[Samba] Domain Member server - Domain users don't get access
steve
steve at steve-ss.com
Wed Feb 12 01:10:14 MST 2014
On Tue, 2014-02-11 at 16:15 -0800, Shane Robinson wrote:
> Hello list!
>
>
>
> I have a newish Samba 4.1.4 (from git) AD DC running in an Ubuntu Precise
> KVM guest. It seems to be running well. Recent list posts have led me to set
> up a second instance of samba/ubuntu as a file server. Like the domain
> controller, Samba was built from git, but then it was configured using the
> "Samba/Domain Member" wiki. I added the sfu attributes to a few users/groups
> using ADUC, but I don't see that mentioned as a requirement (Is it a
> requirement?).
If you want getent to work, you don't _have_ to add the sfu stuff.
uidNumber and gidNumber are sufficient.
>
>
>
> My domain name is internal.simpeq.ca, the DC's name is Samba2, and the new
> file server's name is FS2. I start the services with a script that runs
> winbindd, then smbd, then nmbd, in that order.
>
>
>
> Wbinfo -u and wbinfo -g work well, enumerating all domain users and groups.
>
>
>
> Kinit works.
>
>
>
>
>
> $ getent passwd INTERNAL\\administrator
>
> AND
>
> getent group INTERNAL\\hrall
>
>
>
> . give nothing.
>
>
>
> An strace of getent revealed that /lib64 was never queried for
> libnss_winbind.so, but /usr/lib/x86_64-linux-gnu was, so I relinked
> libnss_winbind.so to that folder.
>
> (Is this incorrect, or shall I update the Wiki with this information for
> Ubuntu users?)
>
> am
The wiki is for 32 bit non-Debian distros only.
How did you join FS2?
Could you post:
The content of its keytab
The DN of INTERNAL\administrator
Cheers,
Steve
More information about the samba
mailing list