Error in Setup File Server Cluster with Samba
GiangCoi Mr
ltrgiang86 at gmail.com
Mon Jun 19 13:28:13 UTC 2017
Hi Martin.
Today, I configured Samba for authentication User Active Directory, in my
configure below:
--------------
vim /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = GIANG.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
---------------
vim /etc/samba/smb.conf
clustering = yes
log file = /var/log/samba/log.%m
max log size = 50
workgroup = GIANG
realm = GIANG.LOCAL
netbios name = FILESERVER
security = ads
idmap config GIANG:range = 100000-200000
idmap config GIANG:backend = autorid
idmap config * : backend = autorid
idmap config * : range = 200001-299999
[share]
comment = Gluster and CTDB based share
path = /data/share
read only = no
writable = yes
valid users = +"domain users"
create mask = 0660
directory mask = 0770
---------------
vim /etc/nsswitch.conf
passwd: files winbind
shadow: files
group: files winbind
--------------------
vi /data/lock/ctdb
CTDB_RECOVERY_LOCK=/data/lock/lockfile
#CIFS only
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
CTDB_MANAGES_SAMBA=yes
CTDB_MANAGES_WINBIND=yes
#CIFS only
CTDB_NODES=/etc/ctdb/nodes
1.
When I restart CTDB and join:
kinit administrator at GIANG.LOCAL
net join ads -U administrator
It's OK
Both 2 file server 01,02 can join OK,
- I use command: "wbinfo -u" --> It show username in AD.
- I use command: "getent passwd" --> It didn't show username in /etc/passwd
2.
When I create username on AD and I use "wbinfo -u" --> it didn't show new
username. how I can sync immediately username from AD?
3.
When I access file with user AD (example: GIANG\test1), I cannot access to
folder /data/share to write and read file.
I read a article from "
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member" but I
think I am wrong to configure samba.
Please help me to fix it. Thanks so much Martin
Regards,
Giang
2017-06-01 11:07 GMT+07:00 GiangCoi Mr <ltrgiang86 at gmail.com>:
> Dear Martin.
> I am sorry, Private network is 172.17.0.0/24.
>
> I will setup real network with physical device for this test case. And I
> will configure again Samba Cluster with AD. Thanks so much for your support.
>
> Regards,
> Giang
>
> 2017-06-01 10:59 GMT+07:00 Martin Schwenke <martin at meltin.net>:
>
>> Hi Giang,
>>
>> On Wed, 31 May 2017 20:12:25 +0700, GiangCoi Mr <ltrgiang86 at gmail.com>
>> wrote:
>>
>> > In my diagram. I forgot to figure eth2 for CTDB and eth3 for GlusterFS
>> but
>> > in real. I use private network (172.16.0.0/24) for CTDB
>>
>> I don't see any routes for 172.16.0.0/24 in the "route -n" output you
>> sent. Something looks wrong there.
>>
>> > Because I am using vmware workstation for testing File Cluster, so I
>> only
>> > way: use ifdown eth0 to test. I will test in real network in my company
>> for
>> > this situation. By the way, can you give me instruction to integrated
>> File
>> > Cluster Samba to Window Active Directory for authenticating user.
>> Thanks so
>> > much
>>
>> This is generally no different to setting up non-clustered Samba
>> against an AD server.
>>
>> The main issue when clustering is consistent ID mapping across the
>> cluster.
>> Please see https://wiki.samba.org/index.php/Configuring_clustered_Samba
>> for this.
>>
>> Good luck!
>>
>> peace & happiness,
>> martin
>>
>
>
More information about the samba-technical
mailing list