[Samba] Samba4 AD

Sun Feb 7 14:41:35 UTC 2016

Hi list,
I'm trying to configure an AD Server with SAMBA4 (sernet version) and 
want configure a share in the same configuration.

I follow this steps:
1) Domain provisioning (samba-tool)
2) Share section (editing smb.conf)
3) User creation (samba-tool)

After this step I can join the domain without problem.
The problem is when someone tries to get access on share due to 
permission problems.

I think the problem is because on local AD server (where  there is the 
specified share) I can't see domain users with "getent passwd" (the same 
for groups) and I can't give a valid permission on the share path (if I 
set 777 on dir all works but this is not what I want).

How I can get on my AD server user listed in localuser using getent passwd?

this is configuration generated from provisioning:

smb.conf:

[global]
         workgroup = DC1
         realm = DC1.LAN
         netbios name = DC1
         server role = active directory domain controller
         dns forwarder = x.x.x.x

[netlogon]
         path = /var/lib/samba/sysvol/dc1.lan/scripts
         read only = No

[sysvol]
         path = /var/lib/samba/sysvol
         read only = No

Thanks in advance.