OES2018 SP1 DSFW SYSVOL access does not work with SMB 2 or SMB 3
I found out, that access to bigger policies on the SYSVOL is problematic on Windows 7 to Windows 10 PCs (and the equivalent server versions). This leads to not working policies, the inability to backup or save Group Policies from the mmc snapin and several other problems.
This does not happen, if you disable SMB2 and SMB3 on the Samba server via "server max protocol = NT1" in the smb.conf .
Downside of this solution is, that you have to enable the SMB 1.0 client on your Windows PCs and servers.
I have reported this as SR#101251304101 and provided the requested traces. No feedback since then.
The whole issue can also be reproduced on Linux with "smbclient -m SMB1/2/3 //dsfw/sysvol" and then get a large GPO template file like inetres.admx "get \your.dsfw.domain\Policies\PolicyDefinitions\inetres.admx". This works with SMB1 and fails with SMB2/3: parallel_read returned NT_STATUS_IO_TIMEOUT.
Interestingly it works locally ("smbclient -m SMB3 //localhost/sysvol") on a DSFW server, but not from another DSFW server or with plain SLES12SP4 or SLES15SP1. Maybe a network timing issue?