Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] samba 3 domain and win10 logon scripts
153 views
Skip to first unread message
lejeczek
Apr 13, 2016, 7:30:04 AM4/13/16
to
hi everybody
I have a win10 which is (from what I see) a good member of
samba domain except for one thing - it does not seem to a
few simply things from a logon.bat, or does not do anything
with it.
would you share your thoughts?
many thanks
L.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
I have a win10 which is (from what I see) a good member of
samba domain except for one thing - it does not seem to a
few simply things from a logon.bat, or does not do anything
with it.
would you share your thoughts?
many thanks
L.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marc Muehlfeld
Apr 13, 2016, 4:40:05 PM4/13/16
to
Hello,
Am 13.04.2016 um 13:20 schrieb lejeczek:
> I have a win10 which is (from what I see) a good member of samba domain
> except for one thing - it does not seem to a few simply things from a
> logon.bat, or does not do anything with it.
> would you share your thoughts?
We can't, if you don't share
- the logon script
- your Samba version
- your smb.conf
- details what exactly went wrong
with us.
Regards,
Marc
Am 13.04.2016 um 13:20 schrieb lejeczek:
> I have a win10 which is (from what I see) a good member of samba domain
> except for one thing - it does not seem to a few simply things from a
> logon.bat, or does not do anything with it.
> would you share your thoughts?
- the logon script
- your Samba version
- your smb.conf
- details what exactly went wrong
with us.
Regards,
Marc
lejeczek
Apr 14, 2016, 5:40:03 AM4/14/16
to
On 13/04/16 21:32, Marc Muehlfeld wrote:
> Hello,
>
> Am 13.04.2016 um 13:20 schrieb lejeczek:
>> I have a win10 which is (from what I see) a good member of samba domain
>> except for one thing - it does not seem to a few simply things from a
>> logon.bat, or does not do anything with it.
>> would you share your thoughts?
> We can't, if you don't share
> - the logon script
> - your Samba version
> - your smb.conf
> - details what exactly went wrong
just the logon.bat does not seem win10 runs it, suffice to
> Hello,
>
> Am 13.04.2016 um 13:20 schrieb lejeczek:
>> I have a win10 which is (from what I see) a good member of samba domain
>> except for one thing - it does not seem to a few simply things from a
>> logon.bat, or does not do anything with it.
>> would you share your thoughts?
> We can't, if you don't share
> - the logon script
> - your Samba version
> - your smb.conf
> - details what exactly went wrong
point to \\server while a user is logged on to win10 and all
seems normal, credential pass through and servers shares are
visible, even the logon.bat runs fine when manually executed.
> with us.
3.6.23-24.el6_7
script and config I'd imagine should be fine - as they've
been fine for all the domain, win7 (+ XPs in earlier days),
it's just this newly introduced win10 which does not seem to
even run/execute that logon.bat script.
I'm guessing I'm missing some specifics needed for win10 -
what are those I wonder.
many thanks
L
Thomas Bork
Apr 18, 2016, 11:40:04 AM4/18/16
to
Am 14.04.2016 um 11:33 schrieb lejeczek:
> I'm guessing I'm missing some specifics needed for win10 - what are
> those I wonder.
Is your Samba a NT4-style PDC? You are using Samba 3, I'm using Samba 4.
> I'm guessing I'm missing some specifics needed for win10 - what are
> those I wonder.
Anyway:
In my experiments I also had to set an additional regpatch for Win10 and
a Samba 4.3.x NT4-style domain for logon scripts - otherwise the logon
scripts are not running:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
"\\\\*\\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0"
Complete regpatch:
############################################################################
Windows Registry Editor Version 5.00
;
; windows10_join_enable.reg
;
; This registry keys are needed for a Windows 10 Client to join
; and logon to a Samba 4.3.x domain.
;
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
; Enable NT-Domain compatibility mode
; Default:
; [value not present]
; "DomainCompatibilityMode"=-
"DomainCompatibilityMode"=dword:00000001
; Disable required DNS name resolution
; Default:
; [value not present]
; "DNSNameResolutionRequired"=-
"DNSNameResolutionRequired"=dword:00000000
; Disable Mutual authentication, no Kerberos, can fall back to NTLMv2
; Disable Integrity, SMB signing is not required
; Disable Privacy, no SMBv3 must be used
; Default:
; [value not present]
; "\\\\*\\netlogon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
"\\\\*\\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0"
############################################################################
--
der tom
Helmut Hullen
Apr 18, 2016, 1:10:03 PM4/18/16
to
Hallo, lejeczek,
Du meintest am 13.04.16:
> hi everybody
> I have a win10 which is (from what I see) a good member of
> samba domain except for one thing - it does not seem to a
> few simply things from a logon.bat, or does not do anything
> with it.
> would you share your thoughts?
> many thanks
I've written my steps into
http://arktur.shuttle.de/CD/Testpakete/Client-anpassen.txt
It's in german, it's not really good structured. Perhaps it helps.
Especially for logon:
The lines after "Arktur als Samba-Server" and the there mentioned patch
http://arktur.shuttle.de/CD/stabil/Patches/Win10_Samba.reg
Viele Gruesse!
Helmut
Du meintest am 13.04.16:
> hi everybody
> I have a win10 which is (from what I see) a good member of
> samba domain except for one thing - it does not seem to a
> few simply things from a logon.bat, or does not do anything
> with it.
> would you share your thoughts?
> many thanks
http://arktur.shuttle.de/CD/Testpakete/Client-anpassen.txt
It's in german, it's not really good structured. Perhaps it helps.
Especially for logon:
The lines after "Arktur als Samba-Server" and the there mentioned patch
http://arktur.shuttle.de/CD/stabil/Patches/Win10_Samba.reg
Viele Gruesse!
Helmut
lejeczek
Apr 28, 2016, 5:50:03 AM4/28/16
to
that is it;
many thanks!
L.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider
\HardenedPaths]
"\\\\*\\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,Req
uirePrivacy=0"
does the trick
\HardenedPaths]
"\\\\*\\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,Req
uirePrivacy=0"
many thanks!
L.
0 new messages