[Samba] Setting Win ACLs via Comp Managment, connection to Member Server warning

Lin Pro linforpros at gmail.com
Tue Feb 21 20:58:34 UTC 2017

Here are ADDC files you requested to help me out:


/etc/hosts: localhost
/etc/hosts: dc1.siouxfalls.samdom.org dc1

/etc/krb5.conf: default_realm = ${REALM}
/etc/krb5.conf: dns_lookup_realm = false
/etc/krb5.conf: dns_lookup_kdc = true

/etc/resolv.conf:search siouxfalls.samdom.org

/etc/samba/smb.conf:    workgroup = SIOUXFALLS
/etc/samba/smb.conf:    realm = SIOUXFALLS.SAMDOM.ORG
/etc/samba/smb.conf:    netbios name = DC1
/etc/samba/smb.conf:    server role = active directory domain controller
/etc/samba/smb.conf:    dns forwarder =
/etc/samba/smb.conf:    idmap_ldb:use rfc2307 = yes
/etc/samba/smb.conf:    bind interfaces only = yes
/etc/samba/smb.conf:    interfaces = lo ens3
/etc/samba/smb.conf:    path = /var/lib/samba/sysvol/siouxfalls.samdom.org/scri$
/etc/samba/smb.conf:    read only = No
/etc/samba/smb.conf:    path = /var/lib/samba/sysvol
/etc/samba/smb.conf:    read only = No

and here is the Domain Member set of files:


/etc/hosts: localhost
/etc/hosts: ubuntu-dm1.siouxfalls.samdom.org ubuntu-dm1
/etc/hosts:::1 ip6-localhost ip6-loopback
/etc/hosts:fe00::0 ip6-localnet
/etc/hosts:ff00::0 ip6-mcastprefix
/etc/hosts:ff02::1 ip6-allnodes
/etc/hosts:ff02::2 ip6-allrouters
/etc/hosts:ff02::3 ip6-allhosts

/etc/krb5.conf: default_realm = SIOUXFALLS.SAMDOM.ORG
/etc/krb5.conf: dns_lookup_realm = false
/etc/krb5.conf: dns_lookup_kdc = true
/etc/krb5.conf: SIOUXFALLS.SAMDOM.ORG = {
/etc/krb5.conf:         kdc = DC1
/etc/krb5.conf:         admin_server = DC1.SIOUXFALLS.SAMDOM.ORG
/etc/krb5.conf: }
/etc/krb5.conf: krb4_convert = true
/etc/krb5.conf: krb4_get_tickets = false
/etc/resolv.conf:search siouxfalls.samdom.org

/etc/samba/smb.conf:       security = ADS
/etc/samba/smb.conf:       workgroup = SIOUXFALLS
/etc/samba/smb.conf:       realm = SIOUXFALLS.SAMDOM.ORG
/etc/samba/smb.conf:       netbios name = UBUNTU-DM1
/etc/samba/smb.conf:       server role = member server
/etc/samba/smb.conf:       log file = /var/log/samba/%m.log
/etc/samba/smb.conf:       log level = 1
/etc/samba/smb.conf:       idmap config * : backend = tdb
/etc/samba/smb.conf:       idmap config * : range = 3000-7999
/etc/samba/smb.conf:       idmap config SIOUXFALLS:backend = ad
/etc/samba/smb.conf:       idmap config SIOUXFALLS:schema_mode = rfc2307
/etc/samba/smb.conf:       idmap config SIOUXFALLS:range = 10000-999999
/etc/samba/smb.conf:       winbind nss info = rfc2307
/etc/samba/smb.conf:winbind separator = +
/etc/samba/smb.conf:winbind enum users = yes
/etc/samba/smb.conf:winbind enum groups = yes
/etc/samba/smb.conf:winbind use default domain = yes
/etc/samba/smb.conf:path = /srv/samba/TGrassShare
/etc/samba/smb.conf:read only = no
/etc/samba/smb.conf:path = /srv/samba/eACLshare
/etc/samba/smb.conf:read only = no
/etc/samba/smb.conf:vfs objects = acl_xattr
/etc/samba/smb.conf:map acl inherit = yes
/etc/samba/smb.conf:store dos attributes = yes
/etc/samba/smb.conf:    path = /srv/samba/users/
/etc/samba/smb.conf:    read only = no
/etc/samba/smb.conf:    force create mode = 0600
/etc/samba/smb.conf:    force directory mode = 0700

At this moment I am only concerned with eACLshare share. It just does
not work as instructed on the wiki

More information about the samba mailing list