[Samba] Samba 4.5.8 ADS user not showing in directory tree - chown "invalid user"
L.P.H. van Belle
belle at bazuin.nl
Fri May 19 10:17:07 UTC 2017
>Of course, the list is without the Realm in front.
>
> # wbinfo -u
> demo1
> administrator
Small correction.
>Of course, the list is without the NTDOMAIN in front.
^^^^^^^^
NTDOM\user or user at REALM
And change your nsswitch to :
passwd: compat winbind
group: compat winbind
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Franz Gansberger via samba
> Verzonden: vrijdag 19 mei 2017 11:49
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Samba 4.5.8 ADS user not showing in
> directory tree - chown "invalid user"
>
> Hi,
> I'm currently working on evalutating a AD-Domain for my
> Department. Since I have a couple of year experince in
> running a NT-Style Domain, my choice is samba - nowadays AD-DS.
>
> Now I'm stuck, and I would really appreciate some more
> thoughts and a push in the right direction. :-)
>
> Thank your in advance
> Franz
>
>
> The facts:
> A quick test installation is working as expected - Debian
> Jessie, Samba 4.2.14 from official repository.
> A wbinfo - u lists domain users, and I can chown as
> neccesary. Of course, the list is without the Realm in front.
>
> # wbinfo -u
> demo1
> administrator
> krbtgt
>
> Over to the designated production server, which behaves different:
> Here I have a Stretch with Samba 4.5.8, also from the
> standard reps deb http://ftp.de.debian.org/debian stretch
> main deb-src http://ftp.de.debian.org/debian stretch main
>
> This commands are all executed on the PDC.
>
>
> The same command produces different output:
> # wbinfo -u
> H955\administrator
> H955\krbtgt
> H955\guest
> H955\demo1
>
> I get the mentioned error on chown - invalid user.
>
> ls produces this- uid are korrekt.
>
> #ls -al
> total 56
> drwxrwxrwx 8 root root 4096 May 19 10:03 .
> drwxr-xr-x 3 root root 4096 May 8 15:36 ..
>
> drwxrwxr-x+ 2 3000019 users 4096 May 19 09:40 demo1
> drwxrwxr-x+ 2 3000019 users 4096 May 19 10:03 demo1_new
> drwxrwxr-x+ 2 3000000 users 4096 May 18 16:12 admin
>
>
> Here's my system environment:
> # uname -a
> Linux vw-ads 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2
> (2017-04-30) x86_64 GNU/Linux
>
> # samba -V
> Version 4.5.8-Debian
>
> #samba-tool domain provision --server-role=dc --use-rfc2307
> --dns-backend=SAMBA_INTERNAL --realm=H955.TEST.AC.AT
> --domain=H955 --adminpass=passw0rd
>
> #net rpc rights grant 'H955\Domain Admins'
> SeDiskOperatorPrivilege -Uadministrator
>
>
> # cat /etc/samba/smb.conf
> # Global parameters
> [global]
> netbios name = VW1-ADS
> realm = H955.TEST.AC.AT
> workgroup = H955
> dns forwarder = 8.8.8.8
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
>
> [netlogon]
> path = /data/data-nfs-vw/netlogon-ads/
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [profiles]
> comment = Roaming Profiles
> path = /data/data-nfs-vw/profiles-ads/
> writeable = yes
> store dos attributes = yes
> profile acls = yes
> csc policy = disable
>
>
> [test]
> path = /data/data/test
> writeable = yes
>
>
> # locate libnss_winbind.so
> /lib/x86_64-linux-gnu/libnss_winbind.so
> /lib/x86_64-linux-gnu/libnss_winbind.so.2
> /lib64/libnss_winbind.so
> /lib64/libnss_winbind.so.2
>
> #ls -al /etc/krb5.conf
> lrwxrwxrwx 1 root root 32 May 16 20:40 /etc/krb5.conf ->
> /var/lib/samba/private/krb5.conf
>
> # cat /etc/nsswitch.conf
> # /etc/nsswitch.conf
>
> passwd: files winbind
> group: files winbind
> passwd: compat
> group: compat
> shadow: compat
> gshadow: files
> hosts: files dns
> networks: files
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
> netgroup: nis
>
>
>
>
>
>
>
>
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list