[Samba] W7 client cannot adjust file permissions via ADUC

Rowland Penny rowlandpenny at googlemail.com
Fri Jan 30 14:12:56 MST 2015

On 30/01/15 20:48, Bob of Donelson Trophy wrote:
> Okay, added 'gidNumber: 10000' to the domain users group on DC1. (Was
> within my range 500-40000.)
> getnet passwd [user] returns nothing on DC1.
> W7 client still a "no".
> And now?

Have you tried getent on the member server ?

Lets forget W7 for the moment, get the Unix side working and then go to W7.

If I run getent on the DC I get this:

root at dc01:~# getent passwd rowland
EXAMPLE\rowland:*:10000:10000:Rowland Penny:/home/HOME/rowland:/bin/bash

So lets check a few files:

/etc/resolv.conf should point to itself, I use

search example.com

/etc/krb5.conf should contain this:

         default_realm = EXAMPLE.COM
         dns_lookup_realm = false
         dns_lookup_kdc = true


should have these two lines set like this:

passwd:         compat winbind
group:          compat winbind

Finally can you run:


I have these enabled.

  Kerberos authentication
  Unix authentication
  Winbind NT/Active Directory authentication
  GNOME Keyring Daemon - Login keyring management
  ConsoleKit Session Management
  Inheritable Capabilities Management


More information about the samba mailing list