[Samba] Samba as AD-Controller: unable to update policies and call start scripts
Luca Bertoncello
lucabert at lucabert.de
Fri Apr 8 07:33:57 UTC 2016
Zitat von "L.P.H. van Belle" <belle at bazuin.nl>:
> This is correct
>
>>> that gpupdate tries to copy somethings from \\cch.intra\sysvol and
>>> not from \\dc1\sysvol...
>
>>> There a no server with name cch.intra, this is just the Realm...
>
> No not REALM, but DNSdomain but with the same name as the REALM.
OK, I'm not expert in Samba as AD...
> You “should” be able to “ping cch.intra” or browse to \\cch.intra
ping yes, browse not. Or better, I can see the shares, but not access them!
> if not, then your missing dns records.
I'm not sure, I undestood your sentence, sorry...
> If you have only windows users accessing sysvol
>
> Change your sysvol to
>
>
>
>> [sysvol]
>
>> path = /usr/local/samba/var/locks/sysvol
>
>> read only = No
>
>> acl_xattr:ignore system acls = yes
>
>
>
> Which helps, because you can set better windows ACLs.
It doesn't...
From Windows I tried:
dir \\dc1\sysvol
and I got data, but
dir \\cch.intra\sysvol
returns:
Anmeldung fehlgeschlagen: unbekannter Benutzername oder falsches Kennwort.
PCs are in German...
Translated is the error: unable to login, unknown username or wrong password.
> But most important, it helps if you post your smb.conf here.
# Global parameters
[global]
workgroup = CCH
server string = Domain controller
realm = CCH.INTRA
netbios name = DC1
server role = active directory domain controller
dns forwarder = 192.168.50.1
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate, dns, smb
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
eventlog6, backupkey, dnsserver, winreg, srvsvc
idmap_ldb:use rfc2307 = yes
# Damit die Nutzer sich auch in Linux anmelden können
template shell = /bin/bash
# Homedir in /home
template homedir = /home/%ACCOUNTNAME%
domain logons = yes
logon script = logon.cmd
[netlogon]
path = /var/lib/samba/sysvol/cch.intra/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
acl_xattr:ignore system acls = yes
> And before deleting your domain, if you do the same, you end up with
> the same problem.
>
>
>
> The “old PC” i guess windows 7?
>
> The New PC, i guess windows 10?
All PCs use Windows 7.
> Static ip of DHCP ip?
All PCs with DHCP.
Thanks
Luca Bertoncello
(lucabert at lucabert.de)
More information about the samba
mailing list