[Samba] Windows 2016 RSAT not connect with samba4 DC
me at tdiehl.org
me at tdiehl.org
Mon Nov 30 17:15:43 UTC 2020
Hi Rowland,
On Mon, 30 Nov 2020, Rowland penny via samba wrote:
> On 30/11/2020 15:11, Rommel Rodriguez Toirac via samba wrote:
>> Now I test from Windows 7 using RSAT and can not connect neather to the
>> samba 4.13.2 (adittional DC)
>>
>> Here the result of commands asked:
>>
>>
>> [root at gtmad1 ~]# cat /etc/centos-release
>> CentOS Linux release 8.2.2004 (Core)
>>
>> Checking file: /etc/nsswitch.conf
>>
>> #
>> # /etc/nsswitch.conf
>> #
>> # An example Name Service Switch config file. This file should be
>> # sorted with the most-used services at the beginning.
>> #
>> # The entry '[NOTFOUND=return]' means that the search for an
>> # entry should stop if the search in the previous entry turned
>> # up nothing. Note that if the search failed due to some other reason
>> # (like no NIS server responding) then the search continues with the
>> # next entry.
>> #
>> # Valid entries include:
>> #
>> # nisplus Use NIS+ (NIS version 3)
>> # nis Use NIS (NIS version 2), also called YP
>> # dns Use DNS (Domain Name Service)
>> # files Use the local files in /etc
>> # db Use the pre-processed /var/db files
>> # compat Use /etc files plus *_compat
>> # pseudo-databases
>> # hesiod Use Hesiod (DNS) for user lookups
>> # sss Use sssd (System Security Services Daemon)
>> # [NOTFOUND=return] Stop searching if not found so far
>> #
>> # 'sssd' performs its own 'files'-based caching, so it should
>> # generally come before 'files'.
>>
>> # To use 'db', install the nss_db package, and put the 'db' in front
>> # of 'files' for entries you want to be looked up first in the
>> # databases, like this:
>> #
>> # passwd: db files
>> # shadow: db files
>> # group: db files
>>
>> passwd: sss files systemd
>> shadow: files sss
>> group: sss files systemd
>>
>> hosts: files dns myhostname
>>
>> bootparams: files
>>
>> ethers: files
>> netmasks: files
>> networks: files
>> protocols: files
>> rpc: files
>> services: files sss
>>
>> netgroup: sss
>>
>> publickey: files
>>
>> automount: files sss
>> aliases: files
>
> You have problems, mainly because you are using Centos 8 with a version of
> Samba >= 4.8.0.
>
> You cannot use sssd with Samba >= 4.8.0, you must use winbind, but even if
Just curious, how can you tell he is using sssd? The above entries in nsswitch
do not necessarily mean he is using sssd. I am running 4.12.latest on Centos 8
as a DC but have removed the sssd packages. I just looked and the above
nsswitch entries are still there.
> you use winbind (which incidentally you are), you cannot kerberos with PAM
> because red-hat removed the required package.
What package would that be?
Are you talking about on a DC or a member server. If you are talking about a DC
kerberos seems to work just fine on a Centos 8 DC. What am I missing?
Regards,
--
Tom me at tdiehl.org
More information about the samba
mailing list