[Samba] samba-4-10 as Win2k16 member
Péter Varkoly
peter at varkoly.de
Tue Mar 24 20:56:52 UTC 2020
THANK YOU VERY MUCH! NOW IT WORKS!
Am Dienstag, den 24.03.2020, 19:21 +0000 schrieb Rowland penny via
samba:
> On 24/03/2020 18:56, Dipl.-Ing. Péter Varkoly via samba wrote:
> > Hi,
> >
> > I want to join samba 4.10.13 to an Win2k16 Server as member. The
> > join
> > was succesfully:
> > net ads join -U administrator
> > Using short domain name -- CRANIX
> > Joined 'ADMIN' to dns domain 'cranix.win'
> >
> > wbinfo -u lists all users. But wininfo -u <username> delivers
> > following
> > error:
> > wbinfo -i administrator
>
> Forget Administrator on Unix domain member
> > Based on https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Dom
> > ain_Member
>
> Yes, but only vaguely ;-)
> >
> > What went wrong?
> >
>
> Could be numerous things, you didn't read the pages correctly, you
> didn't add any uidNumber & gidNumber attributes to AD (they are not
> added automatically), or you are using sssd.
>
> Try this smb.conf:
>
> [global]
> realm = CRANIX.WIN
> workgroup = CRANIX
> security = ADS
>
> bind interfaces only = yes
> interfaces = 127.0.0.1, 172.20.0.2
>
> vfs objects = acl_xattr
> map acl inherit = Yes
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> winbind use default domain = yes
> winbind refresh tickets = Yes
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config CRANIX : backend = rid
> idmap config CRANIX : range = 10000-999999
>
> # user Administrator workaround, without it you are unable
> to
> set privileges
> username map = /etc/samba/user.map
>
> Create the user.map:
>
> echo '!root = Administrator' > /etc/samba/user.map
>
> With that smb.conf, you will not have to add anything to AD.
>
> Also, if you are using sssd, you should remove it, you cannot use
> sssd
> with Samba >= 4.8.0 running as a fileserver.
>
> Rowland
>
>
>
>
--
Dipl.-Ing. Péter Varkoly
Greuleinweg 37.
D-90411 Nürnberg
More information about the samba
mailing list