[Samba] BUILTIN not mapping on DC
Ryan Bair
ryandbair at gmail.com
Fri Apr 25 13:58:25 MDT 2014
Running 4.1.6-SerNet-RedHat-7.el6 on CentOS 6.5.
I've been bumping my head against GPO issues and am now wondering if its
connected to my BUILTIN groups not mapping on my DC.
For instance on DC:
sh-4.1# wbinfo --gid-info=544
failed to call wbcGetgrgid: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for gid 544
But on a member:
sh-4.1# wbinfo --gid-info=544
BUILTIN\administrators:x:544:
Likewise `getent group BUILTIN\\administrators` fails on the DC.
Any ideas?
Here is my smb.conf:
[global]
workgroup = xxx
realm = xxx
netbios name = SERVER
server role = active directory domain controller
wins support = yes
idmap_ldb:use rfc2307 = yes
winbind nss info = rfc2307
template shell = /bin/sh
dns forwarder = x.x.x.x
server services = -smb +s3fs
dcerpc endpoint servers = -winreg -srvsvc
vfs objects = netatalk
unix extensions = no
tls enabled = yes
tls keyfile = tls/server_AD_DC.key
tls certfile = tls/server_AD_DC.crt
tls cafile = tls/xxx_CA.crt
[netlogon]
path = /var/lib/samba/sysvol/xxx/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
More information about the samba
mailing list