Hi guys and girls.
My configuration:
- ClearOS 6.8 (as DNS, NTP, user/groups, Windows DC),
- Synology NAS,
- around 40 Windows 10 computers.
For a second week now I am dealing with a huge problems regarding domain. Last week I updated our NAS to latest version. Because of badlock fix it dropped from the domain. I was able to re-join after couple of days with help from Synology technical support. I had to change smb.conf on ClearOS! with adding this line: server signing = auto.
But created havoc on my WIN computers. I cannot log in with users which were not previously already logged on that computer, cannot access any computer shares (eg \\<computer name>
. To me it looks like WIN computers are running in cached domain mode.
Can you please help me what to do in this case?
My current smb.conf file.
Br, Ales.
My configuration:
- ClearOS 6.8 (as DNS, NTP, user/groups, Windows DC),
- Synology NAS,
- around 40 Windows 10 computers.
For a second week now I am dealing with a huge problems regarding domain. Last week I updated our NAS to latest version. Because of badlock fix it dropped from the domain. I was able to re-join after couple of days with help from Synology technical support. I had to change smb.conf on ClearOS! with adding this line: server signing = auto.
But created havoc on my WIN computers. I cannot log in with users which were not previously already logged on that computer, cannot access any computer shares (eg \\<computer name>
. To me it looks like WIN computers are running in cached domain mode.Can you please help me what to do in this case?
My current smb.conf file.
Br, Ales.
Share this post:
Responses (5)
-
Accepted Answer
-
Accepted Answer
I think I found it!
I added this lines to the smb.conf on ClearOS:
client signing = auto
client ipc signing = auto
First tests shows that mapped drive is reachable again when yesterday was not.
Super happy about that!
But there are still problems with the domain. I am still not able to open \\share on other computers, still getting "No logon servers" message. So looks like this change had only influence on NAS share (which is running Linux) or CIFS protocol.
Can someone help me about that?
Br, Ales. -
Accepted Answer
-
Accepted Answer
Here you go.
Thank you.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"DisablePasswordChange"=dword:00000000
"MaximumPasswordAge"=dword:0000001e
"RequireSignOrSeal"=dword:00000001
"RequireStrongKey"=dword:00000001
"SealSecureChannel"=dword:00000001
"ServiceDll"=%SystemRoot%\system32\netlogon.dll
"SignSecureChannel"=dword:00000001
"Update"="no"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"EnablePlainTextPassword"=dword:00000000
"EnableSecuritySignature"=dword:00000001
"RequireSecuritySignature"=dword:00000000
"ServiceDll"=%SystemRoot%\System32\wkssvc.dll
"ServiceDllUnloadOnStop"=dword:00000001
"DomainCompatibilityMode"=dword:00000001
"DNSNameResolutionRequired"=dword:00000000 -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »