[Samba] Lost trusted domain in samba-4.4.4
hy wu
wuhysmb at gmail.com
Tue Aug 16 10:18:53 UTC 2016
I have done your suggestions but it didn't work.
2016-07-27 19:13 GMT+08:00 Rowland penny <rpenny at samba.org>:
> On 27/07/16 10:33, hy wu wrote:
>
>>
>> Here is my smb.conf:
>>
>> [/usr/local/samba/var] # cat /etc/config/smb.conf
>> [global]
>>
>> client schannel = false
>> server schannel = false
>> client ipc signing = false
>> client signing = false
>> server signing = false
>> winbind sealed pipes = false
>> require strong key = false
>>
>> passdb backend = smbpasswd
>> workgroup = HC1
>> security = ADS
>> server string =
>> encrypt passwords = Yes
>> username level = 0
>> map to guest = Bad User
>> null passwords = yes
>> max log size = 102400
>> socket options = TCP_NODELAY SO_KEEPALIVE
>> os level = 20
>> preferred master = no
>> dns proxy = No
>> smb passwd file=/etc/config/smbpasswd
>> username map = /etc/config/smbusers
>> guest account = guest
>> directory mask = 0777
>> create mask = 0777
>> oplocks = yes
>> locking = yes
>> disable spoolss = no
>> load printers=yes
>> veto files = /.AppleDB/.AppleDouble/.AppleDesktop/:2eDS_Store/Network
>> Trash Folder/Temporary Items/TheVolumeSettingsFolder/
>> . at __thumb/. at __desc/:2e*/
>> delete veto files = yes
>> map archive = no
>> map system = no
>> map hidden = no
>> map read only = no
>> deadtime = 10
>> server role = auto
>> use sendfile = yes
>> unix extensions = no
>> store dos attributes = yes
>> client ntlmv2 auth = yes
>> dos filetime resolution = no
>> wide links = yes
>> force unknown acl user = yes
>> template homedir = /share/homes/DOMAIN=%D/%U
>> inherit acls = no
>> domain logons = no
>> min receivefile size = 256
>> case sensitive = auto
>> domain master = auto
>> local master = no
>> enhance acl v1 = yes
>> remove everyone = no
>> conn log = no
>> kernel oplocks = no
>> max protocol = SMB2_02
>> lock directory = /share/CACHEDEV1_DATA/.samba/lock
>> state directory = /share/CACHEDEV1_DATA/.samba/state
>> cache directory = /share/CACHEDEV1_DATA/.samba/cache
>> printcap cache time = 0
>> acl allow execute always = yes
>> vfs objects = shadow_copy2 aio_pthread
>> aio read size = 1
>> aio write size = 0
>> pid directory = /var/lock
>> printcap name=/etc/printcap
>> printing=cups
>> show add printer wizard=no
>>
>> realm = hc1.com <http://hc1.com>
>> ldap timeout = 5
>> password server = HOST223.hc1.com <http://HOST223.hc1.com>
>> pam password change = yes
>> winbind enum users = yes
>> winbind enum groups = yes
>> winbind cache time = 1
>> idmap config * : backend = tdb
>> idmap config * : range = 400001-500000
>> idmap config HC1 : backend = rid
>> idmap config HC1 : range = 10000001-20000000
>> idmap config CHILD1 : backend = rid
>> idmap config CHILD1 : range = 30000001-40000000
>> idmap config TREEROOT : backend = rid
>> idmap config TREEROOT : range = 40000001-50000000
>> idmap config HC2 : backend = rid
>> idmap config HC2 : range = 50000001-60000000
>> idmap config CHILD2 : backend = rid
>> idmap config CHILD2 : range = 60000001-70000000
>>
>>
> If you have used the correct patch and are still having the problem, then
> I would suggest you add to the bug report that you are having problems even
> with the patch.
>
> What I can suggest, sit down with a copy of 'man smbconf' and your
> smb.conf, quite a few of your lines could be removed because they are the
> defaults and at least two should be the defaults i.e. I would remove these:
>
> passdb backend = smbpasswd
> password server = HOST223.hc1.com
>
> The first is using a deprecated method and the second is hardcoding the
> server to use, you should allow this to be discovered.
>
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list