[Samba] using samba-tool from a domain member other than the DC
Rowland penny
rpenny at samba.org
Thu Jul 23 18:21:51 UTC 2020
On 23/07/2020 18:42, Jason Keltz via samba wrote:
> Hi.
>
> I left off from my original question...
>
> I've joined the domain using "realm join", and am not using winbind.
>
> I'm looking for the minimal configuration I need to have in smb.conf
> to be able to run samba-tool from a domain member.
>
> My /etc/krb5.conf contains:
>
> [libdefaults]
>
> default_realm = <my realm>
>
> dns_lookup_realm = false
>
> dns_lookup_kdc = true
>
> My /etc/smb.conf contains minimal:
>
> [global]
>
> workgroup=<my workgroup>
>
> security=ADS
>
> realm=<my realm>
>
> Have I missed providing some detail?
>
> Do I need to be running smbd to be able to use samba-tool from a
> domain member?
>
> Is nobody else using samba-tool from outside their DC that might be
> able to suggest why this doesn't work?
>
> Thanks,
>
> Jason.
Not sure, I have never tried it. From the sound of it, you are not
running any of the Samba daemons, so why do you need samba-tool ?
Using samba-tool from a Samba domain member does work, it is just ldaps
that doesn't seem to work for myself, probably because of an incorrect
incantation ;-)
Rowland
More information about the samba
mailing list