[Samba] getenv does not return any AD DOMAIN users or groups - ?nsswitch is not setup for Samba?
Barry D. Adkins
Barry at daram.com
Tue Nov 20 05:29:35 UTC 2018
While I have all the uid's and gid's entered on every user and group, the server can't find or recognize them. Not in getent, not in commands referencing AD users or groups.
I'm going to go ahead and install another Ubuntu server with Samba and create a Samba DC. I'll keep this stand alone server and see if it starts working after I get the Samba DC properly joined to the domain.
The below answers some of your queries and documents how I got the AD Schema into the Windows Schema Master.
I don't need help with HOW to do in Windows, just WHAT to do in Windows.
I hope to contribute at least a helping hand with linux, samba, and all the other Open systems.
I greatly appreciate your assistance and patience with our endeour with Samba!!
> >Where did you find this and where have you imported this to and how.
>> Here: https://wiki.samba.org/index.php/Setting_up_RFC2307_in_AD
>That is Samba's version of IDMU, didn't know it worked with a Windows DC, good to know though.
>> I used the windows tool LDIFDE to import the schema to the Windows AD
>> Schema. Otherwise there is no schema for the Unix Attributes.
This is what I did. I had also found an internet article for using Samba tools to get the ldif to the Windows Schema master. I didn't try it because I wasn't certain of the samba tool and knew the MS LDIFDE tool would work.
DC1 = Schema Master
Find FSMO's on a Windows DC (schema master is one of them):
C:\> NetDOM /query FSMO
# sed -i -e 's/${DOMAINDN}/DC=example,DC=com/g' \
-e 's/${NETBIOSNAME}/DC1/g' \
-e 's/${NISDOMAIN}/samdom/g' \
/tmp/ypServ30.ldif
Move the ypServ30.ldif file you've created here to the Windows DC where you will run ldifde
C:\utils\> ldifde -i -f ypServ30.ldif -s SchemaMasterDC
>Not sure just what Samba packages you have installed on the Debian computer
From the wiki: https://wiki.samba.org/index.php/Distribution-specific_Package_Installation
I ran the following:
apt-get install samba winbind libnss-winbind libpam-winbind
One of your comments mentioned: libpam-krb5
So I installed it.
-->> and as well I had previously installed an configured Kerberos:
Apt-get install krb5-user krb5-config
More information about the samba
mailing list