We have a build machine that is running Windows 10 that pulls from our code repository frequently to look for changes. When it sees new code checked in it pulls the changes and runs a build process to give our testers new versions of various projects to test. This entire process is handled in a java container using the localsystem account. I'm not sure that's relevant, just trying to be complete in my assessment. We recently had all users turn off the Windows 10 feature for SMB1.0/CIFS File Sharing support due to the security implications and the fact that Microsoft wont be removing it by force until the Fall update.
So onto the problem. The NAS that we names FileSpot stopped showing up in network browses. The build machine could still get to the share via UNC using either the name or the IP but browsing to it was a problem. I hadn't rebooted my Win10 machine yet even though I turned SMB1/CIFS off and I *could* still browse. After a reboot... no longer. On it's own this wouldn't be a problem as I've mapped my users to an N drive and that was working. For whatever reason, the localsystem java process fails and I can see from logs that it's failing to create directories on FileSpot and therefore can't copy the new code over to the shared folder.
For the last few days after reading other threads I've been through so many iterations of trial an error to get it back to the way it was that my head is starting to spin. My first step was to check what level of SMB was running on the server and smb2status reported "max protocol SMB 2.0" which Windows 10 is perfectly capable of. So next, after a backup, I used the manual process to roll us back to build 20170628 which is where we currently stand but the problems persist. I read that perhaps the smb.conf could have been effected in the upgrade and not in the downgrade but I don't see anything in particular. I will include it here with the main "global" section and the pertinent share section:
Code: Select all
[global]
workgroup = DYNAMIC
security = USER
server string = FileSpot
encrypt passwords = Yes
username level = 0
map to guest = Bad User
null passwords = yes
max log size = 10
socket options = TCP_NODELAY SO_KEEPALIVE
os level = 20
preferred master = no
dns proxy = No
smb passwd file=/etc/config/smbpasswd
username map = /etc/config/smbusers
guest account = guest
directory mask = 0777
create mask = 0777
oplocks = yes
locking = yes
disable spoolss = no
load printers = no
veto files = /.AppleDB/.AppleDouble/.AppleDesktop/:2eDS_Store/Network Trash Folder/Temporary Items/TheVolumeSettingsFolder/.@__thumb/.@__desc/:2e*/.@__qini/.Qsync/.@upload_cache/.qsync/.qsync_sn/.@qsys/.digest/
delete veto files = yes
map archive = no
map system = no
map hidden = no
map read only = no
deadtime = 10
use sendfile = yes
case sensitive = auto
unix extensions = no
wins support = yes
store dos attributes = yes
client ntlmv2 auth = yes
dos filetime resolution = no
inherit acls = no
wide links = yes
force unknown acl user = yes
template homedir = /share/homes/DOMAIN=%D/%U
domain logons = no
min receivefile size = 8192
domain master = auto
local master = yes
passdb backend = smbpasswd
enhance acl v1 = yes
remove everyone = no
kernel oplocks = no
mangled names = yes
printcap cache time = 0
conn log = no
max protocol = SMB2
pid directory = /var/lock
host msdfs = yes
server role = auto
acl allow execute always = yes
display charset = UTF8
name resolve order = wins host bcast
[NETDUMP]
comment = Our Files
path = /share/MD0_DATA/NETDUMP
browsable = yes
oplocks = yes
ftp write only = no
recycle bin = yes
recycle bin administrators only = yes
public = yes
invalid users =
read list =
write list = "admin",@"everyone","guest"
valid users = "root","admin",@"everyone","guest"
inherit permissions = yes
mangled names = yes
qbox = no
Thanks,
kk
