Dear community,
I’m going to answer myself here to offer an answer to the problem and a solution. Maybe this will help someone:
The solution to the problem was already in the question, or was partly already included in the similar query cited at the beginning:
I’ll briefly summarize the problem again:
(Behavior under Windows AD clients)
Nethserver 7:
NS7 domain controller: “ad.mysrv.tld”
SAMBA share access via: "\\mysrv.mydomain.tld\SHARENAME"
(the usual way under Nethserver 7)
After migrating to Nethserver 8:
NS8 domain controller: “ad.mysrv.tld”
But:
No longer SAMBA share access via:
"\\mysrv.mydomain.tld\SHARENAME"
Error message:
“Could not access \mysrv.mydomain.tld\SHARENAME." You may not have permission to use this network resource. If you log in, (etc., etc.) Incorrect parameter.”
Instead, SAMBA share access only worked via:
“\\nsdc-mysrv.ad.mydomain.tld”
and
\\IP\SHARENAME
and
“\\mydomain” (which I hadn’t noticed because I don’t consciously use it)
The following steps ultimately led to the solution (tested for Windows AD clients):
Step 1
Install the “LAM” app (NETH8 container) and delete the previous host entry for “MYSRV” or the old Nethserver7 SMB share host. The old entry already interferes with the listing of shares because it still points to an old device.
Step 2
Set an extended entry for “netbios aliases” that points to the original share URL:
nano /home/samba1/.local/share/containers/storage/volumes/config/_data/include.conf
Content set by the migration tool:
[global]
netbios aliases = mysrv
Customized content (I need three entries):
[global]
netbios aliases = mysrv mysrv.mydomain.tld mysrv.mydomain.internal
After restarting the SAMBA container…
runagent -m samba1 systemctl --user restart samba-dc
…access now works via all three variants: mysrv mysrv, .mydomain.tld, and mysrv.mydomain.internal.
My mistake was not pursuing the “netbios aliases” approach. Firstly, because I didn’t really want to use the outdated NETBIOS and hadn’t had the corresponding ports active for years.
Secondly, because the migration tool had already set a fundamentally correct entry for the previous NETBIOS name (mysrv), and it still didn’t work - even though my setting shouldn’t differ from others, since the hostname for the Samba share should be the same as the Nethserver7 hostname for most others(?).
Perhaps the term “netbios aliases” was just confusing for me, and that actually has nothing to do with “NETBIOS” anymore? On the other hand, it was also confusing that these login problems only occurred on machines connected to AD. Non-AD-integrated machines didn’t have the problem.
My problem is thus solved (also for future migrations),
but perhaps it would still be a good idea if the migration tool would perform the above-mentioned adjustments itself(?):
- Delete the old MYSRV entry in the AD (because it points to the old NetServer 7, which is to be replaced).
- Enter not only the short but also the full hostname of the previous SAMBA host as “netbios aliases.” Or ask what should be used.
In my opinion, this would greatly complete the migration and help keep the promise of “complete migration of the AD and the shares.”
Regards, Yummiweb