Hello, after our upgrade to samba 4.16 we seem to have another problem: the home directory are not visible (browsable?) anymore. You can still connect to them if you know their name but you cant see them (e.g. via smbclient -L). We're using user-specific includes for the home shares! This is the smb.conf: [global] ??? workgroup = AD-ELLERHOLD ??? realm???? = AD.ELLERHOLD.LAN ??? dns proxy = no ??? load printers?????????? = no ??? printing??????????????? = bsd ??? printcap name?????????? = /dev/null ??? disable spoolss???????? = Yes ??? show add printer wizard = no ??? panic action = /usr/share/samba/panic-action %d ??? server role = member server ??? netbios name = FILESERVER-GLB ??? security = ADS ??? winbind offline logon = Yes ??? idmap config * : backend = tdb ??? idmap config * : range = 3000-7999 ??? idmap config AD-ELLERHOLD:backend = ad ??? idmap config AD-ELLERHOLD:range = 10000-99999 ??? idmap config AD-ELLERHOLD:schema_mode = rfc2307 ??? idmap config AD-ELLERHOLD:unix_nss_info = yes ??? idmap config AD-ELLERHOLD:unix_primary_group = yes ??? username map??????????? = /etc/samba/user-map.conf ??? winbind refresh tickets = Yes ??? dedicated keytab file?? = /etc/krb5.keytab ??? kerberos method???????? = secrets and keytab ??? map acl inherit???????? = Yes ??? template shell????????? = /bin/bash ? ? template homedir??????? = /home/AD-ELLERHOLD/%U ??? spotlight backend???? = elasticsearch ??? elasticsearch:address = localhost ??? elasticsearch:port??? = 9200 ??? spotlight???????????? = Yes ??? vfs objects = catia fruit streams_xattr acl_xattr recycle ??? fruit:metadata = stream ??? fruit:veto_appledouble = no ??? veto files = /.DS_Store/ ??? delete veto files = yes ??? recycle:repository = Papierkorb ??? recycle:keeptree = Yes ??? recycle:touch_mtime = Yes ??? recycle:directory_mode = 0770 ??? server min protocol = NT1 ??? client min protocol = NT1 ??? ntlm auth?????????? = ntlmv1-permitted ??? unix extensions = Yes ??? store dos attributes = No ??? map archive = No ??? map hidden = No ??? map readonly = No ??? map system = No ??? include = /etc/samba/conf.d/%U.conf [Share 1] ??? force group = +AD-ELLERHOLD\fs_share1 ??? inherit permissions = yes ??? path = /storage/share1 ??? read only = no For example this is the content of one such conf: [Surname Name Glb] ??? browseable = yes ??? inherit permissions = yes ??? path = /storage/homes/surname.name ??? force group = +AD-ELLERHOLD\fs_homes ??? read only = no As I said ... connecting to it works fine but smbclient -L \\host does not show the share "Surname Name Glb" afther authenticating with the right user. In Samba 4.14 and 4.15 this has worked. Did something change with 4.16? Thanks in advance and have a nice weekend, Matthias K?hne. -- Matthias K?hne Senior Webentwickler Datenschutzbeauftragter Ellerhold Aktiengesellschaft Friedrich-List-Str. 4 01445 Radebeul Telefon: +49 (0) 351 83933-61 Telefax: +49 (0) 351 83933-99 Web www.ellerhold.de Twitter www.twitter.com/Ellerhold_AG Youtube www.youtube.com/user/ellerholdgruppe Amtsgericht Dresden / HRB 23769 Vorstand: Stephan Ellerhold, Maximilian Ellerhold Vorsitzender des Aufsichtsrates: Frank Ellerhold ---Diese E-Mail und Ihre Anlagen enthalten vertrauliche Mitteilungen. Sollten Sie nicht der beabsichtigte Adressat sein, so bitten wir Sie um Mitteilung und um sofortiges l?schen dieser E-Mail und der Anlagen. Unsere Hinweise zum Datenschutz finden Sie hier: http://www.ellerhold.de/datenschutz/ This e-mail and its attachments are privileged and confidential. If you are not the intended recipient, please notify us and immediately delete this e-mail and its attachments. You can find our privacy policy here: http://www.ellerhold.de/datenschutz/
