Hi, all.
I have just installed a Samba AD-DC, with a file server. I know that this
is not ideal, but this is what I could do now.
I have many shares and now, with windows 10 clients I face a problem: the
first time the user logs in, all maps work. From this point ahea, no more
mappings and the error 85, which informs that the drive letter has already
been used.
The mappings are in a logon.bat script, executed in login time, through a
GPO.
My first question is if someone has faced this error and what solution was
applied.
The second is what information I need to send in order to inform the
context.
Samba AD-DC version 4.15.13-Ubuntu is installed in a Ubuntu 22.04 LTS.
The windows client used is windows 10 (it works well in windows 7)
smb.conf
# Global parameters
[global]
dns forwarder = 8.8.8.8 9.9.9.9
netbios name = MEUSAMBA
realm = SERV.IBAM
server role = active directory domain controller
workgroup = SERV
domain master = yes
preferred master = yes
encrypt passwords = yes
domain logons = yes
hide unreadable = yes
local master = yes
preserve case = no
time server = yes
security = user
short preserve case = no
winbind separator = +
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
########## Script Logon #####################
logon script = logon.bat
########## Impressora #######################
printing = cups
printcap name = cups
load printers = yes
printer = impsuporte
########### Charset #########################
dos charset = iso-8859-1
unix charset = iso-8859-1
############ Descri??o do Servidor ###########
server string = Servidor de arquivos do IBAM
############ Winbind Idmap ###################
log file = /var/log/samba/samba-ad-dc.log
log level = 3
idmap_ldb:use rfc2307 = yes
idmap config * : backend = tdb
idmap config * : range = 1000-9999
template shell = /bin/bash
template homedir = /home/%U
############# ACLS ###########################
vfs objects = acl_xattr dfs_samba4 audit
map acl inherit = yes
store dos attributes = yes
inherit acls = yes
nt acl support = yes
inherit permissions = yes
############# Recicle ##################
vfs object = recycle
recycle:repository = /dados/recycle/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = Yes
recycle:maxsixe = 0
recycle:exclude = *.tmp *.temp *.o *.obj ~$* *.~?? thumbs.db
recycle:exclude_dir = /tmp /temp /cache /recycle /ibam/transfer
recycle:subdir_mode = 0700
printer name = impsuporte
############ Map usu?rio Sistema Unix/Windows ############
username map = /etc/samba/smbusers
############ LOGS ########################
os level = 33
debug level = 2
max log size = 8000
log file = /var/log/samba/%U_%m.log
############ Habilitando Consultas LDAP###############
ldap server require strong auth = No
############ COMPARTILHAMENTOS ###########################
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/serv.ibam/scripts
read only = No
[logon-bat]
path = /usuarios/%U
read only = No
write list = %U
browseable = no
[ibam]
path = /dados/ibam
read only = No
I cut a bunch of shares that seem to be unnecessary for the moment.
I'm not sure how I can send information on GPO.
I thaks for any help.
Ricardo
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
N?o
cont?m v?rus.www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On Thu, 21 Mar 2024 12:21:25 -0300 Ricardo Campos via samba <samba at lists.samba.org> wrote:> Hi, all. > > I have just installed a Samba AD-DC, with a file server. I know that > this is not ideal, but this is what I could do now. > > I have many shares and now, with windows 10 clients I face a problem: > the first time the user logs in, all maps work. From this point ahea, > no more mappings and the error 85, which informs that the drive > letter has already been used. > > The mappings are in a logon.bat script, executed in login time, > through a GPO. > > My first question is if someone has faced this error and what > solution was applied. > > The second is what information I need to send in order to inform the > context. > > Samba AD-DC version 4.15.13-Ubuntu is installed in a Ubuntu 22.04 > LTS. > > The windows client used is windows 10 (it works well in windows 7) > > smb.conf > > # Global parameters > [global] > dns forwarder = 8.8.8.8 9.9.9.9 > netbios name = MEUSAMBA > realm = SERV.IBAM > server role = active directory domain controller > workgroup = SERV > domain master = yes > preferred master = yes > encrypt passwords = yes > domain logons = yes > hide unreadable = yes > local master = yes > preserve case = no > time server = yes > security = user > short preserve case = no > > winbind separator = + > winbind use default domain = yes > winbind enum users = yes > winbind enum groups = yes > > ########## Script Logon ##################### > > logon script = logon.bat > ########## Impressora ####################### > > printing = cups > printcap name = cups > load printers = yes > printer = impsuporte > > ########### Charset ######################### > > dos charset = iso-8859-1 > unix charset = iso-8859-1 > > > ############ Descri??o do Servidor ########### > > server string = Servidor de arquivos do IBAM > > ############ Winbind Idmap ################### > > log file = /var/log/samba/samba-ad-dc.log > log level = 3 > idmap_ldb:use rfc2307 = yes > idmap config * : backend = tdb > idmap config * : range = 1000-9999 > template shell = /bin/bash > template homedir = /home/%U > > ############# ACLS ########################### > > vfs objects = acl_xattr dfs_samba4 audit > map acl inherit = yes > store dos attributes = yes > inherit acls = yes > nt acl support = yes > inherit permissions = yes > > ############# Recicle ################## > > vfs object = recycle > recycle:repository = /dados/recycle/%U > recycle:keeptree = Yes > recycle:touch = Yes > recycle:versions = Yes > recycle:maxsixe = 0 > recycle:exclude = *.tmp *.temp *.o *.obj ~$* *.~?? thumbs.db > recycle:exclude_dir = /tmp /temp /cache /recycle > /ibam/transfer recycle:subdir_mode = 0700 > printer name = impsuporte > > ############ Map usu?rio Sistema Unix/Windows ############ > username map = /etc/samba/smbusers > > ############ LOGS ######################## > os level = 33 > debug level = 2 > max log size = 8000 > log file = /var/log/samba/%U_%m.log > > ############ Habilitando Consultas LDAP############### > ldap server require strong auth = No > > ############ COMPARTILHAMENTOS ########################### > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > [netlogon] > path = /var/lib/samba/sysvol/serv.ibam/scripts > read only = No > > [logon-bat] > path = /usuarios/%U > read only = No > write list = %U > browseable = no > [ibam] > path = /dados/ibam > read only = No > > I cut a bunch of shares that seem to be unnecessary for the moment. > > I'm not sure how I can send information on GPO. > >I think that the first thing you should do is to remove all the old NT4-style parameters you have added, then definitely fix this: vfs objects = acl_xattr dfs_samba4 audit ...... ... vfs object = recycle The 'vfs object' line replaces the 'vfs objects' line, it does not add to it. I would also upgrade Samba, 4.15.13 is EOL from the Samba point of view. You can get a newer version here: http://www.corpit.ru/mjt/packages/samba/ Rowland
Maybe Matching Threads
- temp fix: Simultaneous reads and writes from specific apps to IPoIB volume seem to conflict and kill performance.
- VFS module recycle not working
- Very strange permission problem: samba on zfs-fuse
- Failed to enumerate objects in the container. Access is denied
- Developed an issue with Samba File Server integrated with Samba-AD