Rowland Penny
2022-Dec-16 09:14 UTC
[Samba] Some older windows clients can't connect after upgrade
On 16/12/2022 08:54, Emmanuel Florac via samba wrote:> Le Thu, 15 Dec 2022 11:51:03 +0100 > Emmanuel Florac via samba <samba at lists.samba.org> ?crivait: > >> After upgrading to samba 4.13 (from debian oldstable to debian >> stable), some windows clients (windows 2008r2 and lower, Indows 7, >> windows XP, etc) can't connect to the serveur anymore. My first move >> was to enable SMBv1, now some linux clients connect using the older >> protocol, but the windows client still fail to connect "can't >> connect" error, neither using the UNC name, nor the IP adress; >> neither from the windows explorer, or "net use //xxxx/yyy" in a CMD >> shell. >> >> Any ideas? > > Some more tests: > > "wbinfo -u" lists correctly the domain users.Good, this shows there is a connection between the machine and AD.> "getent passwd" only lists local users (is it OK?), but > "getent passwd <some domain user>" works properly.That is how it is supposed to work. What is the AD DC ?> > > We tried "net ads leave" and "net ads join", it works fine, and nothing > changes: the machines that could connect previously still can, those > that couldn't still can't. We rebooted everything of course, no dice.From the machine list that you posted, they should all be able to use SMBv2, what will no longer work is Network Browsing, you will need to use Network Discovery and run 'wsdd' for this (do an internet search).> > Using a local account from the server (vs an AD account) works. So > there's something wrong about authentication in the AD, but I don't > understand what's wrong. > >can I ask why you are still using such old versions of OS and Samba ? Not too mention Windows. Rowland
Emmanuel Florac
2022-Dec-16 09:28 UTC
[Samba] Some older windows clients can't connect after upgrade
Le Fri, 16 Dec 2022 09:14:50 +0000 Rowland Penny via samba <samba at lists.samba.org> ?crivait:> Good, this shows there is a connection between the machine and AD. > > > "getent passwd" only lists local users (is it OK?), but > > "getent passwd <some domain user>" works properly. > > That is how it is supposed to work. > > What is the AD DC ?It's a Windows Server 2019 1809.> From the machine list that you posted, they should all be able to > use SMBv2, what will no longer work is Network Browsing, you will > need to use Network Discovery and run 'wsdd' for this (do an internet > search).Yes when using the local account, the troublesome machines are connected using SMB 2.10.> > > > Using a local account from the server (vs an AD account) works. So > > there's something wrong about authentication in the AD, but I don't > > understand what's wrong. > > > > > > can I ask why you are still using such old versions of OS and Samba ? > Not too mention Windows.That's Debian stable with the included version of Samba. Running Debian stable is pretty standard IMO :) -- ------------------------------------------------------------------------ Emmanuel Florac | Direction technique | Intellique | <eflorac at intellique.com> | +33 1 78 94 84 02 ------------------------------------------------------------------------ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 195 bytes Desc: Signature digitale OpenPGP URL: <http://lists.samba.org/pipermail/samba/attachments/20221216/4b91902d/attachment.sig>