[Samba] Windows 2016 RSAT not connect with samba4 DC

Rowland penny rpenny at samba.org
Mon Nov 30 16:08:56 UTC 2020 

On 30/11/2020 15:11, Rommel Rodriguez Toirac via samba wrote:
> Now I test from Windows 7 using RSAT and can not connect neather to the samba 4.13.2 (adittional DC)
>
>   Here the result of commands asked:
>   
>
> [root at gtmad1 ~]# cat /etc/centos-release
> CentOS Linux release 8.2.2004 (Core)
>
>        Checking file: /etc/nsswitch.conf
>
> #
> # /etc/nsswitch.conf
> #
> # An example Name Service Switch config file. This file should be
> # sorted with the most-used services at the beginning.
> #
> # The entry '[NOTFOUND=return]' means that the search for an
> # entry should stop if the search in the previous entry turned
> # up nothing. Note that if the search failed due to some other reason
> # (like no NIS server responding) then the search continues with the
> # next entry.
> #
> # Valid entries include:
> #
> #       nisplus                 Use NIS+ (NIS version 3)
> #       nis                     Use NIS (NIS version 2), also called YP
> #       dns                     Use DNS (Domain Name Service)
> #       files                   Use the local files in /etc
> #       db                      Use the pre-processed /var/db files
> #       compat                  Use /etc files plus *_compat pseudo-databases
> #       hesiod                  Use Hesiod (DNS) for user lookups
> #       sss                     Use sssd (System Security Services Daemon)
> #       [NOTFOUND=return]       Stop searching if not found so far
> #
> # 'sssd' performs its own 'files'-based caching, so it should
> # generally come before 'files'.
>
> # To use 'db', install the nss_db package, and put the 'db' in front
> # of 'files' for entries you want to be looked up first in the
> # databases, like this:
> #
> # passwd:    db files
> # shadow:    db files
> # group:     db files
>
> passwd:      sss files systemd
> shadow:     files sss
> group:       sss files systemd
>
> hosts:      files dns myhostname
>
> bootparams: files
>
> ethers:     files
> netmasks:   files
> networks:   files
> protocols:  files
> rpc:        files
> services:   files sss
>
> netgroup:   sss
>
> publickey:  files
>
> automount:  files sss
> aliases:    files

You have problems, mainly because you are using Centos 8 with a version 
of Samba >= 4.8.0.

You cannot use sssd with Samba >= 4.8.0, you must use winbind, but even 
if you use winbind (which incidently you are), you cannot kerberos with 
PAM because red-hat removed the required package.

How fixed are you on using Centos ?

Are you prepared to use a different distro ?

Rowland

More information about the samba mailing list