Project

General

Profile

Bug #5158

Non-optimal default CIFS Service settings

Added by Jon Royle over 6 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Important
Assignee:
John Hixson
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

In testing a clean install after joining an existing AD and then enabling CIFS service "Local Master" and "Time Server for Domain" is checked - as per docs this is not recommended for a server which part of an existing AD

Recommend setting these to unchecked when AD is chosen as Directory Service

Associated revisions

Revision 3ed7c667 (diff)
Added by John Hixson over 5 years ago

Keep CIFS settings consistent with what is actually going on Ticket: #5158

Revision a08ea1dc (diff)
Added by John Hixson over 5 years ago

Keep CIFS settings consistent with what is actually going on Ticket: #5158 (cherry picked from commit 3ed7c6671026fd3b66875ee13ee5cb131c3f60b5)

Revision 160c4618 (diff)
Added by John Hixson over 5 years ago

Keep CIFS settings consistent with what is actually going on Ticket: #5158 (cherry picked from commit 3ed7c6671026fd3b66875ee13ee5cb131c3f60b5)

Revision 71a27d7a (diff)
Added by John Hixson over 5 years ago

Oopsie. Don't disable the workgroup, otherwise CIFS form is very unhappy. Ticket: #5158

Revision 57d2b329 (diff)
Added by John Hixson over 5 years ago

Oopsie. Don't disable the workgroup, otherwise CIFS form is very unhappy. Ticket: #5158 (cherry picked from commit 71a27d7ac4a9a7322aeefff7f8da18cfd3a72678)

Revision 49d19a14 (diff)
Added by John Hixson over 5 years ago

Oopsie. Don't disable the workgroup, otherwise CIFS form is very unhappy. Ticket: #5158 (cherry picked from commit 71a27d7ac4a9a7322aeefff7f8da18cfd3a72678)

Revision 4c49c9af (diff)
Added by John Hixson over 5 years ago

Domain logons should be true when LDAP is enabled Ticket: #5158

Revision e7e1b598 (diff)
Added by John Hixson over 5 years ago

Domain logons should be true when LDAP is enabled Ticket: #5158 (cherry picked from commit 4c49c9af7f942f4203cf3f25f0e9d61036262e5c)

Revision 6e6e4453 (diff)
Added by John Hixson over 5 years ago

Domain logons should be true when LDAP is enabled Ticket: #5158 (cherry picked from commit 4c49c9af7f942f4203cf3f25f0e9d61036262e5c)

History

#1 Updated by Jon Royle over 6 years ago

  • Category set to 57

#2 Updated by Josh Paetzel over 6 years ago

  • Status changed from Unscreened to Screened
  • Assignee set to Josh Paetzel
  • Target version set to 49

Agreed. This is a very simple fix.

Jordan, 9.2.1.6?

#3 Updated by Josh Paetzel over 6 years ago

  • Target version changed from 49 to 9.3-BETA

In thinking about this a bit more, this actually isn't as easy as I first thought.

The default settings are hard wired in the model. It will require a bit of code to alter the defaults in the form based on what other settings are (eg: directory services)

The other easy button option, which is to just detect the directory services option then set smb.conf accordingly ignores the state of the GUI checkbox altogether, which is less than desirable. If there's simply no case where there should be a choice then it makes sense to remove the checkbox from the GUI and DTRT.

#4 Updated by Jon Royle over 6 years ago

Josh - CIFS is not my area of expertise, but a couple of thoughts from reading docs

"Local Master" is more often that not recommended to be unchecked (for LDAP and AD and not necessary if Windows Vista or later clients present)- why not make this (unchecked) the default?

"Time Server for Domain" - sounds like this should be unchecked by default for LDAP and AD - but this should be option in GUI

#5 Updated by Josh Paetzel over 6 years ago

The problem is time server for domain is critical if you are a directory server. So we need different defaults depending on what the directory services are set to. Requires changes to the form which might be too intrusive for 9.2.1.6 but I agree they should be done.

I need to read up on local master to even see what it does these days.

#6 Updated by Jordan Hubbard almost 6 years ago

  • Target version changed from 9.3-BETA to 111

#7 Updated by Josh Paetzel over 5 years ago

  • Status changed from Screened to Unscreened
  • Assignee changed from Josh Paetzel to Jordan Hubbard

We should still do this. It's a valid bug.

#8 Updated by Jordan Hubbard over 5 years ago

  • Assignee changed from Jordan Hubbard to John Hixson
  • Priority changed from No priority to Important
  • Target version changed from 111 to Unspecified

BRB: We need to think about this some more.

#9 Updated by John Hixson over 5 years ago

  • Status changed from Unscreened to Screened

#10 Updated by John Hixson over 5 years ago

  • Seen in changed from to 9.3-RELEASE

This is a low priority right now, but does need looking at.

#11 Updated by John Hixson over 5 years ago

on hold

#12 Updated by John Hixson over 5 years ago

still on hold

#13 Updated by John Hixson over 5 years ago

I might be looking at this tomorrow.

#14 Updated by John Hixson over 5 years ago

When AD or NT4 is enabled, 'local master', 'domain logons' and 'time server' are unchecked and set to disabled. When LDAP is enabled, 'domain logons' is set to checked and read only.

#15 Updated by John Hixson over 5 years ago

  • Status changed from Screened to Ready For Release

#16 Updated by Jordan Hubbard over 5 years ago

  • Status changed from Ready For Release to Resolved

#17 Avatar?id=14398&size=24x24 Updated by Kris Moore about 4 years ago

  • Target version changed from Unspecified to N/A

Also available in: Atom PDF