[Samba] error witch rsat

Marco Pirola mapirola81 at gmail.com
Tue Jan 29 10:26:22 UTC 2019

This is my selinux conf.

# Authors: Jason Tang <jtang at tresys.com>
# Copyright (C) 2004-2005 Tresys Technology, LLC
#  This library is free software; you can redistribute it and/or
#  modify it under the terms of the GNU Lesser General Public
#  License as published by the Free Software Foundation; either
#  version 2.1 of the License, or (at your option) any later version.
#  This library is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  Lesser General Public License for more details.
#  You should have received a copy of the GNU Lesser General Public
#  License along with this library; if not, write to the Free Software
#  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
# Specify how libsemanage will interact with a SELinux policy manager.
# The four options are:
#  "source"     - libsemanage manipulates a source SELinux policy
#  "direct"     - libsemanage will write directly to a module store.
#  /foo/bar     - Write by way of a policy management server, whose
#                 named socket is at /foo/bar.  The path must begin
#                 with a '/'.
#  foo.com:4242 - Establish a TCP connection to a remote policy
#                 management server at foo.com.  If there is a colon
#                 then the remainder is interpreted as a port number;
#                 otherwise default to port 4242.
module-store = direct

# When generating the final linked and expanded policy, by default
# semanage will set the policy version to POLICYDB_VERSION_MAX, as
# given in <sepol/policydb.h>.  Change this setting if a different
# version is necessary.
#policy-version = 19

# expand-check check neverallow rules when executing all semanage commands.
# Large penalty in time if you turn this on.

# By default, semanage will generate policies for the SELinux target.
# To build policies for Xen, uncomment the following line.
#target-platform = xen

the other files are ok, otherwise I would not be able to make the join 
the machine or to do the query via nslooch of the machine dc

Il 29/01/2019 10:05, Rowland Penny via samba ha scritto:
> On Tue, 29 Jan 2019 06:59:45 +0100
> Marco Pirola <mapirola81 at gmail.com> wrote:
>> This is the content of my smb.conf. Can you check if something is
>> missing? Otherwise I do not know how to behave anymore. Thanks and
>> have a good day.
> The only problem I can see is this line:
> valid user = +"domain users"
> You shouldn't set this line if using Windows ACL's
> Can we try checking a few things (I know you might have already posted
> them, but lets get them in one place), please add them to the post,do
> not attach them.
> OS
> /etc/hostname
> /etc/hosts
> /etc/resolv.conf
> /etc/krb5.conf
> /etc/nsswitch.conf
> Is a firewall running ?
> Is selinux/apparmor running ?
> What is the AD DC ?
> What Windows computer are you connecting from ?
> Rowland

More information about the samba mailing list