[Samba] Windows 2016 RSAT not connect with samba4 DC
Rowland penny
rpenny at samba.org
Mon Nov 30 20:43:24 UTC 2020
On 30/11/2020 20:32, Rommel Rodriguez Toirac via samba wrote:
> El 30 de noviembre de 2020 14:19:19 GMT-05:00, Rowland penny via samba <samba at lists.samba.org> escribió:
>> On 30/11/2020 19:09, Rommel Rodriguez Toirac wrote:
>>> El 30 de noviembre de 2020 13:41:09 GMT-05:00, Rowland penny via
>> samba <samba at lists.samba.org> escribió:
>>>> On 30/11/2020 18:21, Rommel Rodriguez Toirac wrote:
>>>>> I do not have installed sssd. I use winbind.
>>>>>
>>>> in which case, edit /etc/nsswitch.conf and make the passwd, shadow
>> and
>>>> group lines look like this:
>>>>
>>>> passwd: files winbind systemd
>>>> shadow: files
>>>> group: files winbind systemd
>>>>
>>>> remove every mention of 'sss'
>>>>
>>>> Rowland
>>>
>>> Done, now look like this:
>>>
>>>
>>> [root at gtmad1 sbin]# cat /etc/nsswitch.conf
>>> #
>>> # /etc/nsswitch.conf
>>> #
>>> # An example Name Service Switch config file. This file should be
>>> # sorted with the most-used services at the beginning.
>>> #
>>> # The entry '[NOTFOUND=return]' means that the search for an
>>> # entry should stop if the search in the previous entry turned
>>> # up nothing. Note that if the search failed due to some other reason
>>> # (like no NIS server responding) then the search continues with the
>>> # next entry.
>>> #
>>> # Valid entries include:
>>> #
>>> # nisplus Use NIS+ (NIS version 3)
>>> # nis Use NIS (NIS version 2), also called
>> YP
>>> # dns Use DNS (Domain Name Service)
>>> # files Use the local files in /etc
>>> # db Use the pre-processed /var/db files
>>> # compat Use /etc files plus *_compat
>> pseudo-databases
>>> # hesiod Use Hesiod (DNS) for user lookups
>>> # sss Use sssd (System Security Services
>> Daemon)
>>> # [NOTFOUND=return] Stop searching if not found so far
>>> #
>>> # 'sssd' performs its own 'files'-based caching, so it should
>>> # generally come before 'files'.
>>>
>>> # To use 'db', install the nss_db package, and put the 'db' in front
>>> # of 'files' for entries you want to be looked up first in the
>>> # databases, like this:
>>> #
>>> # passwd: db files
>>> # shadow: db files
>>> # group: db files
>>>
>>> passwd: files winbind systemd
>>> shadow: files
>>> group: files winbind systemd
>>>
>>> hosts: files dns myhostname
>>>
>>> bootparams: files
>>>
>>> ethers: files
>>> netmasks: files
>>> networks: files
>>> protocols: files
>>> rpc: files
>>> services: files sss
>>>
>>> netgroup: sss
>>>
>>> publickey: files
>>>
>>> automount: files sss
>>> aliases: files
>>>
>>>
>> You still have 'sss' in the file, you do not need them if you don't
>> have
>> sssd installed, I would change 'netgroup: sss' to 'netgroup: nis' and
>> remove the other 'sss'
>>
>> Rowland
>
>
>
> After send the messages I was change the file and lets it like this:
>
>
> [root at gtmad1 var]# cat /etc/nsswitch.conf
> #
> # /etc/nsswitch.conf
> #
> # An example Name Service Switch config file. This file should be
> # sorted with the most-used services at the beginning.
> #
> # The entry '[NOTFOUND=return]' means that the search for an
> # entry should stop if the search in the previous entry turned
> # up nothing. Note that if the search failed due to some other reason
> # (like no NIS server responding) then the search continues with the
> # next entry.
> #
> # Valid entries include:
> #
> # nisplus Use NIS+ (NIS version 3)
> # nis Use NIS (NIS version 2), also called YP
> # dns Use DNS (Domain Name Service)
> # files Use the local files in /etc
> # db Use the pre-processed /var/db files
> # compat Use /etc files plus *_compat pseudo-databases
> # hesiod Use Hesiod (DNS) for user lookups
> # sss Use sssd (System Security Services Daemon)
> # [NOTFOUND=return] Stop searching if not found so far
> #
> # 'sssd' performs its own 'files'-based caching, so it should
> # generally come before 'files'.
>
> # To use 'db', install the nss_db package, and put the 'db' in front
> # of 'files' for entries you want to be looked up first in the
> # databases, like this:
> #
> # passwd: db files
> # shadow: db files
> # group: db files
>
> passwd: files winbind
> shadow: files
> group: files winbind
> initgroups files
>
> hosts: files dns myhostname
>
> bootparams: nisplus files
>
> ethers: files
> netmasks: files
> networks: files
> protocols: files
> rpc: files
> services: files
>
> netgroup: nis
>
> publickey: nisplus
>
>
> automount: files nisplus
> aliases: files nisplus
>
> But, it not work when I run getent command:
>
>
> [root at gtmad1 var]# wbinfo -p
> Ping to winbindd succeeded
>
>
> [root at gtmad1 var]# getent passwd "ATGTM00\\rommel.rodriguez"
>
> [root at gtmad1 var]# getent group "ATGTM00\\Domain Users"
>
>
> ... and still do not connect from Windows (7) using RSAT neather from Windows 2016 Server Admin Tools/Active Directory Users and Computer tool.
>
>
Do you have these packages installed: samba samba-winbind
samba-winbind-clients krb5-workstation
Have you run this command: authselect select winbind with-mkhomedir
Rowland
More information about the samba
mailing list