[Samba] changing server role = standalone server to 'member server'
Carl Wilhelm Soderstrom
chrome at real-time.com
Thu Apr 3 13:16:05 MDT 2014
On 04/02 11:18 , steve wrote:
> You don't want to join the domain as another DC I don't think.
Thanks for your clarification.
Almost all the configuration help I find on the web for Samba v4 seems to
be for setting up the Samba server as the AD server, rather than how to join
it to an existing AD server.
> To join
> as a member server you need a minimal smb.conf:
>
> [global]
> workgroup = EXAMPLE
> realm = EXAMPLE.COM
> security = ADS
> kerberos method = system keytab
>
> now join:
> net ads join -UAdministrator
>
> That's it.
Thanks. That *mostly* worked. I did get this error:
root at samba-4:/etc/samba# net ads join -U administrator
Enter administrator's password:
Using short domain name -- EXAMPLEAD
Joined 'SAMBA-4' to dns domain 'ad.example.com'
DNS update failed: NT_STATUS_UNSUCCESSFUL
However it seems like I am bound to the domain, based on what I see in 'net
ads info', 'wbinfo -u' and 'wbinfo -t'.
> You may want to use winbind or nscld or sssd to map uid:gid and other
> Unix information e.g.
> https://wiki.samba.org/index.php/Samba/Domain_Member
Winbind I'm familiar with (mostly in that it seems to break occasionally and
without reason, and then recovers just as mysteriously, tho I'm not entirely
sure it's winbind). The others I am not, and will have to look at.
Thanks again, your message was really helpful!
--
Carl Soderstrom
Systems Administrator
Real-Time Enterprises
www.real-time.com
More information about the samba
mailing list