[Samba] User home directory UID:GID incorrect on VM Samba 4 AD client
steve at steve-ss.com
Thu Oct 24 01:31:38 MDT 2013
On Wed, 2013-10-23 at 21:21 -0600, Paul R. Ganci wrote:
> On 10/22/2013 02:24 AM, steve wrote:
> > smb.conf
> > remove:
> > idmap_ldb:use rfc2307 = yes
> > and you need a keytab, so add:
> > kerberos method = system keytab
> > before you do the rejoin below.
> > The rid db is wrong after the upgrade. Leave the domain, then delete all
> > the tdb's (I think they're in /var/lib/samba on CentOS). Then rejoin.
> Here is what fixed my issue. On the client side smb.conf I did the
> idmap_ldb:use rfc2307 = yes
> kerberos method = system keytab
> as suggested. I also issued the shell commands
> > net ads keytab create -U Administrator
> > /etc/rc.d/init.d/sernet-samba-smbd restart
> > /etc/rc.d/init.d/sernet-samba-nmbd restart
> > /etc/rc.d/init.d/sernet-samba-winbindd restart
> on each client to create the necessary /etc/krb5.keytab file and restart
> all the samba daemons.
> These actions fixed the problem. It turns out that I did not have to
> remove the .tdb files in the end.
> > If you really must use nfs then ignore the following:
> > Now export using cifs:
> > auto.home
> > * -fstype=cifs,sec=krb5,multiuser,username=VMMACHINEKEY
> > $ ://the.share.for.home/&
> I used both the nfs and cifs auto.home methods and both work. I did
> switch over to using cifs version.
> My intention is to switch over to the AD backend. I have to add all the
> proper posix attributes to the /var/lib/samba/private/sam.ldb database.
> But after I get that working I should then be able to switch over to
> sssd for the linux clients.
> Steve, many thanks for helping solve the immediate problem. Your help
> was greatly appreciated.
No problem. Good to know we got you along the right lines and up. Your
ambition to switch to sam.ldb and sssd is to be recommended.
Just one curiosity you may be able to comment on: any speed differences
with the nfs to cifs changeover?
More information about the samba