[Samba] Must put "server role check:inhibit = yes" in smb.conf
Rowland Penny
rpenny at samba.org
Thu Jun 29 11:31:30 UTC 2017
On Thu, 29 Jun 2017 12:55:46 +0200
Hénoch Hervé <h.henoch at isc84.org> wrote:
> Yes i'm on a AD DC. When I have installed AD DC two years ago and
> "apt-get install" has installed on the system nmbd (jessie).
>
Ok, put your smb.conf back to this:
[global]
workgroup = SC1
realm = sc1.local
netbios name = VSPDC1
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
idmap_ldb:use rfc2307 = yes
log level = 2
printcap name = /dev/null
load printers = no
[netlogon]
path = /var/lib/samba/sysvol/sc.local/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[partage]
path = /opt/partage
read only = no
NOTE: if '.local' is your TLD, stop Avahi if it is running, alter the
'hosts' line in /etc/nsswitch.conf to this:
hosts: files dns
You should not let your OS start Samba using the 'samba' init script,
use the 'samba-ad-dc' init script instead.
If you haven't got it yet, you cannot run 'nmbd' on a Samba AD DC.
Rowland
More information about the samba
mailing list