Hi, to all of you which are using Synology NAS systems. With SMB-Service 4.15.9-0631 no longer shares are accessible via domain group rights from a Samba 4.17.7 domain. It seems the same error described in the following mail trails: "No longer access to shares after upgrade to 4.17.3" "File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name" I've already openend a ticket with Synology. So be careful before updating the SMB-Service, maybe test it first on a not so important system. Regard Ingo -- Regards Ingo https://github.com/WAdama
The only way I have found to fix that is to enable the beta updates in plugins and install the beta version of samba on the Synology. Thank you, Travis Wenks Rose City Solutions Owner [image: Rose City Skyline Logo] * Phone *503.821.7000 <3464881845> * Website *rosecitysolutions.com <https://rosecitysolutions.com> * Email * travis at rosecitysolutions.com On Thu, Apr 13, 2023 at 3:42?AM Ingo Asche via samba <samba at lists.samba.org> wrote:> Hi, > > to all of you which are using Synology NAS systems. > > With SMB-Service 4.15.9-0631 no longer shares are accessible via domain > group rights from a Samba 4.17.7 domain. > > It seems the same error described in the following mail trails: > "No longer access to shares after upgrade to 4.17.3" > "File server joined to a samba domain accessed by windows 10-11 clients, > works via ip no via dns name" > > I've already openend a ticket with Synology. > > So be careful before updating the SMB-Service, maybe test it first on a > not so important system. > > Regard > Ingo > > -- > Regards > Ingo > https://github.com/WAdama > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Just a tip..... Do not buy any synology and expect windows joining & support to last. They have already taken the samba packages and modified them to defeat support of 'non synology" versions. Plus they have "nobbled" how the Synology can join into a distributed AD. Add into that the totally unreliability related to updates of group/user memberships with the windows AD, it's just not worth it. (in some cases it requires a total reboot of the synology for the rights to be applied, even after a forced sync ) Based on conversations with them in the past, I think they cannot be relied upon to support any serious attempts at corporate integration with windows AD.