[Samba] Few questions about members

steve steve at steve-ss.com
Thu Jun 5 13:27:30 MDT 2014 

On Thu, 2014-06-05 at 15:18 -0400, Steve Campbell wrote:
> On 6/5/2014 3:05 PM, steve wrote:
> > On Thu, 2014-06-05 at 14:45 -0400, Steve Campbell wrote:
> > .
> >> Unfortunately, we still have no access to the shares on the member
> >> server, either from a network neighborhood or the administrative tools
> >> on a windows machine. We get "permission denied" from any method we try
> >> to use or update the share.
> >>
> >> For now, I've got 777 permissions on the folder.
> >>
> >> I'm just so hopelessly lost on this.
> >>
> >> steve
> > network neighbourhood doesn't works against a dc.
> Trying to use/mount/do anything with a share on a member server.
> >
> > What stage are we at:
> > klist -k
> ]# klist -k
> Keytab name: FILE:/etc/krb5.keytab
> klist: No such file or directory while starting keytab scan
> 
> This occurs on both AD and member. Not sure which I should run it on.
> 
> 
> > net ads testjoin -UAdministrator
> On the member:
> # net ads testjoin -UAdministrator
> Join is OK
> 
> >
> > please post the latest smb.conf
> [global]
> 
>     netbios name = STORAGE
>     workgroup = TS
>     security = ADS
>     realm = TS.MYSTUFF.COM
>     encrypt passwords = yes
> 
>     idmap config *:backend = tdb
>     idmap config *:range = 70001-80000
>     idmap config TS:backend = ad
>     idmap config TS:schema_mode = rfc2307
>     idmap config TS:range = 500-40000
> 
>     winbind nss info = rfc2307
>     winbind trusted domains only = no
>     winbind use default domain = yes
>     winbind enum users  = yes
>     winbind enum groups = yes
> 
>     log file = /var/log/samba/samba.log
> 
>     vfs objects = acl_xattr
>     map acl inherit = Yes
>     store dos attributes = Yes
> 
> [demoshare]
>     path = /opt/testshare
>     read only = no
>     browseable = yes
>     available = yes
> 
> > Cheers
> Thanks
> steve

We are talking about the member.
Add the line:
kerberos method = system keytab
to [global]
and run:
net ads keytab create -UAdministrator

now:
commands
hostname -f
hostname -s
hostname
klist -k

list the contents of:
/etc/hosts
/etc/hostname
/etc/resolv.conf
/etc/krb5.conf

Steve

More information about the samba mailing list