[Samba] Setting Win ACLs via Comp Managment, connection to Member Server warning

Rowland Penny rpenny at samba.org
Tue Feb 21 21:23:04 UTC 2017

On Tue, 21 Feb 2017 14:58:34 -0600
Lin Pro <linforpros at gmail.com> wrote:

> Here are ADDC files you requested to help me out:

OK, make /etc/krb5.conf on both machines look like this:

 default_realm = SIOUXFALLS.SAMDOM.ORG
 dns_lookup_realm = false
 dns_lookup_kdc = true

On the domain member smb.conf, move:

vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes

to [global] from the [eACLshare]

remove these lines from [users]

    force create mode = 0600
    force directory mode = 0700

those are the only problems I can see in your conf files.

Provide your users have uidNumber attributes inside the '10000-999999'
range and Domain Users and Domain Admins have gidNumber attributes
inside the same range it should work.

How is the Windows Server 2012 R2 joined to the domain ?


More information about the samba mailing list