[Samba] ADS domain member: winbind fails
Stefan G. Weichinger
lists at xunil.at
Fri Dec 30 13:26:01 UTC 2016
Am 2016-12-30 um 14:07 schrieb Rowland Penny via samba:
> Is this the smb.conf you got when you ran the classicupgrade ?
> I don't think it is, can I suggest you remove any and all lines you
> have added and restart samba
that was the output of testparm
smb.conf on DC:
[global]
workgroup = ARBEITSGRUPPE
realm = arbeitsgruppe.secret.tld
netbios name = BACKUP
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
dns forwarder = 10.0.0.254
[netlogon]
path = /var/lib/samba/sysvol/arbeitsgruppe.secret.tld/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
--
root at backup:/etc/samba# cat /etc/resolv.conf
search arbeitsgruppe.secret.tld
nameserver 10.0.0.224
root at backup:/etc/samba# cat /etc/krb5.conf
[libdefaults]
default_realm = ARBEITSGRUPPE.SECRET.TLD
dns_lookup_realm = false
dns_lookup_kdc = true
--
editing the resolv.conf(s) helped in stabilizing RSAT editing
winbindd on member still fails, I left and rejoined ...
--
although I see users and GPOs on the member, etc (via net ads)
# net ads info
LDAP server: 10.0.0.224
LDAP server name: backup.arbeitsgruppe.secret.tld
Realm: ARBEITSGRUPPE.SECRET.TLD
Bind Path: dc=ARBEITSGRUPPE,dc=SECRET,dc=TLD
LDAP port: 389
Server time: Fr, 30 Dez 2016 14:24:25 CET
KDC server: 10.0.0.224
Server time offset: 0
More information about the samba
mailing list