[Samba] samba4 PDC, smbstatus provides no info

Wed Nov 19 03:44:32 MST 2014

On 18/11/14 22:57, Jakub Kulesza wrote:
> OK, changed to s3fs. Now the home folder permission is set correctly, I can
> also see the smbstatus containing what it used to contain. I see that
> everything works nice from a bunch of test accounts. We'll see about that
> in the morning, when users will start to log in. THANKS!!!!!
>
> Before I move the file serving elsewhere, one last question:
> - if it's the winbind that is the problematic bit, that makes Samba Team to
> recommend having a separate file server from the DC, will just cutting
> winbind from nsswitch.conf do the trick? I do not really need mapping
> username's to UIDs within my linux box.
>
>
> 2014-11-18 16:30 GMT+01:00 Jakub Kulesza <jakkul at gmail.com>:
>
>> OK, I know now - it's the smb option in server services.
>>
>> Question - If I'm changing back, the thing that I should do is setting
>> proper file and share perms again, including running samba-tool ntacl
>> sysvolreset? Is that right?
>>
>> 2014-11-18 16:22 GMT+01:00 Jakub Kulesza <jakkul at gmail.com>:
>>
>>> Questions questions questions.
>>>
>>> Do I really use ntvfs not s3fs? I see that I haven't got any of this in
>>> server services, and I've provisioned my domain using following command:
>>>
>>> samba-tool domain classicupgrade --dbdir=/root/varlibsamba
>>> --use-xattrs=yes --realm=biuro..... --dns-backend=SAMBA_INTERNAL
>>> /root/smb.confTOGUSA
>>>
>>> and all manuals say that s3fs is the default if I did not change it with
>>> --use-ntvfs at the time of provisioning. How can I verify that?
>>>
>>> 2014-11-18 15:41 GMT+01:00 Jakub Kulesza <jakkul at gmail.com>:
>>>
>>>> guys, thank you for pointing that out. I'll guess that I'll need to cut
>>>> the file serving functions to a different virtual machine. No problem
>>>> there. Already did that when moving from gentoo samba 3.6 ntdomain to
>>>> ubuntu samba 4.1 ADdomain.
>>>>
>>>> If it will solve the issue I will not get back to you :D.
>>>>
>>>> Another thing - since it's the winbind that is the problematic bit:
>>>> - do I also need to have sysvol share on a different box?
>>>> - will just cutting winbind from nsswitch.conf do the trick? I do not
>>>> really need mapping username's to UIDs within my linux box.
>>>> - next question that I wanted to post is the problem with creating user
>>>> home directories. If I create a new user in MMC and create his/hers home
>>>> directory, it gets created in the proper destination but with wrong owner:
>>>> the owner is root. Can this be related? I have no problems with profile
>>>> dirs, since those are created by the logged users themselves (automatically
>>>> by the windows OS), for the home dirs I've created a hacky script that runs
>>>> from crontab and chowns the directories :D
>>>>
>>>>
>>>> 2014-11-18 15:06 GMT+01:00 Rowland Penny <rowlandpenny at googlemail.com>:
>>>>
>>>>> On 18/11/14 13:57, mots wrote:
>>>>>
>>>>>> AW: [Samba] samba4 PDC, smbstatus provides no info
>>>>>>
>>>>>>
>>>>>>      -----Ursprüngliche Nachricht-----
>>>>>>> Von:Rowland Penny <rowlandpenny at googlemail.com  <mailto:
>>>>>> rowlandpenny at googlemail.com>>
>>>>>>> Gesendet: Die 18 November 2014 10:44
>>>>>>> An:samba at lists.samba.org  <mailto:samba at lists.samba.org>
>>>>>>> Betreff: Re: [Samba] samba4 PDC, smbstatus provides no info
>>>>>>>
>>>>>>> OK, two things pop out at me, you seem to be using the AD DC as a
>>>>>>> fileserver, this is not recommended
>>>>>>>
>>>>>>> Rowland
>>>>>> Why is this not recommended? I haven't found anything about it in the
>>>>>> documentation.
>>>>>>
>>>>>> mots
>>>>>>
>>>>>>> --
>>>>>>> To unsubscribe from this list go to the following URL and read the
>>>>>>> instructions:https://lists.samba.org/mailman/options/samba
>>>>>>>
>>>>> See here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#
>>>>> Introduction
>>>>>
>>>>> Rowland
>>>>>
>>>>>
>>>>> --
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>>
>>>>
>>>>
>>>> --
>>>> Pozdrawiam
>>>> Jakub Kulesza
>>>>
>>>
>>>
>>> --
>>> Pozdrawiam
>>> Jakub Kulesza
>>>
>>
>>
>> --
>> Pozdrawiam
>> Jakub Kulesza
>>
>
>
As I said in my earlier reply, you only need the winbind settings in 
/etc/nsswitch if you want your domain users to login on the Samba AD DC.

Rowland