[Samba] help for join AD domain failure troubleshooting
Rowland penny
rpenny at samba.org
Wed Jul 1 12:53:58 UTC 2020
On 01/07/2020 13:26, rong zhao wrote:
> Hi Rowland,
>
> Thank you so much for your comment, I don't know why I didn't
> receive your email, just see it in "Digest" mail.
Sounds like you signed up 'digest' mail
>
> Answering your questions:
>
> Has your user hit the limit for joining computers ?
> [R] I followed this article to set limit:
> https://www.petenetlive.com/KB/Article/0001536, but not work, can you
> please guide me check more about it?
Not sure if any of those work on Samba.
>
> Is your smb.conf set up correctly ?
> [R] I think my smb.conf should work, because same configuration worked
> before and it can work for other domain, here is sample (replace
> company name)
>
Yes, it probably did work before, when Adam was a lad :-D
try it like this:
workgroup = PROD-USA
realm = PROD-USA.MYCOMPANY.COM
server string = Samba Server Version %v
security = ADS
winbind use default domain = Yes
winbind separator = +
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config PROD-USA : backend = rid
idmap config PROD-USA : range = 10000 - 49999
template shell = /bin/bash
preferred master = no
log level = 3
log file = /var/log/samba/%m
max log size = 50
printcap name = cups
printing = cups
vfs objects = acl_xattr
map acl inherit = Yes
username map = /etc/samba/user.map
[homes]
comment = Home Directories
valid users = %S
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/cups
browseable = no
printable = yes
Create the user.map
nano /etc/samba/user.map
!root = PROD-USA+Administrator
Rowland
More information about the samba
mailing list