[Samba] samba-tool user to edit users..?
Rowland Penny
rowlandpenny at googlemail.com
Thu Aug 21 06:36:59 MDT 2014
On 21/08/14 13:18, mourik jan heupink - merit wrote:
> Hai Louis,
>
> I can ping filehost, but you are right: I cannot ping
> filehost.samba.company.com, even though it is our main fileserver, and
> (i am under the impression) joined to the AD...
>
> Looking at smb.conf @ filehost there is no "netbios name = " line.
>
> root at filehost:/etc# hostname -a
> filehost
> root at filehost:/etc# hostname -f
> filehost.company.com
>
> There is a filehost in the ADUC computers container. But when checking
> out it's properties, it has an old dns name: 'filehost.olddomain.com'
>
> So... this explains perhaps also the sssd problems we've had on this
> machine. (to fix those issues, I have started to use a dedicated user
> account for krb5.sssd.keytab)
>
> Is there a way to check / verify the join..?
You could check what AD thinks the FQDN is:
ldbsearch -H /var/lib/samba/private/sam.ldb -b
"CN=Computers,DC=example,DC=com" -s sub
"(&(objectClass=computer)(cn=<computer name>))" dNSHostName
This is on Debian, replace the path to sam.ldb with yours, replace
DC=example,DC=com with your rootdse and <computer name> with your
computers (client) short hostname. You have to run this on the AD DC
obviously ;-)
Rowland
>
> MJ
>
> On 8/21/2014 13:32, L.P.H. van Belle wrote:
>> Hai Mourik Jan,
>>
>> and you can ping to filehost and filehost.samba.company.com from a
>> windows pc?
>> This is something in your resolving setup.
>> Are you using bind9 or internal dns.
>> ( i dont have any forwarders in bind )
>>
>> This is what im having in my resolv.conf.
>> search samba.company.com samba.company2.com
>> nameserver 127.0.0.1
>> nameserver internetdns1
>> nameserver internetdns2
>>
>>
>> Greetz,
>>
>> Louis
>>
>>
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: heupink at merit.unu.edu
>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>> heupink - merit
>>> Verzonden: donderdag 21 augustus 2014 13:13
>>> Aan: samba at lists.samba.org
>>> Onderwerp: [Samba] samba-tool user to edit users..?
>>>
>>> Hi,
>>>
>>> In our samba3 days, we provided a homedirectory like
>>> \\filehost\username.
>>>
>>> Now, with samba4 / ADUC using "\\filehost\username" gives the error:
>>>
>>> "the home folder could not be created because: the network name cannot
>>> be found". We have a little root preexec scripts creates the directory
>>> and sets permissions, so ADUC only needs to accept the
>>> "\\filehost\username", no further action required.
>>>
>>> ADUC accepts it, when I use a FULL servername:
>>> \\filehost.samba.company.com\username
>>>
>>> However, that full name does not work in windows explorer. ("Check the
>>> spelling of the name. Otherwise there might be a problem with your
>>> network") Therefore, the GPO drive mapping fails, and users logon with
>>> no home drive mapping.
>>>
>>> In short: using ADUC we currently have no way to configure a
>>> valid home
>>> folder.
>>>
>>> So the question: have I got a problem with my network (like ADUC tells
>>> me) or is there a way to simply make ADUC accept a valid home
>>> folder path?
>>>
>>> I looked at samba-tool to edit the user there, but it only can
>>> create/delete users, no modify... :-(
>>>
>>> I have read https://wiki.samba.org/index.php/Setting_up_a_home_share,
>>> but that's a whole new approach, and I'd rather have ADUC
>>> simply accept
>>> the path I give...
>>>
>>> MJ
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>>
More information about the samba
mailing list