[Samba] User home directory UID:GID incorrect on VM Samba 4 AD client
Paul R. Ganci
ganci at nurdog.com
Wed Oct 23 21:21:41 MDT 2013
On 10/22/2013 02:24 AM, steve wrote:
> smb.conf
> remove:
> idmap_ldb:use rfc2307 = yes
>
> and you need a keytab, so add:
> kerberos method = system keytab
>
> before you do the rejoin below.
>
> The rid db is wrong after the upgrade. Leave the domain, then delete all
> the tdb's (I think they're in /var/lib/samba on CentOS). Then rejoin.
Here is what fixed my issue. On the client side smb.conf I did the
following:
removed
idmap_ldb:use rfc2307 = yes
added
kerberos method = system keytab
as suggested. I also issued the shell commands
> net ads keytab create -U Administrator
> /etc/rc.d/init.d/sernet-samba-smbd restart
> /etc/rc.d/init.d/sernet-samba-nmbd restart
> /etc/rc.d/init.d/sernet-samba-winbindd restart
on each client to create the necessary /etc/krb5.keytab file and restart
all the samba daemons.
These actions fixed the problem. It turns out that I did not have to
remove the .tdb files in the end.
> If you really must use nfs then ignore the following:
> Now export using cifs:
> auto.home
> * -fstype=cifs,sec=krb5,multiuser,username=VMMACHINEKEY
> $ ://the.share.for.home/&
I used both the nfs and cifs auto.home methods and both work. I did
switch over to using cifs version.
My intention is to switch over to the AD backend. I have to add all the
proper posix attributes to the /var/lib/samba/private/sam.ldb database.
But after I get that working I should then be able to switch over to
sssd for the linux clients.
Steve, many thanks for helping solve the immediate problem. Your help
was greatly appreciated.
-- Paul
More information about the samba
mailing list