[Samba] Samba as Domain Member

Dale Schroeder dale at BriannasSaladDressing.com
Mon Jun 17 13:17:36 MDT 2013


I believe you need to add in [global]

winbind enum users = Yes
winbind enum groups = Yes

Dale

On 06/17/2013 9:41 AM, Zane Zakraisek wrote:
> I have Samba 4.6.6 running as an ADDC and all is working great. I have a
> Samba 3.6.9 File Server that I want to join to the domain. I have gone
> through the steps but am having issues.
>
> In my smb.conf file I have added the following
> realm = my.domain
> security = ads
> encrypt passwords = yes
>
> I edited my Kerberos file
> [libdefaults]
>          default_realm = MY.DOMAIN
>          dns_lookup_kdc = true
> [realms]
>          ZAKRAISEK.COM = {
>          kdc = server.my.domain
>          }
> [domain_realms]
>          .kerberos.server = MY.DOMAIN
>
> I installed winbind and edited my nsswitch.conf to add winbind options.
>
> The book that I went off to set this up says to use the idmap uid and idmap
> gid options, but to my knowledge these were deprecated a while ago so I did
> not include them.
>
> I did net join -U administrator, and it joined fine. If I look in Active
> Directory Users and Computers, I can see a computer account created for the
> Linux machine.
>
> I ran net ads testjoin, all is good here, no errors
> I ran wbinfo -p, all is good here, no errors
> I ran wbinfo -t, all is good here, no errors
> lastly I ran wbinfo -a "MY.DOMAIN\user", typed the password, and everything
> worked successfully
>
> The samba book I'm using then says to run getent passwd "My.DOMAIN\user"
> Here is where the error is. I can not seem to get any domain accounts to
> work with this command. If I run getent passwd by itself, it displays a
> list of all my local accounts on the machine, but no domain ones. Did I
> miss a step



More information about the samba mailing list