[Samba] samba winbind error "host is not configured as a member server"

kartheek katakam katakamkartheek at gmail.com
Mon Apr 23 12:40:27 MDT 2012 

hello,

I had weird issues that I am running into.
1. I have manually updated "security = ads" entry in /etc/samba/smb.conf
but when I run testparm on the samba configuration file I didnot notice
this security line,its not just one line and I have noticed few other lines
missing, sure what going on !!!

[root at LinuxADtest samba]# testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]

workgroup = ADLINUX

        realm = ADLINUX.TEST.COM

        server string = Samba Server Version %v

        password server = ADLINUX.TEST.COM

        log file = /var/log/samba/log.%m

        max log size = 50

        idmap uid = 10000-20000

        idmap gid = 10000-20000

        winbind separator = +

        winbind cache time = 10

        winbind enum users = Yes

        winbind enum groups = Yes

        winbind use default domain = Yes

        winbind nss info = rfc2307

        idmap config ADLINUX:cache time = 1800

        idmap config ADLINUX:schema_mode = rfc2307

        idmap config ADLINUX:range = 10000-20000

        idmap config ADLINUX:default = yes

        idmap config ADLINUX:backend = ad

[root at LinuxADtest samba]#


Here is the truncated o/p for smb.conf file

more /etc/samba/smb.conf

# specifiy it as a per share option as well

#

        workgroup = ADLINUX

        server string = Samba Server Version %v

        realm = ADLINUX.TEST.COM

        security = ads

        password server = ADLINUX.TEST.COM

        winbind nss info = rfc2307

        idmap backend = tdb

        idmap uid = 10000-20000

        idmap gid = 10000-20000

        idmap config ADLINUX:backend = ad

        idmap config ADLINUX:default = yes

        idmap config ADLINUX:range = 10000-20000

        idmap config ADLINUX:schema_mode = rfc2307

        idmap config ADLINUX:cache time = 1800

;       template shell = /bin/bash

;       template homedir = /home/%U

        winbind use default domain = yes

        winbind offline logon = false

        winbind enum users = yes

        winbind enum groups = yes

        winbind cache time = 10

        winbind nested groups = yes

        winbind separator = +





;       netbios name = MYSERVER

------------------------------------------------------

2. when I trying to join the domain, I am getting this error message

[root at LinuxADtest ~]# net ads join -U 5483

Host is not configured as a member server.

Invalid configuration.  Exiting....

Failed to join domain: This operation is only allowed for the PDC of the
domain.

[root at LinuxADtest ~]#

Thanks & Regards,

More information about the samba mailing list