[Samba] Help with centos 7, samba, windows ACLs
Rowland Penny
rpenny at samba.org
Thu Mar 7 14:23:26 UTC 2019
Please see inline comments:
On Thu, 7 Mar 2019 15:04:18 +0100
Marco Gemignani <marko.gem at inwind.it> wrote:
> as default
>
> # Global parameters
> [global]
> dns forwarder = 192.168.0.1
> netbios name = ZEUS2
> realm = TECNOGMREALM
> server role = active directory domain controller
> workgroup = TECNOGM
> template shell = /bin/bash
> template homedir = /home/%D/%U
>
> [users]
> path = /home/%D/
> read only = no
> create mask = 0600
> directory mask = 0700
Remove the two lines above, they should not be used on a DC
>
> [netlogon]
> path = /var/lib/samba/sysvol/tecnogmrealm/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>
> than edited /etc/pam.d/password-auth and added;
>
> auth sufficient pam_winbind.so use_first_pass
>
> account [default=bad success=ok user_unknown=ignore]
> pam_winbind.so
>
> password sufficient pam_winbind.so use_authtok
>
> edited vi /etc/nsswitch.conf and added winbind to passw and group
>
Have you read these wiki pages:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Using_the_Domain_Controller_as_a_File_Server
https://wiki.samba.org/index.php/Libnss_winbind_Links
https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
Particularly the middle one.
Rowland
More information about the samba
mailing list