Error in Setup File Server Cluster with Samba

GiangCoi Mr ltrgiang86 at gmail.com
Mon Jun 19 13:28:13 UTC 2017 

Hi Martin.

Today, I configured Samba for authentication User Active Directory, in my
configure below:
--------------
vim /etc/krb5.conf

[logging]

default = FILE:/var/log/krb5libs.log

kdc = FILE:/var/log/krb5kdc.log

admin_server = FILE:/var/log/kadmind.log



[libdefaults]

default_realm = GIANG.LOCAL

dns_lookup_realm = false

dns_lookup_kdc = true
---------------
vim /etc/samba/smb.conf

clustering = yes

       log file = /var/log/samba/log.%m

       max log size = 50

       workgroup = GIANG

       realm = GIANG.LOCAL

       netbios name = FILESERVER

       security = ads

       idmap config GIANG:range = 100000-200000

       idmap config GIANG:backend = autorid

       idmap config * : backend = autorid

       idmap config * : range = 200001-299999



[share]

        comment = Gluster and CTDB based share

       path = /data/share

       read only = no

       writable = yes

       valid users = +"domain users"

       create mask = 0660

       directory mask = 0770
---------------
vim /etc/nsswitch.conf


passwd:     files winbind

shadow:     files

group:      files winbind
--------------------

vi /data/lock/ctdb

CTDB_RECOVERY_LOCK=/data/lock/lockfile
#CIFS only
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
CTDB_MANAGES_SAMBA=yes
CTDB_MANAGES_WINBIND=yes

#CIFS only
CTDB_NODES=/etc/ctdb/nodes

1.
When I restart CTDB and join:
kinit  administrator at GIANG.LOCAL
net join ads -U administrator
It's OK
Both 2 file server 01,02 can join OK,
- I use command: "wbinfo -u" --> It show username in AD.
- I use command: "getent passwd" --> It didn't show username in /etc/passwd

2.
When I create username on AD and I use "wbinfo -u" --> it didn't show new
username. how I can sync immediately username from AD?

3.
When I access file with user AD (example: GIANG\test1), I cannot access to
folder /data/share to write and read file.

I read a article from "
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member" but I
think I am wrong to configure samba.
Please help me to fix it. Thanks so much Martin

Regards,
Giang




2017-06-01 11:07 GMT+07:00 GiangCoi Mr <ltrgiang86 at gmail.com>:

> Dear Martin.
> I am sorry, Private network is 172.17.0.0/24.
>
> I will setup real network with physical device for this test case. And I
> will configure again Samba Cluster with AD. Thanks so much for your support.
>
> Regards,
> Giang
>
> 2017-06-01 10:59 GMT+07:00 Martin Schwenke <martin at meltin.net>:
>
>> Hi Giang,
>>
>> On Wed, 31 May 2017 20:12:25 +0700, GiangCoi Mr <ltrgiang86 at gmail.com>
>> wrote:
>>
>> > In my diagram. I forgot to figure eth2 for CTDB and eth3 for GlusterFS
>> but
>> > in real. I use private network (172.16.0.0/24) for CTDB
>>
>> I don't see any routes for 172.16.0.0/24 in the "route -n" output you
>> sent.  Something looks wrong there.
>>
>> > Because I am using vmware workstation for testing File Cluster, so I
>> only
>> > way: use ifdown eth0 to test. I will test in real network in my company
>> for
>> > this situation. By the way, can you give me instruction to integrated
>> File
>> > Cluster Samba to Window Active Directory for authenticating user.
>> Thanks so
>> > much
>>
>> This is generally no different to setting up non-clustered Samba
>> against an AD server.
>>
>> The main issue when clustering is consistent ID mapping across the
>> cluster.
>> Please see https://wiki.samba.org/index.php/Configuring_clustered_Samba
>> for this.
>>
>> Good luck!
>>
>> peace & happiness,
>> martin
>>
>
>

More information about the samba-technical mailing list