[Samba] winbind winbindd remote desktop
barış tombul
bbtombul at gmail.com
Mon Oct 27 08:43:03 MDT 2014
The file sharing, remote desktop, active directory services in samba
4.1.X versions are working. The remote desktop is not working in samba
4.2rcX versions.
It is waiting at the remote desktop display. Simultaneously, if the
samba service is aborted the remote desktop user can start a session. If
the samba service is started, all other services operate without a problem.
getent passwd
In getent group commands,although the local user and domain users are
enabled in samba 4.1.X versions, only the local users are enabled in
4.2.rcX versions.
It only responds to a command liker "gettent passwd michael command"
The smb.conf file is as below:
[global]
server services = s3fs, winbindd, rpc, nbt, wrepl, cldap, ldap, kdc,
drepl, ntp_signd, kcc, dnsupdate
dcerpc endpoint servers = +winreg +srvsvc +netlogon +samr +epmapper
+rpcecho +lsarpc +dssetup +unixinfo +browser +eventlog6 +backupkey +remote
obey pam restrictions = yes
bind interfaces only = yes
interfaces = ens192 lo
max protocol = smb3
logon path =
logon script =
logon home =
kerberos method = system keytab
name resolve order = wins bcast hosts
server string = Samba Server
security = user
server role = active directory domain controller
netbios name = SAMBA
disable netbios = no
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
workgroup = FACILITY
password server = samba.facility.local
realm = FACILITY.LOCAL
client ldap sasl wrapping = sign
winbind separator = /
winbind enum users = yes
winbind enum groups = yes
winbind expand groups = 1
winbind nss info = rfc2307
winbind nested groups = yes
winbind offline logon = yes
winbind refresh tickets = yes
winbind normalize names = yes
winbind rpc only = yes
winbind sealed pipes = no
winbind trusted domains only = no
winbind cache time = 3600
winbind reconnect delay = 30
winbind max clients = 2000
winbind use default domain = true
hosts allow = ALL, 127.0.0.1
encrypt passwords = yes
machine password timeout = 0
wins proxy = yes
wins support = yes
lanman auth = yes
ntlm auth = yes
client lanman auth = yes
client ntlmv2 auth = yes
client plaintext auth = yes
hostname lookups = no
nt pipe support = yes
dns forwarder = 127.0.0.1
allow dns updates = secure
dns proxy = no
passdb backend = ldapsam:ldap://127.0.0.1/
dead time = 0
nsupdate command = /usr/local/bin/nsupdate -g
dbwrap_tdb_mutexes:* = yes
idmap config ALL:backend = ldapsam:ldap://127.0.0.1/
idmap config ALL:default = yes
idmap config ALL:readonly = yes
idmap_ldb:use rfc2307 = yes
idmap config * : range = 2000000-2999999
idmap config * : backend = ldapsam:ldap://127.0.0.1/
idmap config * : schema_mode = rfc2307
idmap config * : readonly = no
idmap config * : default = yes
idmap config * : range = 2000000-2999999
idmap config * : ldap_url = ldap://127.0.0.1/
idmap config FACILITY : schema_mode = rfc2307
idmap config FACILITY : readonly = no
idmap config FACILITY : backend = ldapsam:ldap://127.0.0.1/
idmap config FACILITY : default = yes
idmap config FACILITY : range = 2000000-2999999
idmap config FACILITY : ldap_url = ldap://127.0.0.1/
ldap admin dn = CN=Administrator,CN=Users,DC=facility,DC=local
ldap suffix = DC=facility,DC=local
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap user suffix = ou=User
ldap ssl = no
ldapsam:trusted = yes
ldapsam:editposix = yes
ldap delete dn = yes
ldap passwd sync = yes
pam password change = yes
passwd program = /usr/local/samba/bin/smbpasswd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
os level = 255
[homes]
comment = Home Directories
path = /mnt/storage/homes/%U
browseable = no
guest ok = no
writable = yes
read only = no
create mask = 0664
directory mask = 0775
valid users = %U
admin users = @"FACILITY\Domain Admins"
More information about the samba
mailing list