[Samba] Problem with adding an Samba Member Server to a Samba AD Domain

Rowland Penny rpenny at samba.org
Sat Mar 18 09:43:49 UTC 2017

On Sat, 18 Mar 2017 07:48:27 +0100
Stefan Schäfer via samba <samba at lists.samba.org> wrote:

> Hi List,
> I found some threads here in the list with similar problems, but
> nothing helped to solve my problem.
> We have a very much to old Samba DC (Version 4.1.x) and a new Samba 
> 4.5.6 which should act as a member server.

Don't suppose you can update the DC to a newer Samba version ?

> smbclient -L -U administrator at baettenhausen.local
> Enter administrator at baettenhausen.local's password:
> session setup failed: NT_STATUS_LOGON_FAILURE

You should be able to fix this by adding this line to smb.conf:

    username map = /etc/samba/user.map

Then create the user.map:

nano /etc/samba/user.map
!root = BAETTENHAUSEN\Administrator BAETTENHAUSEN\administrator
Administrator administrator

> Here the krb5.conf

You only need:

         default_realm = BAETTENHAUSEN.LOCAL
         dns_lookup_realm = false
         dns_lookup_kdc = true

If your TLD really is '.local' turn off Avahi on the domain member


More information about the samba mailing list