I just noticed that it has the added effect of turning off the SMB share service when it fails. Thankfully, when I enable the SMB service again after it has faulted, the users are able to access the file share without restoring the domain relationship. When I do restore the connection to the directory, I follow these steps.
- Go to Shares and turn off the SMB service under the More Options menu in the “Windows (SMB) Shares” section.
- Go to Credentials > Directory and edit the settings for Active Directory.
- Uncheck the “Enable” field and save.
- Then, still in Directory Services, show Advanced Settings
- Delete the machine account under Kerberos Keytab
- Enable Active Directory again. It will have saved all the other information, I only need to enter my password again.
- Enable the SMB service again in Shares.
- After it faults again in a few hours, enable the SMB service again.
I am assuming that the share still works because of cached credentials, but if any changes are made to the domain, the relationship needs to be restored to pull the new information.