = 0660
follow symlinks = yes
wide links = yes
#[Myshare] ## an example found at askubuntu.com
# writeable = yes
# path = /shares/office
# force directory mode = 770
# force create mode = 770
# force group = bureau
# valid users = @bureau
# write list = @bureau
[data]
comment = Shared DT data
path = /home/samba/DTDOM/companydata
read only = no
force group = "domain users"
directory mask = 0770
force directory mode = 0770
create mask = 0660
force create mode = 0660
follow symlinks = no
wide links = no
[Demo]
path = /srv/samba/Demo
read only = no
follow symlinks = no
wide links = no
[thome]
path = /srv/samba/thome/
read only = No
follow symlinks = no
wide links = no
##4444444444444444444444444444444444444444
##4444444444444444444444444444444444444444
[home]
path = /home/samba/DTDOM/users
read only = no
follow symlinks = yes
wide links = yes
[profiles]
path = /home/samba/DTDOM/profiles
read only = no
admin users = +"DTDOM\domain admins"
profile acls = yes
csc policy = disable
follow symlinks = no
wide links = no
Everything seemed to be working fine yesterday while I was moving files
from old server to newer server. Then this morning I am seeing this
complaint.
I have tailed log files and, being somewhat unfamiliar, cannot see
anything significant. As this is a member server am I wrong, it is
running smbd, nmbd, & winbind and NOT samba as there is no log file for
samba?
I have created this smb.conf by copy/paste old server config to new. (I
thought I was careful.)
Does anyone see anything that might clash with SMB services? That could
be creating this SMB problem?
Have I copy/pasted a error somewhere that I am overlooking?
--
_______________________________
Bob Wooden of Donelson Trophy
Is this on a windows 7 or 10 client or both? Are you useing \\FQ.DN\share or \\hostname\share Try the FQ.DN, as Microsoft advices. And where are the TLS parameters in the below config. Did you set this up? Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson > Trophy via samba > Verzonden: maandag 14 november 2016 15:18 > Aan: SAMBA MailList > Onderwerp: [Samba] Member server losing smb connection > Urgentie: Hoog > > I have a member server running Ubuntu 16.10, Samba 4.4.5 that is serving > files to W10 and W7 clients. Things appear fine and suddenly the server > share disappears and the W clients "cannot see" the server. The client > error message is: "The device or resource (member hostname) is nt setup > to accept is not setup to accept connections on port "The file and print > sharing (SMB)"." > > Here is the smb.conf file from the member: > > root at dtmbr02:~# cat /etc/samba/smb.conf > [global] > workgroup = DTDOM > server string = Samba Server Version %v > security = ads > realm = DTSHRM.DT > use sendfile = true > > log level = 4 > > domain master = no > host msdfs = no > > idmap_ldb:use rfc2307 = yes > idmap config * : backend = tdb > idmap config * : range = 50001-80000 > ## map ids from the domain the range may not overlap ! > idmap config DTDOM : backend = ad > idmap config DTDOM : schema_mode = rfc2307 > idmap config DTDOM : range = 10000-40000 > winbind separator = + > winbind nss info = rfc2307 > winbind trusted domains only = no > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes > winbind refresh tickets = yes > winbind offline logon = yes > > wins server = 192.168.116.49 192.168.116.50 > > template shell = /bin/bash > template homedir = /home/samba/DTDOM/users/%U > > # user Administrator workaround, without it you are unable to set > privileges > username map = /etc/samba/samba_usermapping > > # For ACL support on member file server > > vfs objects = acl_xattr > map acl inherit = yes > store dos attributes = yes > > # Share Setting Globally > usershare allow guests = no > unix extensions = no > reset on zero vc = yes > veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/ > hide unreadable = yes > > # disable printing completely > load printers = no > printing = bsd > printcap name = /dev/null > disable spoolss = yes > > restrict anonymous = 2 > log file = /var/log/samba/log.%m > max log size = 50 > > #============================ Share Definitions > ===========================> > [testshare] > comment = Test share > path = /samba/testshare > read only = no > force group = "domain users" > directory mask = 0770 > force directory mode = 0770 > create mask = 0660 > force create mode = 0660 > follow symlinks = yes > wide links = yes > > #[Myshare] ## an example found at askubuntu.com > # writeable = yes > # path = /shares/office > # force directory mode = 770 > # force create mode = 770 > # force group = bureau > # valid users = @bureau > # write list = @bureau > > [data] > comment = Shared DT data > path = /home/samba/DTDOM/companydata > read only = no > force group = "domain users" > directory mask = 0770 > force directory mode = 0770 > create mask = 0660 > force create mode = 0660 > follow symlinks = no > wide links = no > > [Demo] > path = /srv/samba/Demo > read only = no > > follow symlinks = no > wide links = no > > [thome] > path = /srv/samba/thome/ > read only = No > > follow symlinks = no > wide links = no > > ##4444444444444444444444444444444444444444 > ##4444444444444444444444444444444444444444 > > [home] > path = /home/samba/DTDOM/users > read only = no > follow symlinks = yes > wide links = yes > > [profiles] > path = /home/samba/DTDOM/profiles > read only = no > admin users = +"DTDOM\domain admins" > profile acls = yes > csc policy = disable > > follow symlinks = no > wide links = no > > Everything seemed to be working fine yesterday while I was moving files > from old server to newer server. Then this morning I am seeing this > complaint. > > I have tailed log files and, being somewhat unfamiliar, cannot see > anything significant. As this is a member server am I wrong, it is > running smbd, nmbd, & winbind and NOT samba as there is no log file for > samba? > > I have created this smb.conf by copy/paste old server