[Samba] SAMBA not working as AD member server
John Rykala
rykalaja at gmail.com
Tue May 5 07:38:24 MDT 2015
I am trying to get SAMBA working as a member server with a Windows
2008R2 AD server, CentOS 6.6 and Samba 3.6
The two following commands work fine:
kinit administrator at TESTNET.LOCAL
net ads join –U administrator
however wbinfo -u only shown local accounts
and getent passwd returns nothing. Any help would be appreciated.
krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = TESTNET.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifefime = 36000
forwardable = true
krb4_convert = false
}
smb.conf
[global]
workgroup = TESTNET
realm = TESTNET.LOCAL
security = ADS
domain master = no
local master = no
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind refresh tickets = yes
winbind expand groups = 4
winbind normalize names = Yes
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config TESTNET : backend = ad
idmap config TESTNET : schema_mode = rfc2307
idmap config TESTNET : range = 10000-99999
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
disable spoolss = yes
preferred master = no
server string = Samba Server %v
log level = 3
log file = /var/log/samba/%m
max log size = 25
[common]
comment = Common Files
path = /sharedrives/common
valid users = @"Domain Users"
force group = "Domain Users"
directory mode = 0770
create mode = 0660
force create mode = 0660
browseable = yes
read only = no
More information about the samba
mailing list