hello My windows client is a an ldap server member with an example.com domain. When we try to connect to the samba server, shared folders are visible correctly, but it's not possible to connect users. my smb.conf [global] workgroup = WORKGROUP netbios name = hpds security = user map to guest = Bad User dns proxy = no server string = %h server log level = 0 max log size = 10000 load printers = no passdb backend = tdbsam encrypt passwords = true create mask = 0777 directory mask = 0777 wide links = no unix extensions = yes guest account = nobody local master = yes time server = no wins support = yes ntlm auth = no domain logons = no netbios aliases = mynet13, Net23 include = /etc/samba/smb.conf.myNAS bind interfaces only = yes include = /etc/samba/smb.conf.user1 other clients that are not domain members can not connect to the server after this error. However, Before connecting this client, all communication was done correctly. After the netbios aliases removal the configuration file for the connection was established correctly. Please explain why this error occurred and how can I fix this error without removing this option.
On Wed, 15 Aug 2018 11:08:23 +0430 richard russell via samba <samba at lists.samba.org> wrote:> hello > > My windows client is a an ldap server member with an example.com > domain.If you are referring to the smb.conf below, then, no it isn't. That smb.conf is from a standalone server, there is absolutely no ldap involved.> > When we try to connect to the samba server, shared folders are visible > correctly, but it's not possible to connect users.You should be able to connect, but only as the guest user 'nobody', unless your users do exist on the Samba server, but with a different or no password.> > > my smb.conf > > [global] > workgroup = WORKGROUP > netbios name = hpds > security = user > map to guest = Bad User > dns proxy = no > server string = %h server > log level = 0 > max log size = 10000 > load printers = no > passdb backend = tdbsam > encrypt passwords = true > create mask = 0777 > directory mask = 0777 > wide links = no > unix extensions = yes > guest account = nobody > local master = yes > time server = no > wins support = yes > ntlm auth = no > domain logons = no > netbios aliases = mynet13, Net23 > include = /etc/samba/smb.conf.myNAS > bind interfaces only = yes > include = /etc/samba/smb.conf.user1That is not the whole smb.conf, what is in the 'include' files ? Also, why have you got 'bind interfaces only = yes' without actually specifying which interfaces ?> > > other clients that are not domain members can not connect to the > server after this error. However, Before connecting this client, all > communication was done correctly.Please define 'can not connect', as I said it is a standalone server, so they should be able to connect.> > After the netbios aliases removal the configuration file for the > connection was established correctly. > > Please explain why this error occurred and how can I fix this error > without removing this option.I think you need to give us more info, at the start of your post, you mention ldap, do you have another Samba server running as a PDC ? Rowland
On Wed, 15 Aug 2018 12:59:06 +0430 richard russell <russellrichard160 at gmail.com> wrote:> my smb.conf > > [global] > workgroup = WORKGROUP > netbios name = hpds > security = user > map to guest = Bad User > dns proxy = no > server string = %h server > log level = 0 > max log size = 10000 > load printers = no > passdb backend = tdbsam > encrypt passwords = true > create mask = 0777 > directory mask = 0777 > wide links = no > unix extensions = yes > guest account = nobody > local master = yes > time server = no > wins support = no > ntlm auth = no > domain logons = no > netbios aliases = mynet13, Net23 > include = /etc/samba/smb.conf.myNAS > bind interfaces only = yes > include = /etc/samba/smb.conf.user1 > > > smb.conf.myNAS > [global] > workgroup = Workgrou2 > netbios name = mynet13 > interfaces = enp7s0f01,enp2s0f0 > [myNAS-smbDir] > valid users = Fred, james > read list > write list = Fred, james > path = /mnt/SAB-NAS/myFS/smbDir > guest ok = no > writable = yes > create mask = 0777 > directory mask = 0777 > > Thanks for the reply, one of my clients is connected to the PDC. Other > clients are not connected to PDC. > The clients that are not connected to the PDC communicate properly > but when the client is related to the PDC, > it takes a username and password to enter, and the other users are > disconnected and can not be logged in. >OK, from what you have posted so far and after removing default settings and combining the 'include' file, you seem to be using this actual smb.conf: [global] workgroup = Workgrou2 netbios name = mynet13 # or is it really hpds security = user netbios aliases = mynet13, Net23 server string = %h server map to guest = Bad User dns proxy = no max log size = 10000 load printers = no wins support = yes ntlm auth = no interfaces = enp7s0f01,enp2s0f0 bind interfaces only = yes include = /etc/samba/smb.conf.user1 [myNAS-smbDir] valid users = Fred, james write list = Fred, james path = /mnt/SAB-NAS/myFS/smbDir guest ok = no writable = yes create mask = 0777 directory mask = 0777 I say 'seem' because you still haven't posted the contents of 'smb.conf.user1' It is definitely a smb.conf for a standalone server, it is not a smb.conf for a Unix domain member and because you have 'guest ok = no' in the 'myNAS-smbDIR' share, the only people who can connect to the share are users that exist on the standalone server with the correct password. Because it is a standalone server, is it using the same workgroup name as any other machine in the network ? Rowland