[Samba] Problem with Samba as Member to AD

Rowland Penny rpenny at samba.org
Sun Jul 18 07:39:00 UTC 2021

On Sun, 2021-07-18 at 08:49 +0200, Mr Typo via samba wrote:
> Hello all,
> i hope you can help me. I have successfully set up a connection with
> samba to my domain controller. What works:
> * wbinfo -u / wbinfo -g
> * wbinfo -a
> * bet ads info
> i hope you can help me! thank you!

Lets start by fixing your smb.conf:

You have 'password server =' , you should remove this and
allow Samba to find a DC.

You have 'winbind use default domain = true' , you cannot use this with
autorid. Either remove this line or change the winbind backend to

You have 'guest ok = yes' in the 'shareshare' share, but you do not
have 'map to guest = bad user' in '[global]' , so guest access will not

Now to your problem. Whilst 'wbinfo -u' may show your AD users, it does
not mean that the Unix OS knows your AD users. If you run 'getent
passwd an_AD_username' on the Samba server, does it produce output ?

As you haven't given us any information about your OS, I cannot advise
further, except to comment about your TLD. Using '.local' isn't
recommended, so if it is your TLD (and not sanitisation), then I
suggest you turn off Avahi on the Unix domain member (if it is running.


More information about the samba mailing list