[Samba] samba 4.1.17 on raspberry pi as ad dc - first good results!
Rowland Penny
rowlandpenny at googlemail.com
Thu Mar 12 16:39:32 MDT 2015
On 12/03/15 22:31, Matthias Busch wrote:
> RESULT!
>
> ~# kinit administrator at MY-DOMAIN.LOCAL
> Password for administrator at MY-DOMAIN.LOCAL:
> Warning: Your password will expire in 41 days on Thu Apr 23 16:57:35 2015
>
> !!!!
>
> ---
>
> I should have listened to you guys much sooner. I suspect that the
> .local did indeed have something to do with it since mDNS was running
> and may have screwed with dns resolution for *.local. tlds?
>
> additionally, I adjusted the /etc/krb5.conf file according to Peters
> suggestion.
> rowland says I only need the top four lines? samba generated a
> krb5.conf file for me with only those 4 lines.
> the longer one is working now, is there a reason for why the shorter
> one would be better?
>
> ---
>
>> Btw, we would like to check the smb.conf, too..
>
> I posted my entire smb.conf this afternoon already.
>
> ---
>
>> and yes, you do need winbind adding to the passwd & group lines in
>> /etc/nsswitch.conf, but you need more, see the wiki page I posted
>> earlier.
>
> looking into that next!
>
> ---
> >> syslog paste...
>
> > There is something going on there, how are you starting samba ?
>
> via init.d script / on boot
> see first post for where I got the script from and how I edited it...
>
>> OH yes you do!
>> tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 2239/samba
>> udp 0 0 192.168.7.254:88 0.0.0.0:* 2239/samba
>
> ah, I was looking for krb5 or similar process name...
>
> ---
>
>> ipv6
> well, its not exactly enabled. no ipv6 in network/interfaces, none in
> /etc/hosts
> and i am pretty sure I build without ipv6 support.
> if need be I could go deeper into raspbian and see if I can forceable
> disable ipv6
>
> however, in the not too distant future, the possibility to at least
> run a dualstack should exist.
> forcing ipv6 off in the OS would be a step in the wrong direction for
> that :)
>
> ---
>
> just tested...
> I was able to add a win7pro to the domain!
>
>
I could say 'I told you so' but I won't :-)
You only need those 4 lines in krb5.conf, the rest is probably being
ignored, one of the these days I will try and see if it will work with
just the 'default_realm' line.
Rowland
More information about the samba
mailing list