[Samba] AD member server, some users suddenly can only connect to shares via ip address
Neil Price
nprice at gibb.co.za
Thu Apr 25 13:39:21 UTC 2019
On 2019/04/25 14:44, Rowland Penny via samba wrote:
> OK, post your smb.conf
Thanks for help.... remember this has been working up to now and only a
few users have the password prompt.. (btw "gibb.local" is a trusted
samba3 domain used for migration, connecting as a gibb.local user does work)
getent passwd returns expected results, as does wbinfo -u
# Global parameters
[global]
netbios name = PTA-CLUSTER
realm = AD.GIBB.CO.ZA
server string = Pretoria Cluster
workgroup = GIBB
ldap connection timeout = 20
ldap timeout = 60
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd program = /usr/bin/passwd %u
security = ADS
server role = member server
unix password sync = Yes
username map = /etc/samba/user.map
template homedir = /home/gibb/%U
winbind enum groups = Yes
winbind enum users = Yes
winbind refresh tickets = Yes
winbind request timeout = 120
dns proxy = No
wins server = 192.168.112.94 192.168.104.2
idmap config gibb.local : range = 1600000-1999999
idmap config gibb.local : backend = rid
idmap config gibb : range = 1000000-1599999
idmap config gibb : backend = rid
idmap config * : range = 3000-7999
idmap config * : backend = tdb
[homes]
comment = Home Directories
path = /home/gibb/%U
browseable = No
root preexec = /usr/local/sbin/mkhomedir.sh %U
create mask = 0750
directory mask = 0750
read only = No
valid users = %S GIBB.LOCAL\%S GIBB\%S
[projects]
comment = Pretoria projects
path = /home/shares/projects
inherit permissions = Yes
read only = No
valid users = @domusers "@GIBB.LOCAL\Domain Users"
"@GIBB\Domain Users"
user.map:
!root = GIBB\Administrator
More information about the samba
mailing list