[Samba] How do I join an Centos8 workstation to an NT4 domain?
Nick Howitt
nick at howitts.co.uk
Tue Feb 23 14:19:46 UTC 2021
Please don't ream me for using an NT4 domain, but that is the beast I am
stuck with.
I am trying to join a Centos 8 workstation to an NT4 domain and the only
notes I have are not really applicable -
https://documentation.clearos.com/content:en_us:kb_howtos_add_linux_workstation_to_the_samba_domain.
It references Ubuntu and its PAM configuration is irrelevant. In any
case I believe the join is falling down before PAM even comes into play.
My samba config is:
[global]
add machine script = /usr/sbin/useradd -d /var/lib/nobody -g
100 -s /bin/false -M %u
domain master = No
idmap gid = 10000000-19999999
idmap uid = 10000000-19999999
security = DOMAIN
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
winbind use default domain = Yes
workgroup = HOME
idmap config * : range = 10000000-19999999
idmap config * : backend = tdb
[homes]
browseable = No
comment = Home Directories
inherit acls = Yes
read only = No
valid users = %S %D%w%S
[printers]
browseable = No
comment = All Printers
create mask = 0600
path = /var/tmp
printable = Yes
[print$]
comment = Printer Drivers
create mask = 0664
directory mask = 0775
force group = @printadmin
path = /var/lib/samba/drivers
write list = @printadmin root
If I try to join the domain I get:
[root at proxmox106 ~]# net rpc join -U winadmin
Enter winadmin's password:
Failed to join domain: failed to find DC for domain HOME - The object
was not found.
I am not sure what I am missing here.
resolv.conf:
# Generated by NetworkManager
search howitts.co.uk
nameserver 172.17.2.1
home.howitts.co.uk resolves to 172.17.2.1
As I read about the dislike of sssd, I have stopped it (but not removed
it) and installed samba-winbind but it won't start:
● winbind.service - Samba Winbind Daemon
Loaded: loaded (/usr/lib/systemd/system/winbind.service; disabled;
vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2021-02-23 11:06:17
GMT; 3h 9min ago
Docs: man:winbindd(8)
man:samba(7)
man:smb.conf(5)
Process: 4428 ExecStart=/usr/sbin/winbindd --foreground
--no-process-group $WINBINDOPTIONS (code=exited, status=1/FAILURE)
Main PID: 4428 (code=exited, status=1/FAILURE)
Status: "Starting process..."
Feb 23 11:06:17 proxmox106 systemd[1]: Starting Samba Winbind Daemon...
Feb 23 11:06:17 proxmox106 winbindd[4428]: [2021/02/23 11:06:17.888752,
0] ../../source3/winbindd/winbindd_cache.c:3205(initialize_winbindd_cache)
Feb 23 11:06:17 proxmox106 winbindd[4428]: initialize_winbindd_cache:
clearing cache and re-creating with version number 2
Feb 23 11:06:17 proxmox106 winbindd[4428]: [2021/02/23 11:06:17.928571,
0] ../../source3/winbindd/winbindd_util.c:1289(init_domain_list)
Feb 23 11:06:17 proxmox106 winbindd[4428]: Could not fetch our SID -
did we join?
Feb 23 11:06:17 proxmox106 winbindd[4428]: [2021/02/23 11:06:17.928702,
0] ../../source3/winbindd/winbindd.c:1466(winbindd_register_handlers)
Feb 23 11:06:17 proxmox106 winbindd[4428]: unable to initialize domain
list
Feb 23 11:06:17 proxmox106 systemd[1]: winbind.service: Main process
exited, code=exited, status=1/FAILURE
Feb 23 11:06:17 proxmox106 systemd[1]: winbind.service: Failed with
result 'exit-code'.
Feb 23 11:06:17 proxmox106 systemd[1]: Failed to start Samba Winbind Daemon.
I am not sure how to fix thin one unless it fixes itself when the domain
is joined
Centos is 8.3 and is fully up to date and samba is 4.12.3-12.el8.3.x86_64.
Any advice would be appreciated.
Thanks,
Nick
More information about the samba
mailing list