Displaying 20 results from an estimated 20000 matches similar to: "SMB data transfer performance on AD mode"
2017 Sep 12
2
SMB data transfer performance on AD mode
On Tue, 12 Sep 2017 19:30:42 +0100
Miguel Medalha via samba <samba at lists.samba.org> wrote:
> Your problem probably comes from using the AD DC as a file server.
> The file server should be separated, as recommended by the Samba
> team. I get close to wire speed on dedicated member servers.
>
> With version 4.4.2, changes in behaviour for the "server signing" and
2017 Sep 12
0
SMB data transfer performance on AD mode
Hi Rowland
The 4.5.10 was the newest of 4.5x series on that time, but the 4.5x series is still supported isn't it ? What shares are configured unproperly or like old samba way ?
----- Original Message -----
From: "samba" <samba at lists.samba.org>
To: "samba" <samba at lists.samba.org>
Sent: Tuesday, September 12, 2017 3:50:56 PM
Subject: Re: [Samba] SMB
2016 Jun 03
0
SMB encryption
>> A - I thought badlock mitigation was about encrypting SMB traffic, at least most part of it.
>> And this encryption of most part of data transfer could (or should) lower performances.
>> It seems I was wrong: smallest part (something like commands) are encrypted but not SMB traffic (ie file transfer).
>> This for SMB protocol prior to SMB3 (which comes with windows 8).
2016 Jun 03
3
SMB encryption
Hi all,
A - I thought badlock mitigation was about encrypting SMB traffic, at least
most part of it. And this encryption of most part of data transfer could
(or should) lower performances.
It seems I was wrong: smallest part (something like commands) are encrypted
but not SMB traffic (ie file transfer). This for SMB protocol prior to SMB3
(which comes with windows 8).
B - According to what I
2016 Apr 12
0
[Announce] Samba 4.4.2, 4.3.8 and 4.2.11 Available for Download
Release Announcements
---------------------
This is a security release in order to address the following CVEs:
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate
2016 Apr 12
0
[Announce] Samba 4.4.2, 4.3.8 and 4.2.11 Available for Download
Release Announcements
---------------------
This is a security release in order to address the following CVEs:
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate
2017 Apr 21
2
Fwd: Unable to change passwords from Win XP Pro clients
On Fri, 21 Apr 2017 12:00:59 -0400
Eleuterio Contracampo via samba <samba at lists.samba.org> wrote:
> [2017/04/21 12:47:55.219297, 0]
> ../auth/gensec/gensec.c:257(gensec_verify_dcerpc_auth_level)
>
> Did not manage to negotiate mandetory feature SIGN for dcerpc
> auth_level 6
>
I think you may be running into an artefact of the badlock patches, for
which Win7 will
2017 Apr 25
0
Fwd: Unable to change passwords from Win XP Pro clients
I think the "client ip signing options" don't matter on the domain
controller, since the domain controller is not functioning as a server.
(If this was a samba member server, then it would matter.)
You MAY want to try
server signing = no
On 04/25/17 12:14, Eleuterio Contracampo via samba wrote:
> Just a follow-up. Still, no resolution. I've tried different
2017 Apr 25
2
Fwd: Unable to change passwords from Win XP Pro clients
Just a follow-up. Still, no resolution. I've tried different combinations
with "client ipc signing" without luck.
A traffic dump shows the problem as:
i) windows XP client sends a DCE/RPC SAMR command GetDomPwInfo
ii) samba DC responds with DCE/RPC Fault nca_proto_error
I've also tried fiddling with Local Security Policy registry values at the
Win XP machine, but got nothing
2017 Sep 12
0
SMB data transfer performance on AD mode
Oops! I forgot the link. Sorry!
https://www.samba.org/samba/history/samba-4.4.2.html
2016 Jun 12
0
Hardened UNC Paths, Badlock, encryption defaults?
Hi,
Microsoft some time ago introduced Hardened UNC Paths, and in April
published the Badlock security fixes, which seem to be related to that.
