[Samba] Setting Samba as a Domain Member
Rowland penny
rpenny at samba.org
Mon Jun 17 10:07:57 UTC 2019
On 17/06/2019 10:53, Tom via samba wrote:
> Hello,
>
> I'm setting up Samba as a Domain Member and there is one thing that
> does'nt work.
>
> This is the configuration :
>
> Server 1 : Samba AD DC 4.10.4 and CentOS
> Server 2 : File Sharing with Samba 4.8.3 (CentOS package) + winbind
>
> I follow this wiki :
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> Server 2 is correctly joined to the domain, wbinfo return good
> informations. But the 'getent passwd DOMAIN\\user01' command doesn't
> return anything. However libnss_winbind is enable.
>
> This is my smb.conf :
>
> ----------------------------------------------------------
> [global]
>
> workgroup = DOMAIN
> realm = DOMAIN.COM
>
>
> security = ADS
>
> bind interfaces only = yes
> interfaces = lo em1
>
> log level = 3
> log file = /var/log/samba/samba.log
> max log size = 50
>
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
>
> idmap config DOMAIN:backend = ad
> idmap config DOMAIN:schema_mode = rfc2307
> idmap config DOMAIN:range = 10000-999999
> idmap config DOMAIN:unix_nss_info = yes
> idmap config DOMAIN:unix_primary_group = yes
>
> acl allow execute always = yes
>
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
>
>
> ------------------------------------------------------------
>
> Is there anything I missed ?
>
> Thanks !
>
OK, I 'pruned' your smb.conf, the lines I removed are not actually
required, not that they have any connection with your problem ;-)
I think what you are missing is any rfc2307 attributes in AD, have you
added any ?
Rowland
More information about the samba
mailing list