[Samba] Proper sysvol permissions
Rowland Penny
rpenny at samba.org
Sat Jun 23 07:20:19 UTC 2018
On Fri, 22 Jun 2018 22:39:17 +0200 (CEST)
Michal via samba <samba at lists.samba.org> wrote:
>
> > Two questions, why do you have 4 directories under sysvol, when all
> > that should be there (according to your smb.conf) is
> > 'nemuh.cz'<br><br> I suppose these other directories was created
> > during my first attempts to install Samba AD some time ago.
OK, makes sense, but I would remove the ones you don't need.
> where did '544' come from ?
> No idea, sorry.
You must have some idea, by default '544' is the RID for
'Administrators' and, on a Samba AD DC, I would expect a number in the
'3000000' range, so you must have changed it.
> > provision Samba, did you follow the Samba wiki
> or some other web page ?<br> <br> The server is Centos and I did
> not find AD ready Centos samba package.
Apart from the Sernet packages, there are no readily available AD DC
packages for Centos (Cue somebody saying 'have you tried these ?')
>So I compiled samba from
> sources<br>and install it myself (configure
> --prefix /usr/local/samba.ad ..., make, make install).
I wouldn't have bothered with the 'prefix', Samba would then have ended
up in '/usr/local/samba'
> Then I
> run samba-tool (repeatedly, this is my 1st samba ad installation) in
> "interactive" mode.
If you are going to do this, then can I suggest that you delete the
main Samba dir (/usr/local/samba.ad in your case) and then run 'make'
again.
>I've read a lot of web pages,
Well, give up reading random webpages, read the Samba wiki instead:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
Any questions or things you don't understand, please ask.
> > Yes, bind as DNS, yes,
> > running on the DC. Installed just for this samba instance. I have
> > been using bind on <br>my other servers for years and I was hoping
> > I have better control over DNS (no luck; I love bind9 text
> > zones<br>files, but samba AD DNS is a f..ing blackbox, as black as
> > Samba's internal ldap server. Very annoying for me <br>after years
> > with openldap, used for Samba v3).<br><br> Thanks, Michal<br>
Ah, if you are used to setting up Bind9, then you might have set it up
correctly for Bind9, but wrong for a Samba AD DC. Have you put the zone
files into the bind config ?
Perhaps reading this might help:
https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server
Rowland
More information about the samba
mailing list