Samba at the same time published versions 4.4.1 (and 4.4.2).
Even after reading the release notes of Samba 4.4.1 several times, I
still do not know whether I must manually adjust smb.conf to be
protected from these vulnerabilities.
What I do know is
2017 Apr 21
0
Fwd: Unable to change passwords from Win XP Pro clients
Thank you once again! I'll research that link, and let everyone interested
know about the results.
EC
On Fri, Apr 21, 2017 at 12:50 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Fri, 21 Apr 2017 12:00:59 -0400
> Eleuterio Contracampo via samba <samba at lists.samba.org> wrote:
>
> > [2017/04/21 12:47:55.219297, 0]
> >
2016 Jun 08
1
Solaris 10 Configure failure
ORACLE have released this patch for Solaris 10 - Samba v3.6.25:
IDR152387-03 addressing CVE-2016-2118 (BADLOCK) and other CVEs for S10 SPARC
Which has addressed our issue.
Thanks
-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Gaiseric Vandal
Sent: 07 June 2016 14:51
To: samba at lists.samba.org
Subject: Re: [Samba] Solaris 10 Configure failure
2016 Jun 02
1
libtdb and BADLOCK (CVE-2016-2118)
Do you know why Red Hat updated libtdb as part of their remediation for
Badlock on Samba4?
https://rhn.redhat.com/errata/RHSA-2016-0612.html
On Thu, Jun 2, 2016 at 2:37 PM, Jeremy Allison <jra at samba.org> wrote:
> On Thu, Jun 02, 2016 at 11:29:25AM -0500, Sam Gardner wrote:
> > Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba
> 3.x
> > imply an
2016 Jun 02
0
libtdb and BADLOCK (CVE-2016-2118)
On Thu, Jun 02, 2016 at 11:29:25AM -0500, Sam Gardner wrote:
> Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba 3.x
> imply an upgrade to a non-vulnerable version of the tdb library?
>
> If so, can someone point me to any documentation on the tdb vulnerability?
There were no tdb vulnerabilities in the badlock code release.
2019 Sep 14
7
File server as host for a Windows Server VM?
I hope that someone here can give some advice on the following:
I have a Samba based Active Directory. A CentOS 7.6 machine runs as a
file server and hosts the Windows user profiles for all the Windows
workstations.
Now management has decided that they need a Windows server for a couple
of administrative applications, which need MS SQL Server. That would be
the only role of this Windows.
2017 Sep 12
2
SMB data transfer performance on AD mode
On Tue, 2017-09-12 at 09:11 -0700, Jeremy Allison via samba wrote:
> On Tue, Sep 12, 2017 at 12:52:29PM -0300, Dante Colo via samba wrote:
> > Hi Everyone !
> >
> > I note that all of samba AD server that i maintain are not so fast in terms of data transfer, more specifically none of them go over 40 MB/s , one particularly which i'm trying to find out why doesn't go
2017 Feb 08
0
转发: 答复: ??????: Is the "\\x.x.x.x" type tree connect request a client related feature?
Thanks for your response, Rowland.
Sorry for the late reply.
Here is my smb.conf:
[global]
workgroup = grouptest1
server string = %h server (Samba NAS)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 10000
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync =
2016 Jun 20
0
problem with domain and samba3x
On 06/20/16 15:19, Rowland penny wrote:
> On 20/06/16 19:53, Dale Schroeder wrote:
>> On 06/17/2016 4:31 PM, peter lawrie wrote:
>>> Hi all
>>> About 18 months ago I connected 14 new Windows 7 PCs to a Centos5.1
>>> server
>>> with samba3x as domain members. There are no other servers on site.
>>> Today, I had to visit to connect up a PC in a
2016 Jun 02
2
libtdb and BADLOCK (CVE-2016-2118)
Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba 3.x
imply an upgrade to a non-vulnerable version of the tdb library?
If so, can someone point me to any documentation on the tdb vulnerability?
Thanks,
Sam