[Samba] Managing Samba4 shares from Windows "Security Tab Missing"

Bo Kersey bo at vircio.com
Wed Mar 26 07:13:07 MDT 2014 

When I try to manage samba shares from windows, I cannot reliably get the Security Tab to show up.  I have tried many reprovisions, sometimes it works, sometimes not.  I cannot figure out what I'm doing wrong.  

How the domain is provisioned...

samba-tool domain provision \
    --domain=avails \
    --host-name=fs.avails.com \
    --host-ip=10.2.2.1 \
    --adminpass='not2forget!' \
    --dns-backend=BIND9_DLZ \
    --next-rid=10000 \
    --use-xattrs=yes \
    --use-rfc2307 \
    --realm=avails.avails.com \

chgrp bind /var/lib/samba/private/named.conf
net rpc rights grant 'avails\Domain Admins' SeDiskOperatorPrivilege -Uadministrator%'not2forget!'
net rpc rights grant 'avails\Domain Admins' SePrintOperatorPrivilege -Uadministrator%'not2forget!'

smb.conf
[global]
        workgroup = AVAILS
        realm = avails.avails.com
        netbios name = FS.AVAILS.COM
        server role = active directory domain controller
        passdb backend = samba_dsdb
        log file = /var/log/samba/%m.log
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
        idmap_ldb:use rfc2307 = yes
        rpc_server:default = external
        rpc_server:svcctl = embedded
        rpc_server:srvsvc = embedded
        rpc_server:eventlog = embedded
        rpc_server:ntsvcs = embedded
        rpc_server:winreg = embedded
        rpc_server:spoolss = embedded
        rpc_daemon:spoolssd = embedded
        rpc_server:tcpip = no
        idmap config * : backend = tdb
        map acl inherit = Yes
        map archive = No
        map readonly = no
        store dos attributes = Yes
        vfs objects = dfs_samba4, acl_xattr

[netlogon]
        path = /var/lib/samba/sysvol/avails.avails.com/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[home]
        comment = Home Directories
        path = /smbshares/home
        admin users = Administrator
        read only = No

[Profiles]
        comment = Roaming Profile Share
        path = /smbshares/profiles
        admin users = Administrator
        read only = No



-- 
Bo Kersey 
VirCIO - managed network solutions 
4314 Avenue C 
Austin, TX 78751 
phone: (512)374-0500

More information about the samba mailing list