[Samba] Trouble Using Samba 3.5.6 in ADS Domain

Robert Einsle robert at einsle.de
Wed Feb 23 17:00:36 MST 2011

Hy List,

i try to use a newly installed Samba 3.5.6 in an ADS Domain.

firstly i configured kerberos, it works. I can "kinit administrator",
"klist", works.

secondly i configured samba:


--- cut ---
   workgroup = KINDER
   netbios name = DSCHUNGEL
   realm = KINDER.LAN
   security = ADS
   wins server =
   passdb backend = tdbsam
   load printers = yes
   printing = cups
   printcap name = cups
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   create mask = 0775
   directory mask = 0775
   dos charset = ISO8859-1
   idmap backend = ad
   winbind nss info = rfc2307
   winbind enum users = Yes
   winbind enum groups = Yes
   winbind use default domain = Yes
   winbind nested groups = Yes
   idmap uid = 2500-20000
   idmap gid = 2500-20000
   template shell = /bin/bash
   dns proxy = no
   encrypt passwords = true
   preferred master = no
   template homedir = /home/%U
   enhanced browsing = no
--- cut ---

After "net ads join -U administrator" i can query Users from ads with
"wbinfo -u" and groups witch "wbinfo -g"

The next step will be that Users can login to the Server.

--- cut ---
passwd:         compat winbind
group:          compat winbind
shadow:         compat winbind
--- cut ---

But a "getent passwd" dont shows me users from the ADS.

Is anything missing?

I've done it with this article:

Any hints?

Thanks a lot



Robert Einsle
robert at einsle.de

More information about the samba mailing list