[Samba] W7 client cannot adjust file permissions via ADUC
Rowland Penny
rowlandpenny at googlemail.com
Fri Jan 30 14:12:56 MST 2015
On 30/01/15 20:48, Bob of Donelson Trophy wrote:
>
>
> Okay, added 'gidNumber: 10000' to the domain users group on DC1. (Was
> within my range 500-40000.)
>
> getnet passwd [user] returns nothing on DC1.
>
> W7 client still a "no".
>
> And now?
>
>
Have you tried getent on the member server ?
Lets forget W7 for the moment, get the Unix side working and then go to W7.
If I run getent on the DC I get this:
root at dc01:~# getent passwd rowland
EXAMPLE\rowland:*:10000:10000:Rowland Penny:/home/HOME/rowland:/bin/bash
So lets check a few files:
/etc/resolv.conf should point to itself, I use
search example.com
nameserver 127.0.0.1
/etc/krb5.conf should contain this:
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = true
/etc/nsswitch.conf
should have these two lines set like this:
passwd: compat winbind
group: compat winbind
Finally can you run:
pam-auth-update
I have these enabled.
Kerberos authentication
Unix authentication
Winbind NT/Active Directory authentication
GNOME Keyring Daemon - Login keyring management
ConsoleKit Session Management
Inheritable Capabilities Management
Rowland
More information about the samba
mailing list