[Samba] rights -- structures
rpenny at samba.org
Mon Dec 14 09:00:41 UTC 2020
On 14/12/2020 08:45, Maurizio Caloro wrote:
>> First, the workgroup cannot be the same as the realm and the realm must be
> the dns domain name in uppercase. By default the workgroup name is the
> lefthand portion of the realm (in your case 'CARAG'), but it can be anything
> and it >must not contain dots. If your TLD is '.local' then it really
> shouldn't be and you will have to turn off Avahi
>> You also seem to not have any 'idmap config' lines, are you using sssd or
> similar ?
> Thanks for you quick Answer!
> Add this to smb.conf
> realm = CARAG.LOCAL
> workgroup = CARAG
> netbios name = SRVCAR005
> security = domain
Why have you jumped to 'domain' from 'ADS' ?
'domain' is used with an NT4-style domain and 'ADS' is used with an 'AD'
domain, what do you have ?
> vfs objects = acl_xattr
> idmap config * : backend = tdb
> idmap config * : range 10000-199999
Do you really need such a large range for the default domain, bearing in
mind that it is mostly for the well known SIDS and there are less than
two hundred of those.
> idmap config DOMAIN : backend = autorid
Why 'autorid' ? do you have more than one domain ? and if you are using
autorid then you don't need the default ('*') domain lines, it includes
Are you starting winbind before smbd ?
More information about the samba