[Samba] DC01 & DC02 differences?
Bob of Donelson Trophy
bob at donelsontrophy.net
Tue Feb 3 05:11:11 MST 2015
As I may have mentioned, I have DC01, DC02 and a member server. I was
looking for differences because I cannot access the member server via
Windows Explorer on a W7 client. I am attempting to follow the
instructions in "Setup and configure file shares with Windows ACLs".
Under "Setup share permissions" when I "Connect to another computer"
Windows security requests my user name and password and denies every
user I have including the domainAdministrator. So, I found no 'winbind'
on DC02 (pam-auth-update) and I am wondering if that has anything to do
with 'no access' to member server. (Also, no 'winbind' in
/usr/share/pam-configs like the DC01.)
I can access DC01 and DC02 thru Windows explorer on the same W7 client
and can "see" there 'sysvol' & 'netlogon' folders but, any access is
being denied to the member server. Therefore I cannot access (for
example) the profiles folder to adjust any user file permissions as
instructed in the wiki.
Bob Wooden of Donelson Trophy
"Everyone deserves an award!!"
On 2015-02-03 01:59, L.P.H. van Belle wrote:
> What i forgot to mention.
> The "maintainence user" is a linux user..
> but what are you trying to do? or whats the goal further..
> -----Oorspronkelijk bericht----- Van: belle at bazuin.nl [mailto:samba-bounces at lists.samba.org] Namens L.P.H. van Belle Verzonden: dinsdag 3 februari 2015 8:46 Aan: samba at lists.samba.org Onderwerp: Re: [Samba] DC01 & DC02 differences? Hai Bob, On my servers, both DC1 and DC2, i see.. PAM profiles to enable: ? ? [*] Kerberos authentication ? ? [*] Unix authentication ? and wbinfo works ok.. wbinfo -u Administrator Guest .... etc .. Yes, both do winbind request, but... I do login only with 1 user on my servers on linux. This is a separated user. samba handles only the windows request.. I keep this separated for security.. No windows user can login for example with ssh on my DC's... its just not allowed. For the i do create a "Maintainence user" But on the member servers i do enable this, there its allowed for some windows users to login with ssh. This all is for the safety on my DC's. Greetz, Louis -----Oorspronkelijk bericht----- Van: bob at donelsontrophy.net
[mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson Trophy Verzonden: maandag 2 februari 2015 20:03 Aan: SAMBA MailList Onderwerp: [Samba] DC01 & DC02 differences? I have created a DC01 & DC02 with Louis's (generation one) scripts. I have noticed, during some testing that 'pam-auth-update' shows PAM profiles Kerberos, Unix & Winbind listed on DC01. The DC02 only lists Kerberos & Unix and Winbind is missing. I thought that the two DC's were suppose to be identical? If DC01 goes "down" DC02 cannot carry a winbind request? Am I miss understanding the principle of two DC's? Louis, what is you "take" on this? -- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com  [1 ] "Everyone deserves an award!!" Links: ------  http://www.donelsontrophy.com  -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba  -- To unsubscribe from this list go t
following URL and read the instructions: https://lists.samba.org/mailman/options/samba 
More information about the samba