On 04/11/2022 12:40, Matthias K?hne | Ellerhold AG via samba wrote:> Hello, > > after our upgrade to samba 4.16 we seem to have another problem: the > home directory are not visible (browsable?) anymore. You can still > connect to them if you know their name but you cant see them (e.g. via > smbclient -L). > > We're using user-specific includes for the home shares! > > This is the smb.conf: > > [global] > ??? workgroup = AD-ELLERHOLD > ??? realm???? = AD.ELLERHOLD.LAN > ??? dns proxy = no > ??? load printers?????????? = no > ??? printing??????????????? = bsd > ??? printcap name?????????? = /dev/null > ??? disable spoolss???????? = Yes > ??? show add printer wizard = no > ??? panic action = /usr/share/samba/panic-action %d > ??? server role = member server > ??? netbios name = FILESERVER-GLB > ??? security = ADS > ??? winbind offline logon = Yes > ??? idmap config * : backend = tdb > ??? idmap config * : range = 3000-7999 > ??? idmap config AD-ELLERHOLD:backend = ad > ??? idmap config AD-ELLERHOLD:range = 10000-99999 > ??? idmap config AD-ELLERHOLD:schema_mode = rfc2307 > ??? idmap config AD-ELLERHOLD:unix_nss_info = yes > ??? idmap config AD-ELLERHOLD:unix_primary_group = yes > ??? username map??????????? = /etc/samba/user-map.conf > ??? winbind refresh tickets = Yes > ??? dedicated keytab file?? = /etc/krb5.keytab > ??? kerberos method???????? = secrets and keytab > ??? map acl inherit???????? = Yes > ??? template shell????????? = /bin/bash > ? ? template homedir??????? = /home/AD-ELLERHOLD/%U > ??? spotlight backend???? = elasticsearch > ??? elasticsearch:address = localhost > ??? elasticsearch:port??? = 9200 > ??? spotlight???????????? = Yes > ??? vfs objects = catia fruit streams_xattr acl_xattr recycle > ??? fruit:metadata = stream > ??? fruit:veto_appledouble = no > ??? veto files = /.DS_Store/ > ??? delete veto files = yes > ??? recycle:repository = Papierkorb > ??? recycle:keeptree = Yes > ??? recycle:touch_mtime = Yes > ??? recycle:directory_mode = 0770 > ??? server min protocol = NT1 > ??? client min protocol = NT1 > ??? ntlm auth?????????? = ntlmv1-permitted > ??? unix extensions = Yes > ??? store dos attributes = No > ??? map archive = No > ??? map hidden = No > ??? map readonly = No > ??? map system = No > > ??? include = /etc/samba/conf.d/%U.conf > > [Share 1] > ??? force group = +AD-ELLERHOLD\fs_share1 > ??? inherit permissions = yes > ??? path = /storage/share1 > ??? read only = no > > For example this is the content of one such conf: > > [Surname Name Glb] > ??? browseable = yes > ??? inherit permissions = yes > ??? path = /storage/homes/surname.name > ??? force group = +AD-ELLERHOLD\fs_homes > ??? read only = no > > As I said ... connecting to it works fine but smbclient -L \\host does > not show the share "Surname Name Glb" afther authenticating with the > right user. > > In Samba 4.14 and 4.15 this has worked. Did something change with 4.16? > > Thanks in advance and have a nice weekend, > Matthias K?hne. >You are going to have to get used to not browsing to shares, share browsing requires SMBv1 and that is going away. I can see that you have turned it back on again, but why, what do you have that must have SMBv1 ? Whatever it is, I suggest you upgrade it if possible, if it isn't possible, I suggest you 'sandbox' it. I would then use Avahi for your Linux clients and wsdd for the Windows clients, at this point you should be able to remove all the SMBv1 lines from your smb.conf Rowland