[Samba] changing server role = standalone server to 'member server'
steve
steve at steve-ss.com
Wed Apr 2 15:18:16 MDT 2014
On Wed, 2014-04-02 at 16:30 -0400, Carl Wilhelm Soderstrom wrote:
> On 04/02 09:28 , Matteo Cangi wrote:
> > Try to follow
> > https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
> >
> > You need to join ad a domain controller
>
> Thanks for the link!
> I ran
> # samba-tool domain join AD.EXAMPLE.COM DC -Uadministrator --realm=AD.EXAMPLE.COM
> and after removing my old smb.conf file, it created a new one with:
>
> server role = active directory domain controller
>
> when I read the smb.conf man page tho, it really seems to say that this is
> for when the samba server is providing all of the AD services. However, I
> have a Windows AD server I want to get authentication information from.
>
> Also, syslog now tells me that I should start the 'samba' daemon, and not
> the 'smbd' daemon. I thought the 'samba' daemon was only if I wanted to be
> the AD server.
>
> If I need to be a DC in order to join the domain, then what is the "server
> role = member server" for?
Hi
You don't want to join the domain as another DC I don't think. To join
as a member server you need a minimal smb.conf:
[global]
workgroup = EXAMPLE
realm = EXAMPLE.COM
security = ADS
kerberos method = system keytab
now join:
net ads join -UAdministrator
That's it.
You may want to use winbind or nscld or sssd to map uid:gid and other
Unix information e.g.
https://wiki.samba.org/index.php/Samba/Domain_Member
You can now add shares to your smb.conf to serve files to the domain.
HTH
Steve
More information about the samba
mailing list