[Samba] Samba 4.1.9 member server config in a samba 4 ADS Domain

Rowland Penny rowlandpenny at googlemail.com
Wed Jul 23 03:36:09 MDT 2014


On 23/07/14 09:17, Daniel Müller wrote:
> Solved by RID,
>
> So I throw away rfc2307
> This is my RID configuration working:
>
> netbios name = centclust1
>     workgroup = TPLK
>     security = ADS
>     realm = TPLK.LOC
>     encrypt passwords = yes
>     local master=no
>     idmap config *:backend = tdb
>     idmap config *:range = 700001-80000
> idmap config TPLK:backend = rid
> idmap config TPLK:range = 500-99999
> idmap config TPLK:base_rid =1000
>     template shell= /bin/bash
>     winbind trusted domains only = no
>     winbind use default domain = yes
>     winbind enum users  = yes
>     winbind enum groups = yes
>     acl group control=yes
>     vfs objects =acl_xattr
>     map acl inherit=yes
>     store dos attributes =yes
>
> But I cannot set server services = +smb,+winbind
> If I set winbind samba wil not start with this error:
> [Cannot start Winbind (domain member): Failed to find record for TPLK in
> /usr/local/samba/private/secrets.ldb: No such object: (null): Have you
> joined the TPLK domain?]

The reason that this fails is because you are trying to use something 
that is meant for the samba4 AD DC!
If you haven't got init scripts to start the samba deamons, then you 
need to either find some or write them yourself.

>
> Any hints!!?
> What about the dns entry for the samba4 MemberServer it is not set if I do
> the join!? Is there a way to do this by dnsupdate?

Not sure about this, I run bind9 & DHCP on the samba4 server and as such 
never have this problem, but I am sure that if push came to shove, you 
could script round dnsupdate, but I would think that you have a problem 
on the sever that needs investigation.

Rowland
>
> Daniel
>
>
>
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
> "Der Mensch ist die Medizin des Menschen"
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Daniel Müller
> Gesendet: Mittwoch, 23. Juli 2014 09:26
> An: 'Marc Muehlfeld'; samba at lists.samba.org
> Betreff: Re: [Samba] Samba 4.1.9 member server config in a samba 4 ADS
> Domain
>
> I am trying to implent an MemberServer not a DC. I was looking at:
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> How about RID? Where can I get informations?
>
>
>
> Daniel
>
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Marc Muehlfeld [mailto:mmuehlfeld at samba.org]
> Gesendet: Dienstag, 22. Juli 2014 19:27
> An: mueller at tropenklinik.de; samba at lists.samba.org
> Betreff: Re: [Samba] Samba 4.1.9 member server config in a samba 4 ADS
> Domain
>
> Hello Daniel,
>
> Am 22.07.2014 15:03, schrieb Daniel Müller:
>> I try to setup a samba 4 member server on centos 6.5. The wikis and
>> howtos I have found are very confusing.
> Did you followed
> https://wiki.samba.org/index.php/Join_a_domain_as_a_DC
>
> This explains everything that is needed. But it currently describes the
> usage of RFC2307. If you don't have the Unix account stuff (UID, etc.) in
> your AD and don't want to manage it central, then you can choose a different
> backend like RID.
>
> If this was the HowTo confusing you, then let me know what should be
> explained better and I'll try to improve the documentation. :-)
>
>
>
> About your other questions, I saw Rowland already helping.
>
>
> Regards,
> Marc
>



More information about the samba mailing list