[Samba] Using Samba 4.7.4 as a domain member
Rowland Penny
rpenny at samba.org
Mon Feb 5 12:53:17 UTC 2018
On Mon, 5 Feb 2018 17:51:17 +0600
Рустам Кульназаров <rkulnazarov at gmail.com> wrote:
> [global]
>
> netbios name = bh1
> workgroup = COMPANY
> realm = COMPANY.LOCAL
> server string = host1
> security = ads
> passdb backend = tdbsam
> load printers = yes
> log file = /var/log/samba/log.%m
> max log size = 1000
> log level = 10
> winbind use default domain = true
> winbind offline logon = true
> winbind enum users = yes
> winbind enum groups = yes
> kerberos method = secrets only
> cups options = raw
> unix charset = UTF-8
> dos charset = 866
> bind interfaces only = yes
> interfaces = lo enp16s0f0
> dns proxy = no
> client use spnego = yes
> idmap config COMPANY : schema_mode = rfc2307
>
> idmap config COMPANY : backend = rid
> idmap config COMPANY : range = 5000000-5999999
>
> idmap config TRUSTED : backend = rid
> idmap config TRUSTED : range = 6000000-6999999
>
>
> idmap config * : backend = tdb
> idmap config * : range = 1000000-1999999
>
As you are using trusted domains, you cannot use 'winbind use default
domain = true'
Have you set up the libnss-winbind links and /etc/nsswitch.conf ?
However, it may all be down to this in your configure options:
'--without-ad-dc'.
If everything else is correct and it still doesn't
work, try compiling again without that option.
Rowland
More information about the samba
mailing list