[Samba] Windows 2016 RSAT not connect with samba4 DC

Rowland penny rpenny at samba.org
Mon Nov 30 19:19:19 UTC 2020 

On 30/11/2020 19:09, Rommel Rodriguez Toirac wrote:
> El 30 de noviembre de 2020 13:41:09 GMT-05:00, Rowland penny via samba <samba at lists.samba.org> escribió:
>> On 30/11/2020 18:21, Rommel Rodriguez Toirac wrote:
>>>    I do not have installed sssd. I use winbind.
>>>
>> in which case, edit /etc/nsswitch.conf and make the passwd, shadow and
>> group lines look like this:
>>
>> passwd:      files winbind systemd
>> shadow:      files
>> group:       files winbind systemd
>>
>> remove every mention of 'sss'
>>
>> Rowland
>
>
>   Done, now look like this:
>
>
>   [root at gtmad1 sbin]# cat /etc/nsswitch.conf
> #
> # /etc/nsswitch.conf
> #
> # An example Name Service Switch config file. This file should be
> # sorted with the most-used services at the beginning.
> #
> # The entry '[NOTFOUND=return]' means that the search for an
> # entry should stop if the search in the previous entry turned
> # up nothing. Note that if the search failed due to some other reason
> # (like no NIS server responding) then the search continues with the
> # next entry.
> #
> # Valid entries include:
> #
> #       nisplus                 Use NIS+ (NIS version 3)
> #       nis                     Use NIS (NIS version 2), also called YP
> #       dns                     Use DNS (Domain Name Service)
> #       files                   Use the local files in /etc
> #       db                      Use the pre-processed /var/db files
> #       compat                  Use /etc files plus *_compat pseudo-databases
> #       hesiod                  Use Hesiod (DNS) for user lookups
> #       sss                     Use sssd (System Security Services Daemon)
> #       [NOTFOUND=return]       Stop searching if not found so far
> #
> # 'sssd' performs its own 'files'-based caching, so it should
> # generally come before 'files'.
>
> # To use 'db', install the nss_db package, and put the 'db' in front
> # of 'files' for entries you want to be looked up first in the
> # databases, like this:
> #
> # passwd:    db files
> # shadow:    db files
> # group:     db files
>
> passwd:     files winbind systemd
> shadow:     files
> group:      files winbind systemd
>
> hosts:      files dns myhostname
>
> bootparams: files
>
> ethers:     files
> netmasks:   files
> networks:   files
> protocols:  files
> rpc:        files
> services:   files sss
>
> netgroup:   sss
>
> publickey:  files
>
> automount:  files sss
> aliases:    files
>
>
You still have 'sss' in the file, you do not need them if you don't have 
sssd installed, I would change 'netgroup: sss' to 'netgroup: nis' and 
remove the other 'sss'

Rowland

More information about the samba mailing list