On 01 March 2021 18:08 Gregory Sloop wrote:> I haven't followed this thread closely at all - but how about simply reallylimiting> the players. > Reduce the network to just the DC's and client that's supposed to join the > domain those DC's hold. > > Unplug everything else from the network. >Yes I agree; In an earlier post the OP mentioned that the clients and the server were on separate subnets connected by VPN; if so I would connect a Windows 10 client directly to the same subnet as the DC and see if a join works OK. If it does it would implicate the VPN etc is blocking SMB2/3 protocols. HTH Roy
On 2021-03-01 15:41, Roy Eastwood via samba wrote:> On 01 March 2021 18:08 Gregory Sloop wrote: >> I haven't followed this thread closely at all - but how about simply >> really > limiting >> the players. >> Reduce the network to just the DC's and client that's supposed to join >> the >> domain those DC's hold. >> >> Unplug everything else from the network. >> > Yes I agree; In an earlier post the OP mentioned that the clients and > the > server were on separate subnets connected by VPN; if so I would > connect a > Windows 10 client directly to the same subnet as the DC and see if a > join works > OK. If it does it would implicate the VPN etc is blocking SMB2/3 > protocols. > > > HTH > > RoyI have a test VM with a similar Samba setup that I can isolate on the same subnet with the client. I am going to try to test this tonight. kr
Am 01.03.21 um 22:41 schrieb Roy Eastwood via samba:> On 01 March 2021 18:08 Gregory Sloop wrote: >> I haven't followed this thread closely at all - but how about simply really > limiting >> the players. >> Reduce the network to just the DC's and client that's supposed to join the >> domain those DC's hold. >> >> Unplug everything else from the network. >> > Yes I agree; In an earlier post the OP mentioned that the clients and the > server were on separate subnets connected by VPN; if so I would connect a > Windows 10 client directly to the same subnet as the DC and see if a join works > OK. If it does it would implicate the VPN etc is blocking SMB2/3 protocols.broad cast stuff typically don't make it over VPN and frankly i find it somehow pervert to *start* a new setup with the one and only client on a VPN instead build up the network step-by-step adding additional layers from the begin is always a terrible idea unless you have much luck and everything works fine out-of-the-box