[Samba] wbinfo -U id gives different users on same dc
L.P.H. van Belle
belle at bazuin.nl
Thu Feb 15 08:41:41 UTC 2018
Sure there is,
Install debian, follow my howto and you will have success.
Just, your using an .local domain, and thats a reserved name for apples mDNS (zeroconf)
And should not be used. ( same for .lan )
https://wiki.samba.org/index.php/FAQ#Can_I_Use_the_.local_Top-level_Domain_for_My_AD_DNS_Zone.3F
So the info is good, thats not the problem, finding it, is.
Can you post your /etc/hosts and resolv.conf also to be sure these are ok.
And whats the running OS, thats a nice to know.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Özkan Göksu via samba
> Verzonden: donderdag 15 februari 2018 9:19
> Aan: Rowland Penny
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] wbinfo -U id gives different users on same dc
>
> Thanks for helping me out. It is really appreciated. It is
> not easy to find
> out good online information about samba :(
>
> My original idea was to keep my understanding of important
> default options
> written in smb.conf after full reading of https://www.samba.org/
> samba/docs/4.7/man-html/smb.conf.5.html.
>
> For the "winbind enum users/group" options I added them since
> smb.conf(5)
> states some programs behaves oddly if they are not enabled:
> https://www.samba.org/samba/docs/4.7/man-html/smb.conf.5.html#
> winbindenumgroups. However I am removing them as you say.
>
> For the "dns update command? setting I thought it would solve
> my dns update
> problem whenever I try to join Active Directory. My samba
> version is 4.7.4.
>
> [root at AA-SM2 ]# net ads join -U administrator
> Enter administrator's password:
> Using short domain name -- AA
> Joined 'AA-SM2' to dns domain 'aa.local'
> No DNS domain configured for aa-sm2. Unable to perform DNS Update.
> DNS update failed: NT_STATUS_INVALID_PARAMETER
>
> For the "socket options? setting I read it on the internet which is
> somewhat considered to be a best practice for samba performance. I am
> removing it also.
>
> BTW there is a long standing issue of mine which I haven?t
> found an answer.
> I always see limit warning at smbd service start up. It does
> no help no
> matter I set "max open files = 232040? in smb.conf nor
> /etc/security/limits
> settings.
>
> [2018/02/15 10:39:02.985913, 2] ../source3/param/loadparm.c:
> 321(max_open_files)
> rlimit_max: increasing rlimit_max (1024) to minimum Windows
> limit (16384)
> [2018/02/15 10:39:02.986630, 2] ../source3/param/loadparm.c:
> 2791(lp_do_section)
> Processing section "[yenitest]"
> [2018/02/15 10:39:02.987321, 2] ../source3/lib/interface.c:
> 345(add_interface)
> added interface vlan11 ip=192.168.11.3 bcast=192.168.11.255
> netmask=255.255.255.0
> [2018/02/15 10:39:02.987391, 2] ../source3/lib/interface.c:
> 345(add_interface)
> added interface vlan50 ip=10.0.50.4 bcast=10.0.50.255
> netmask=255.255.255.0
> [2018/02/15 10:39:02.987439, 2] ../source3/lib/interface.c:
> 345(add_interface)
> added interface enp2s0f0 ip=10.1.60.3 bcast=10.1.60.255
> netmask=255.255.255.0
> [2018/02/15 10:39:02.987484, 2] ../source3/lib/interface.c:
> 345(add_interface)
> added interface enp2s0f0 ip=10.1.60.5 bcast=10.1.60.255
> netmask=255.255.255.0
> [2018/02/15 10:39:02.987611, 1] ../source3/profile/profile_
> dummy.c:30(set_profile_level)
> INFO: Profiling support unavailable in this build.
> [2018/02/15 10:39:02.989393, 2] ../source3/passdb/pdb_
> interface.c:161(make_pdb_method_name)
> No builtin backend found, trying to load plugin
> [2018/02/15 10:39:03.006312, 1] ../source3/smbd/files.c:218(
> file_init_global)
> file_init_global: Information only: requested 232040 open
> files, 59392
> are available.
> [2018/02/15 10:39:03.009324, 0] ../lib/util/become_daemon.c:
> 124(daemon_ready)
> STATUS=daemon 'smbd' finished starting up and ready to
> serve connections
> [2018/02/15 10:39:03.009569, 2] ../source3/smbd/server.c:1395(
> smbd_parent_loop)
> waiting for connections
>
> Here are my settings in /etc/security/limits.
>
> * soft nofile 99000
> * hard nofile 999000
> * - memlock unlimited
> * - nofile 100000
> * - nproc 32768
> * - as unlimited
>
> @root soft nofile 99000
> @root hard nofile 999000
> @root - memlock unlimited
> @root - nofile 100000
> @root - nproc 32768
> @root - as unlimited
>
>
> Again thanks for you help,
>
> Ozkan
>
>
> *Özkan GÖKSU* | *Tekn. Geli??tirme* | ozkan.goksu at usishi.com
> <goktug.yildirim at usishi.com>
> C : +90 555 449 88 71 | T : +90 (216) 442 7070 |
> http://www.usishi.com
>
>
> 2018-02-14 17:26 GMT+02:00 Rowland Penny via samba
> <samba at lists.samba.org>:
>
> > On Wed, 14 Feb 2018 16:30:07 +0200
> > Özkan Göksu <ozkan.goksu at usishi.com> wrote:
> >
> > > RID solved my problem. But while reading docs I saw new
> things and I
> > > changed my smb.conf completely.
> > > I have read almost every parameter but i'm still not %100 sure.
> > > Can you do me a last favor?
> > > Please can you tell me do I have any problem with new smb.conf?
> > >
> >
> > No problems as such, but you don't need these because they
> are default
> > settings:
> >
> > winbind nested groups = yes
> > encrypt passwords = yes
> > strict locking = Auto
> > oplocks = yes
> > deadtime = 15
> > unix charset = UTF-8
> > case sensitive = auto
> > guest account = nobody
> > ntlm auth = no
> > client ntlmv2 auth = yes
> > kernel change notify = yes
> > domain logons = no
> > client use spnego = yes
> > strict sync = no
> >
> > All the next two lines do is make 'getent passwd' & 'getent group'
> > display a list of all users or groups AND slow things down,
> you do not
> > need them:
> >
> > winbind enum users = yes
> > winbind enum groups = yes
> >
> > The next line is only any good on a Samba DC:
> >
> > dns update command = /usr/sbin/samba_dnsupdate
> >
> > You shouldn't really mess with the socket options, that's
> the kernels
> > job:
> >
> > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
> >
> > Rowland
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list