[Samba] Odd behavior on group membership
Marcio Vogel Merlone dos Santos
marcio.merlone at a1.ind.br
Wed Nov 28 12:12:39 UTC 2018
Hi Rowland, thank you for your prompt reply,
I sent you the testparam output hence lots of defaults (i presumed would
be better), here is crude smb.conf:
root at araucaria:~# cat /etc/samba/smb.conf
[global]
netbios name = ARAUCARIA
realm = AD.TLD
server role = active directory domain controller
workgroup = A1
server services = -dns
ldap server require strong auth = no
wins support = yes
ntlm auth = yes
log file = /var/log/samba/%m.log
log level = 1 auth_audit:3 auth_json_audit:3
idmap_ldb:use rfc2307 = yes
idmap config * : backend = tdb
template shell = /bin/bash
template homedir = /home/usuarios/%U
[netlogon]
path = /var/lib/samba/sysvol/ad.tld/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
root at araucaria:~#
Em 28/11/2018 09:17, Rowland Penny via samba escreveu:
> On Wed, 28 Nov 2018 08:48:07 -0200
> Marcio Vogel Merlone dos Santos via samba <samba at lists.samba.org> wrote:
>
>> Hi Rowland,
>>
>> Those tests were made on DC (araucaria), not a domain member.
>>
>> root at araucaria:~# testparm /etc/samba/smb.conf
>> Load smb config files from /etc/samba/smb.conf
>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>> (16384) Processing section "[netlogon]"
>> Processing section "[sysvol]"
>> Loaded services file OK.
>> Server role: ROLE_ACTIVE_DIRECTORY_DC
>>
>> Press enter to see a dump of your service definitions
>>
>> # Global parameters
>> [global]
>> passdb backend = samba_dsdb
>> wins support = Yes
>> rpc_server:tcpip = no
>> rpc_daemon:spoolssd = embedded
>> rpc_server:spoolss = embedded
>> rpc_server:winreg = embedded
>> rpc_server:ntsvcs = embedded
>> rpc_server:eventlog = embedded
>> rpc_server:srvsvc = embedded
>> rpc_server:svcctl = embedded
>> rpc_server:default = external
>> winbindd:use external pipes = true
>> idmap config * : backend = tdb
>> map archive = No
>> map readonly = no
>> store dos attributes = Yes
>> vfs objects = dfs_samba4 acl_xattr
>>
>>
> I would remove the above lines from your smb.conf, most are defaults,
> but some are actually wrong for an AD DC, see 'man smb.conf' for more
> details
>
> Rowland
>
--
*Marcio Merlone*
TI - Administrador de redes
*A1 Engenharia - Unidade Corporativa*
Fone: +55 41 3616-3797
Cel: +55 41 99689-0036
https://a1.ind.br/ <https://a1.ind.br>
More information about the samba
mailing list