[Samba] Windows 2016 RSAT not connect with samba4 DC
Rommel Rodriguez Toirac
rommelrt at nauta.cu
Mon Nov 30 20:32:44 UTC 2020
El 30 de noviembre de 2020 14:19:19 GMT-05:00, Rowland penny via samba <samba at lists.samba.org> escribió:
>On 30/11/2020 19:09, Rommel Rodriguez Toirac wrote:
>> El 30 de noviembre de 2020 13:41:09 GMT-05:00, Rowland penny via
>samba <samba at lists.samba.org> escribió:
>>> On 30/11/2020 18:21, Rommel Rodriguez Toirac wrote:
>>>> I do not have installed sssd. I use winbind.
>>>>
>>> in which case, edit /etc/nsswitch.conf and make the passwd, shadow
>and
>>> group lines look like this:
>>>
>>> passwd: files winbind systemd
>>> shadow: files
>>> group: files winbind systemd
>>>
>>> remove every mention of 'sss'
>>>
>>> Rowland
>>
>>
>> Done, now look like this:
>>
>>
>> [root at gtmad1 sbin]# cat /etc/nsswitch.conf
>> #
>> # /etc/nsswitch.conf
>> #
>> # An example Name Service Switch config file. This file should be
>> # sorted with the most-used services at the beginning.
>> #
>> # The entry '[NOTFOUND=return]' means that the search for an
>> # entry should stop if the search in the previous entry turned
>> # up nothing. Note that if the search failed due to some other reason
>> # (like no NIS server responding) then the search continues with the
>> # next entry.
>> #
>> # Valid entries include:
>> #
>> # nisplus Use NIS+ (NIS version 3)
>> # nis Use NIS (NIS version 2), also called
>YP
>> # dns Use DNS (Domain Name Service)
>> # files Use the local files in /etc
>> # db Use the pre-processed /var/db files
>> # compat Use /etc files plus *_compat
>pseudo-databases
>> # hesiod Use Hesiod (DNS) for user lookups
>> # sss Use sssd (System Security Services
>Daemon)
>> # [NOTFOUND=return] Stop searching if not found so far
>> #
>> # 'sssd' performs its own 'files'-based caching, so it should
>> # generally come before 'files'.
>>
>> # To use 'db', install the nss_db package, and put the 'db' in front
>> # of 'files' for entries you want to be looked up first in the
>> # databases, like this:
>> #
>> # passwd: db files
>> # shadow: db files
>> # group: db files
>>
>> passwd: files winbind systemd
>> shadow: files
>> group: files winbind systemd
>>
>> hosts: files dns myhostname
>>
>> bootparams: files
>>
>> ethers: files
>> netmasks: files
>> networks: files
>> protocols: files
>> rpc: files
>> services: files sss
>>
>> netgroup: sss
>>
>> publickey: files
>>
>> automount: files sss
>> aliases: files
>>
>>
>You still have 'sss' in the file, you do not need them if you don't
>have
>sssd installed, I would change 'netgroup: sss' to 'netgroup: nis' and
>remove the other 'sss'
>
>Rowland
After send the messages I was change the file and lets it like this:
[root at gtmad1 var]# cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files in /etc
# db Use the pre-processed /var/db files
# compat Use /etc files plus *_compat pseudo-databases
# hesiod Use Hesiod (DNS) for user lookups
# sss Use sssd (System Security Services Daemon)
# [NOTFOUND=return] Stop searching if not found so far
#
# 'sssd' performs its own 'files'-based caching, so it should
# generally come before 'files'.
# To use 'db', install the nss_db package, and put the 'db' in front
# of 'files' for entries you want to be looked up first in the
# databases, like this:
#
# passwd: db files
# shadow: db files
# group: db files
passwd: files winbind
shadow: files
group: files winbind
initgroups files
hosts: files dns myhostname
bootparams: nisplus files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nis
publickey: nisplus
automount: files nisplus
aliases: files nisplus
But, it not work when I run getent command:
[root at gtmad1 var]# wbinfo -p
Ping to winbindd succeeded
[root at gtmad1 var]# getent passwd "ATGTM00\\rommel.rodriguez"
[root at gtmad1 var]# getent group "ATGTM00\\Domain Users"
... and still do not connect from Windows (7) using RSAT neather from Windows 2016 Server Admin Tools/Active Directory Users and Computer tool.
--
Rommel Rodriguez Toirac
rommelrt at nauta.cu
More information about the samba
mailing list