[Samba] Samba 4.8 Config SMB.Conf File

Tyrus Shivers tyrus.shivers at bestgateeng.com
Thu Mar 14 14:07:32 UTC 2019 

After making the changes, I now get " No such user" when trying the id
"user1" command. Yes winbind is installed and running. I am able to pull
users and group successfully with wbinfo. Just not the GID and UIDs.

workgroup = mydomain
realm = mydomain.com
security = ads
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config MYDOMAIN : backend = rid
idmap config MYDOMAIN : range = 10000-19999
allow trusted domain = no
template shell = /bin/bash
winbind refresh tickets = yes
restrict anonymous = 2

On Thu, Mar 14, 2019 at 9:32 AM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Thu, 14 Mar 2019 09:15:22 -0400
> Tyrus Shivers <tyrus.shivers at bestgateeng.com> wrote:
>
> > This is the working smb.conf file for RHEL 7.3 and version 4.4.4 that
> > is in current use.
>
> It may work, but it isn't correct.
>
> >This same config does not work in RHEL 7.6 and
> > samba version 4.8.3
>
> Not surprised.
>
> >
> > workgroup = mydomain
> > password server = hostname.mydomain.com
>
> You should remove the line above and let Samba find the password server
>
> > realm = mydomain.com
> > security = ads
> > idmap config * : range = 10000-19999
> > idmap config * : backend = rid
>
> The '*' range is meant for the default domain and the backend should be
> 'tdb'
>
> You should have (as a minimum) lines like these:
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config MYDOMAIN : backend = rid
> idmap config MYDOMAIN : range = 10000-19999
>
> > allow trusted domain = no
> > template shell = /bin/bash
>
> > kerberos method = secrets only
> > winbind use default domain = true
> > winbind offline logon = false
>
> The three lines above are default settings and so do not need to be
> added.
>
> > winbind enum users = yes
> > winbind enum groups = yes
>
> You only need the two lines above for testing purposes, so I would
> remove them.
>
> > winbind refresh tickets = yes
> > restrict anonymous = 2
> > --
>
> Finally, is winbind installed and running ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
V/R
Tyrus Shivers
Bestgate Engineering LLC
Direct: (410) 872-2457
tyrus.shivers at bestgateeng.com

<tyrus.shivers at bestgateeng.com>
This e-mail transmission and any documents, files or previous e-mail
messages attached to it, may be privileged and confidential and is intended
only for the use of the intended recipient of this message.  If you are not
the intended recipient, or a person responsible for delivering it to the
intended recipient, you are hereby notified that any review, disclosure,
retention, copying, dissemination, distribution or use of any of the
information contained in, or attached to this e-mail transmission is
strictly prohibited.  If you have received this transmission in error,
please immediately notify the sender by return e-mail or by telephone at
the above number and delete this e-mail message and its attachments.

More information about the samba mailing list