config to new. (I > thought I was careful.) > > Does anyone see anything that might clash with SMB services? That could > be creating this SMB problem? > > Have I copy/pasted a error somewhere that I am overlooking? > > -- > _______________________________ > > Bob Wooden of Donelson Trophy > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On 2016-11-14 08:39, L.P.H. van Belle via samba wrote:> Is this on a windows 7 or 10 client or both? > Are you useing \\FQ.DN\share or \\hostname\share > Try the FQ.DN, as Microsoft advices. > > And where are the TLS parameters in the below config. > Did you set this up? > > Greetz, > > Louis > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson >> Trophy via samba >> Verzonden: maandag 14 november 2016 15:18 >> Aan: SAMBA MailList >> Onderwerp: [Samba] Member server losing smb connection >> Urgentie: Hoog >> >> I have a member server running Ubuntu 16.10, Samba 4.4.5 that is serving >> files to W10 and W7 clients. Things appear fine and suddenly the server >> share disappears and the W clients "cannot see" the server. The client >> error message is: "The device or resource (member hostname) is nt setup >> to accept is not setup to accept connections on port "The file and print >> sharing (SMB)"." >> >> Here is the smb.conf file from the member: >> >> root at dtmbr02:~# cat /etc/samba/smb.conf >> [global] >> workgroup = DTDOM >> server string = Samba Server Version %v >> security = ads >> realm = DTSHRM.DT >> use sendfile = true >> >> log level = 4 >> >> domain master = no >> host msdfs = no >> >> idmap_ldb:use rfc2307 = yes >> idmap config * : backend = tdb >> idmap config * : range = 50001-80000 >> ## map ids from the domain the range may not overlap ! >> idmap config DTDOM : backend = ad >> idmap config DTDOM : schema_mode = rfc2307 >> idmap config DTDOM : range = 10000-40000 >> winbind separator = + >> winbind nss info = rfc2307 >> winbind trusted domains only = no >> winbind enum users = yes >> winbind enum groups = yes >> winbind use default domain = yes >> winbind refresh tickets = yes >> winbind offline logon = yes >> >> wins server = 192.168.116.49 192.168.116.50 >> >> template shell = /bin/bash >> template homedir = /home/samba/DTDOM/users/%U >> >> # user Administrator workaround, without it you are unable to set >> privileges >> username map = /etc/samba/samba_usermapping >> >> # For ACL support on member file server >> >> vfs objects = acl_xattr >> map acl inherit = yes >> store dos attributes = yes >> >> # Share Setting Globally >> usershare allow guests = no >> unix extensions = no >> reset on zero vc = yes >> veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/ >> hide unreadable = yes >> >> # disable printing completely >> load printers = no >> printing = bsd >> printcap name = /dev/null >> disable spoolss = yes >> >> restrict anonymous = 2 >> log file = /var/log/samba/log.%m >> max log size = 50 >> >> #============================ Share Definitions >> ===========================>> >> [testshare] >> comment = Test share >> path = /samba/testshare >> read only = no >> force group = "domain users" >> directory mask = 0770 >> force directory mode = 0770 >> create mask = 0660 >> force create mode = 0660 >> follow symlinks = yes >> wide links = yes >> >> #[Myshare] ## an example found at askubuntu.com >> # writeable = yes >> # path = /shares/office >> # force directory mode = 770 >> # force create mode = 770 >> # force group = bureau >> # valid users = @bureau >> # write list = @bureau >> >> [data] >> comment = Shared DT data >> path = /home/samba/DTDOM/companydata >> read only = no >> force group = "domain users" >> directory mask = 0770 >> force directory mode = 0770 >> create mask = 0660 >> force create mode = 0660 >> follow symlinks = no >> wide links = no >> >> [Demo] >> path = /srv/samba/Demo >> read only = no >> >> follow symlinks = no >> wide links = no >> >> [thome] >> path = /srv/samba/thome/ >> read only = No >> >> follow symlinks = no >> wide links = no >> >> ##4444444444444444444444444444444444444444 >> ##4444444444444444444444444444444444444444 >> >> [home] >> path = /home/samba/DTDOM/users >> read only = no >> follow symlinks = yes >> wide links = yes >> >> [profiles] >> path = /home/samba/DTDOM/profiles >> read only = no >> admin users = +"DTDOM\domain admins" >> profile acls = yes >> csc policy = disable >> >> follow symlinks = no >> wide links = no >> >> Everything seemed to be working fine yesterday while I was moving files >> from old server to newer server. Then this morning I am seeing this >> complaint. >> >> I have tailed log files and, being somewhat unfamiliar, cannot see >> anything significant. As this is a member server am I wrong, it is >> running smbd, nmbd, & winbind and NOT samba as there is no log file for >> samba? >> >> I have created this smb.conf by copy/paste old server config to new. (I >> thought I was careful.) >> >> Does anyone see anything that might clash with SMB services? That could >> be creating this SMB problem? >> >> Have I copy/pasted a error somewhere that I am overlooking? >> >> -- >> _______________________________ >> >> Bob Wooden of Donelson Trophy >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/sambaThanks, Louis. The old member server was the Debian Wheezy running SernetSamba 4.2.whatever setup with your old script. It did not have any TLS parameters so, the newer member does NOT have TLS either. Since my initial post I have discovered, via the nmbd log that a "standalone server" (U16.04, Samba 4.3.11) is acting a domain master. This "standalone server is NOT joined to the domain. When I shutdown the "standalone" (to see what happens) the network becomes sluggish via either W10 or W7 clients. However, access to the newer member server is NOT allowed. (This was working yesterday just fine. I'm baffled.) I would be using a "\\hostname\share structure". -- _______________________________ Bob Wooden of Donelson Trophy