[Samba] Few questions about members

Steve Campbell campbell at cnpapers.com
Thu Jun 5 13:18:55 MDT 2014

On 6/5/2014 3:05 PM, steve wrote:
> On Thu, 2014-06-05 at 14:45 -0400, Steve Campbell wrote:
> .
>> Unfortunately, we still have no access to the shares on the member
>> server, either from a network neighborhood or the administrative tools
>> on a windows machine. We get "permission denied" from any method we try
>> to use or update the share.
>> For now, I've got 777 permissions on the folder.
>> I'm just so hopelessly lost on this.
>> steve
> network neighbourhood doesn't works against a dc.
Trying to use/mount/do anything with a share on a member server.
> What stage are we at:
> klist -k
]# klist -k
Keytab name: FILE:/etc/krb5.keytab
klist: No such file or directory while starting keytab scan

This occurs on both AD and member. Not sure which I should run it on.

> net ads testjoin -UAdministrator
On the member:
# net ads testjoin -UAdministrator
Join is OK

> please post the latest smb.conf

    netbios name = STORAGE
    workgroup = TS
    security = ADS
    realm = TS.MYSTUFF.COM
    encrypt passwords = yes

    idmap config *:backend = tdb
    idmap config *:range = 70001-80000
    idmap config TS:backend = ad
    idmap config TS:schema_mode = rfc2307
    idmap config TS:range = 500-40000

    winbind nss info = rfc2307
    winbind trusted domains only = no
    winbind use default domain = yes
    winbind enum users  = yes
    winbind enum groups = yes

    log file = /var/log/samba/samba.log

    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    path = /opt/testshare
    read only = no
    browseable = yes
    available = yes

> Cheers

More information about the samba mailing list