[Samba] Fw: AD usres are not show in Domain Controller when apply setfacl command
Rowland Penny
rpenny at samba.org
Fri Nov 30 09:06:34 UTC 2018
On Fri, 30 Nov 2018 06:16:42 +0000 (UTC)
barani tharan <aru_barani at yahoo.com> wrote:
> Dear Rowland Penny
> I follow your mentioned step still i am face the same problem
> I have 1 Domain Controller [sambadc] and 1 Domain member for Samba
> Share and backup [backupserver]
>
> 1.when try view the ACL rights is backup server i can able view the
> domain user name [root at backupserver Rishinox]#
> getfacl /ADHDD/Rishinox/ getfacl: Removing leading '/' from absolute
> path names # file: ADHDD/Rishinox/
> [root at backupserver Rishinox]# vi /etc/samba/smb.conf
>
> [global]
>
> workgroup = RISHI
Lets start with the obvious question, why do you think it is a good
idea to use the workgroup 'ADHDD' on the DC and 'RISHI' on the Unix
domain member ?
All domain members need to use the same workgroup.
> password server = sambadc.rishi.com
> realm = RISHI.COM
> security = ads
> idmap config * : range = 16777216-33554431
> template shell = /bin/bash
> kerberos method = secrets only
> winbind use default domain = yes
> winbind offline logon = true
>
Why are you using that range ?
Are you also using sssd on that machine ?
I ask the last question because your smb.conf isn't set up correctly
for winbind and you used red-hat tools to set up smb.conf
Stop trying to use 'Administrator' as a user on Unix domain members,
that user is a Windows user and should be mapped to the Unix user 'root'
Rowland
More information about the samba
mailing list