[Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable

Markus Roth markusroth1983 at gmx.net
Thu Aug 28 13:21:07 MDT 2014 

Hi Steve,

yes you're right. With the winbind howto from rowland i had the ad-users via getent passwd. 

ldbedit output for example with the dhcpduser:

# editing 1 records
# record 1
dn: CN=dhcpduser,CN=Users,DC=winnet,DC=local
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: dhcpduser
instanceType: 4
whenCreated: 20140824200551.0Z
uSNCreated: 3963
name: dhcpduser
objectGUID: 97cb6821-18b4-47cf-a6d9-5f73ffa1793e
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 513
objectSid: S-1-5-21-604854294-2647735964-1380626919-1107
logonCount: 0
sAMAccountName: dhcpduser
sAMAccountType: 805306368
userPrincipalName: dhcpduser at winnet.local
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=winnet,DC=local
pwdLastSet: 130533843510000000
memberOf: CN=DnsAdmins,CN=Users,DC=winnet,DC=local
userAccountControl: 66048
accountExpires: 0
whenChanged: 20140824200700.0Z
uSNChanged: 3967
distinguishedName: CN=dhcpduser,CN=Users,DC=winnet,DC=local

smb.conf:

# Global parameters
[global]
        workgroup = WINNET
        realm = WINNET.LOCAL
        netbios name = SERVER1
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
        idmap_ldb:use rfc2307 = yes

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/winnet.local/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

-------------------------------------------------------------------------------------------------------------------------- 
 

Gesendet: Donnerstag, 28. August 2014 um 10:02 Uhr
Von: steve <steve at steve-ss.com>
An: "Markus Roth" <markusroth1983 at gmx.net>
Cc: samba at lists.samba.org
Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
On Wed, 2014-08-27 at 23:19 +0200, Markus Roth wrote:
> Hi Steve,
>
> ok i'm a litte bit confused again :-) how can i do that with ldbmodify? I found something on the samba-wiki https://wiki.samba.org/index.php/Samba4/LDBIntro but i don't know which syntax is correct for me.
>
OK, use ldbedit instead. If you don't know how to use vi then use your
favourite editor:
ldbedit -e your-fave-editor --url=/path/to/samba/private/sam.ldb
cn=markus

where markus is a domain user. It doesn't have to be markus, but it has
to be a user you added with samba-tool or with ADUC.

Oh, and I'm a little confused. You say you have getent working with
winbind with idmap_ad so you must aready have the required attributes.
Could your post smb.conf again, just to make sure and also the output
from the ldbedit

HTH,
Steve

>
>
> Gesendet: Mittwoch, 27. August 2014 um 21:32 Uhr
> Von: steve <steve at steve-ss.com>
> An: "Markus Roth" <markusroth1983 at gmx.net>
> Cc: samba at lists.samba.org
> Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
> On Wed, 2014-08-27 at 21:01 +0200, Markus Roth wrote:
> > Hi Steve,
> >
> > no not manual. I have only done the ./samba-tool domain provision command and then i added the dhcpduser with Rowloands howto. Should i filled in these numbers and if it's so where can i do that?
> >
> Yes.
> ldbmodify
>
> Cheers,
> Steve
>
> > Gesendet: Mittwoch, 27. August 2014 um 13:35 Uhr
> > Von: steve <steve at steve-ss.com>
> > An: "Markus Roth" <markusroth1983 at gmx.net>
> > Cc: samba at lists.samba.org
> > Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
> > On Tue, 2014-08-26 at 20:27 +0200, Markus Roth wrote:
> > > Hi Steve,
> > >
> > > ok i deactivate the dns_update flag in the sssd.conf and did the rm and touch command, but no AD-users with getent passwd. Here is my sssd.conf:
> > >
> > > [sssd]
> > > services = nss, pam
> > > config_file_version = 2
> > > domains = winnet.local
> > > [nss]
> > > [pam]
> > > [domain/winnet.local]
> > > id_provider = ad
> > > auth_provider = ad
> > > access_provider = ad
> > > ldap_id_mapping = False
> > > dyndns_update = False
> > > ad_hostname = server1.winnet.local
> > > ad_server = server1.winnet.local
> > > ad_domain = winnet.local
> >
> > Do you have:
> > uidNumber:
> > gidNumber:
> > attributes filled in for your domain users?
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba[https://lists.samba.org/mailman/options/samba]
>
>


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba[https://lists.samba.org/mailman/options/samba]

More information about the samba mailing list