Join samba 4.1.7 as member server issues

Thu May 8 04:18:48 MDT 2014

On Thu, 2014-05-08 at 11:12 +0200, Daniele Dario wrote:
> On mer, 2014-05-07 at 17:28 +0200, steve wrote:
> > On Wed, 2014-05-07 at 17:16 +0200, Daniele Dario wrote:
> > > Hi list,
> > > I'm trying to join a new server (samba 4.1.7) on a samba AD domain which
> > > has 2 samba 4.1.0 AD DCs.
> > > 
> > > I started from the wiki page "Setup a Samba AD Member Server" and I'm
> > > using the tarball of 4.1.7 sources downloaded from samba repository but
> > > after the "Build Samba" step I start having issues.
> > > 
> > > 1st: would it be possible that when I run make install the process
> > > created also /etc/samba/{smb.conf,gdbcommands}? If yes which would be
> > > the conf file used? The one in /etc/samba or the one
> > > in /usr/local/samba/etc?
> > 
> > Hi
> > For a default ./configure, the latter.
> > 
> > > 2nd: joining the domain has to be done before to start the daemons am I
> > > right?
> > > 
> > Yes.
> > 
> > > # net ads join -U administrator
> > > Enter administrator's password:
> > > Using short domain name -- SAITEL
> > > Joined 'SRV03' to realm 'saitel.loc'
> > > No DNS domain configured for srv03. Unable to perform DNS Update.
> > > DNS update failed!
> > 
> > Try:
> > - Un-join and add fqdn of the member server to the localhost line in:
> > /etc/hosts
> > 
> > - add:
> > kerberos method = system keytab
> > Re-join.
> > 
> > -remove the samba package from your distribution.
> > 
> > HTH
> > Steve
> > 
> > 
> 
> Thanks Steve,
> seems that I have many problems:
> 1. it was installed samba-common and samba-common-bin packages. Now I
> removed them
> 2. performed net dom unjoin,
>  tried to add fqdn in /etc/hosts, updated
> smb.conf adding kerberos method = system keytab than re-joined to the
> domain but after starting samba (I am using the script listed in
> "InitScript SambaWiki") wbinfo -u nor wbinfo -g worked.
is winbind running?

> 3. looking at which precesses are started from the "InitScript" I saw
> that only smbd and nmbd are started so I manually tried to start
> winbindd -D and than wbinfo -u and wbinfo .g show domain users and
> groups
> 
> At this point I said ok, done but ... :-(
> 
> Trying to run id OneValidDomainUser I get 
> # id daniele
> id: daniele: No such user
> 
> And this is my /etc/nsswitch.conf
> 
> passwd:         compat winbind
> group:          compat winbind
> shadow:         files
> 
> hosts:          files dns
> networks:       files
> 
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
> 
> netgroup:       nis
> 
> so I'm again stuck.
> 
> Can somebody tell me if the winbindd daemon has to be added as one of
> the daemons that has to be started by the InitScript?
winbindd must be running. Leave the init script alone for now and start
them manually so you can remove the script from the equation.
> 
> And what am I doing wrong that explains the fact that id, getent and
> also smbclient -L ... won't work?
getent and id becaue winbindd isn't running.

Do you have uidNumber and gidNumber set in the directory for daniele?
> 
> Thanks in advance,
> Daniele.
>