[Samba] AD accounts not available to OS
Rowland Penny
rpenny at samba.org
Sat Dec 10 15:09:09 UTC 2016
On Sat, 10 Dec 2016 14:37:11 +0000
Philippe LeCavalier <support at plecavalier.com> wrote:
> On Sat, Dec 10, 2016 at 9:10 AM Rowland Penny via samba <
> samba at lists.samba.org> wrote:
>
> > On Sat, 10 Dec 2016 13:56:38 +0000
> > Philippe LeCavalier <support at plecavalier.com> wrote:
> >
> > > The main docs page, really? That's not helpful at all.
> > >
> > > On Sat, Dec 10, 2016 at 3:04 AM Rowland Penny via samba <
> > > samba at lists.samba.org> wrote:
> > >
> > > > On Sat, 10 Dec 2016 02:00:53 +0000
> > > > Philippe LeCavalier via samba <samba at lists.samba.org> wrote:
> > > >
> > > > > Hey guys,
> > > > >
> > > > > I'm setting up a Samba 4 AD DC server on Debian 8 (see pkg
> > > > > list below).
> > > > >
> > > > > Things are working relatively well except that I'm concerned
> > > > > that the domain accounts are not available to the OS. ie
> > > > > getent group "Domain Admins" returns nothing.
> > > > >
> > > > > I've implemented roaming profiles which is working very well
> > > > > but redirected folders are not and I'm thinking it's a
> > > > > permissions issue relating back to the OS not seeing the
> > > > > domain users/groups.
> > > > >
> > > > > I'm a long time Samba NT domain admin but this is my first
> > > > > brush with Samba as a true AD DC. I do also have extensive
> > > > > knowledge of Windows AD DC's from back in the day.
> > > > >
> > > > > samba 2:4.2.10+dfsg-0+deb8u
> > > > > winbind 2:4.2.10+dfsg-0+deb8u
> > > > > Debian 3.16.36-1+deb8u2
> > > > > Whatever other pkg info is required just ask.
> > > > >
> > > > > Thanks in advance!
> > > >
> > > > Go and read this:
> > > >
> > > > https://wiki.samba.org/index.php/Main_Page
> > > >
> > > > Rowland
> > > >
> > > > --
> > > > To unsubscribe from this list go to the following URL and read
> > > > the instructions: https://lists.samba.org/mailman/options/samba
> > >
> >
> > It is a darn sight more helpful than the info you provided to try
> > and get your problem fixed, but lets try going a bit deeper into
> > the wiki, see here:
> >
> >
> > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
> > and
> > https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
> >
> > They should supply you with enough info to fix your problem.
> >
> > Rowland
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
>
> I provided what I thought was relevant and stated if more info was
> needed to just ask. Instead, you just refer me to the main page of
> the wiki. I don't know why you assume I didn't comb through the
> entire wiki looking for the answer to my problem. Naturally, that's
> the first thing I did. Also, I went through all the config related to
> NIS and Winbind and cannot find anything that would lead me to think
> the OS shouldn't see the domain groups and users. I checked the logs,
> still no errors related to that.
>
> Can we get past this? I don't know what you expect from me? I'm
> asking for help. What is it that you're missing from me to actually
> help me?
Lets start with your smb.conf and whether you have given any of your
users a uidNumber attribute and any groups a gidNumber attribute.
Have you installed any packages other than the ones you mentioned
earlier.
Rowland
More information about the samba
mailing list