[Samba] Samba 3.6 AD Domain Member

Greg Zartman gzartman at koozali.org
Sun Feb 22 20:09:38 MST 2015

I'm playing around with Domain Membership to a WIndows 2012 AD Server.  It
appears I'm able to join the AD domain, but the domain member doesn't seem
to authenticate anything against the DC once joined.  Here is my smb.conf

  netbios name = Member
  workgroup = ZARTMAN
  security = ADS
  dedicated keytab file = /etc/krb5.keytab
  kerberos method = secrets and keytab

   idmap config *:backend = tdb
   idmap config *:range = 2000-9999
   idmap config SAMDOM:backend = ad
   idmap config SAMDOM:schema_mode = rfc2307
   idmap config SAMDOM:range = 10000-99999

   winbind nss info = rfc2307
   winbind trusted domains only = no
   winbind use default domain = yes
   winbind enum users  = yes
   winbind enum groups = yes
   winbind refresh tickets = Yes

   path = /var/data/share1
   read only = no

Pretty simple setup.

If I try and browse to the Member machine from a domain client, it asks me
for a password and then errors out.  From the Samba machine (domain member)
I try to pull up the local status:

[root at Samba_3 /opt/local/etc/samba]# smbclient -L localhost -U
Enter zartman/admin's password:
Domain=[ZARTMAN] OS=[Unix] Server=[Samba 3.6.18]
tree connect failed: NT_STATUS_PIPE_BROKEN

I'm having a hard time troubleshooting this to figure out where the problem


Greg J. Zartman
Board Member

Koozali SME Server

SME Server user, contributor, and community member since 2000

More information about the samba mailing list