[Samba] Samba as AD-Controller: unable to update policies and call start scripts
L.P.H. van Belle
belle at bazuin.nl
Fri Apr 8 08:00:13 UTC 2016
Anmeldung fehlgeschlagen: unbekannter Benutzername oder falsches Kennwort.
And you did login in the domain with a domain user?
Looks like it you did not.
So try this from the pc which give the problem.
net use x: \\cch.intra\sysvol /user:CCH\username
Did it work?
Ow and one i forgot..
Did you check the time on the pc and server, these must be in sync.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Luca Bertoncello
> Verzonden: vrijdag 8 april 2016 9:34
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba as AD-Controller: unable to update policies
> and call start scripts
>
> Zitat von "L.P.H. van Belle" <belle at bazuin.nl>:
>
> > This is correct
> >
> >>> that gpupdate tries to copy somethings from \\cch.intra\sysvol and
> >>> not from \\dc1\sysvol...
> >
> >>> There a no server with name cch.intra, this is just the Realm...
> >
> > No not REALM, but DNSdomain but with the same name as the REALM.
>
> OK, I'm not expert in Samba as AD...
>
> > You ?should? be able to ?ping cch.intra? or browse to \\cch.intra
>
> ping yes, browse not. Or better, I can see the shares, but not access
> them!
>
> > if not, then your missing dns records.
>
> I'm not sure, I undestood your sentence, sorry...
>
> > If you have only windows users accessing sysvol
> >
> > Change your sysvol to
> >
> >
> >
> >> [sysvol]
> >
> >> path = /usr/local/samba/var/locks/sysvol
> >
> >> read only = No
> >
> >> acl_xattr:ignore system acls = yes
> >
> >
> >
> > Which helps, because you can set better windows ACLs.
>
> It doesn't...
>
> From Windows I tried:
>
> dir \\dc1\sysvol
>
> and I got data, but
>
> dir \\cch.intra\sysvol
>
> returns:
>
> Anmeldung fehlgeschlagen: unbekannter Benutzername oder falsches Kennwort.
>
> PCs are in German...
> Translated is the error: unable to login, unknown username or wrong
> password.
>
> > But most important, it helps if you post your smb.conf here.
>
> # Global parameters
> [global]
> workgroup = CCH
> server string = Domain controller
> realm = CCH.INTRA
> netbios name = DC1
> server role = active directory domain controller
> dns forwarder = 192.168.50.1
> server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate, dns, smb
> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
> eventlog6, backupkey, dnsserver, winreg, srvsvc
> idmap_ldb:use rfc2307 = yes
>
>
> # Damit die Nutzer sich auch in Linux anmelden können
> template shell = /bin/bash
> # Homedir in /home
> template homedir = /home/%ACCOUNTNAME%
>
> domain logons = yes
> logon script = logon.cmd
>
> [netlogon]
> path = /var/lib/samba/sysvol/cch.intra/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
> acl_xattr:ignore system acls = yes
>
> > And before deleting your domain, if you do the same, you end up with
> > the same problem.
> >
> >
> >
> > The ?old PC? i guess windows 7?
> >
> > The New PC, i guess windows 10?
>
> All PCs use Windows 7.
>
> > Static ip of DHCP ip?
>
> All PCs with DHCP.
>
> Thanks
> Luca Bertoncello
> (lucabert at lucabert.de)
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list