[Samba] Setup a Samba AD DC as an additional DC

[L.P.H. van Belle]

No, there is a simple problem and solution to get id.s

https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Configuring_the_Name_Service_Switch 

For the member, 
apt-get install libnss-winbind libpam-winbind

change /etc/nsswitch.conf 
passwd:         compat systemd winbind
group:          compat systemd winbind

Run pam-auth-update
And for testing set these to yes in smb.conf 
winbind enum users  = no
winbind enum groups = no

And here you go all you users ;-) 
Set it back to no and then use getent passwd username. 

;-) 

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: Barry D. Adkins [mailto:Barry at daram.com] 
> Verzonden: donderdag 29 november 2018 16:09
> Aan: L.P.H. van Belle
> Onderwerp: RE: [Samba] Setup a Samba AD DC as an additional DC
> 
> I will follow your instructions.
> 
> As for this:
> 
> >> For the moment if we could go back to the Member Server 
> and get it working I had started 
> >> that to create a Replicated Storage Volume as we are 
> having trouble with Microsoft DFS Replicated folders.
> >A linux member of windows member ? 
> >If i think i can make some extra time tomorrow and i'll make 
> a member howto also for Ubuntu and i'll update the current 
> stretch version to 4.8/4.9 
> 
> I joined a Samba Member Server to the Windows AD Domain.  We 
> had problems with user/group retrieval/connection.
> 
> That was this thread:
> " getenv does not return any AD DOMAIN users or groups - 
> ?nsswitch is not setup for Samba?"
> 
> It was suggested to overcome that problem to create a Samba 
> DC.  That’s why we are doing that.  Eventually, I hope to 
> have no Microsoft servers.  eMail maybe just the Windows OS 
> depending on if I can get a Linux Mail server with the 
> functionality we need.
> 
> -Barry Adkins
>