[Samba] Linux workstations lose relationship with domain
Denis Morejon
denis.morejon at etecsa.cu
Wed Mar 24 20:30:07 UTC 2021
How can I set computer account expiration time? To avoid expiration??
I think that It must be set in the workstations, as they are who query
the password change to DCs.
I can do that using policies for Windows workstations. But how can I do
that on Linux WorkStations?
El 23/3/21 a las 11:08, Rowland penny via samba escribió:
> On 23/03/2021 14:47, Denis Morejon via samba wrote:
>> Thank you Rowland!
>>
>> I have another clue for my problem (The lost of domain relationship).
>> The problem began just after the change of time in my country on
>> Sunday. I changed the time manually on both domain servers
>>
>> (They use ntp for the clients to sync with they) and after that, on
>> Monday, some linux workstations lost the relationship. But you know
>> what? none of my Windows 10 workstations lost the domain relationship!
>>
>> We use pbis en Ubuntu 18.04 and Linux Mint 20 workstations to connect
>> to the domain. I suspect that the change of time was the cause. But
>> even changing the time on those linux workstations first (For some
>> reason ntp didn't work, but this is not the point right now), they
>> didn't connected to the domain! And It was necessary to join again
>> manually (One by one!).
>>
>> This is the smb.conf of a workstation that lost the domain ralationship
>>
>> [global]
>> server string = %h server (Samba, Ubuntu)
>> dns proxy = no
>> log file = /var/log/samba/log.%m
>> max log size = 1000
>> syslog = 0
>> panic action = /usr/share/samba/panic-action %d
>> server role = standalone server
>> obey pam restrictions = yes
>> unix password sync = yes
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\s*\spassword:* %n\n
>> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>> pam password change = yes
>> map to guest = bad user
>> usershare allow guests = yes
>>
>> [printers]
>> comment = All Printers
>> browseable = no
>> path = /var/spool/samba
>> printable = yes
>> create mask = 0700
>>
>> [print$]
>> comment = Printer Drivers
>> path = /var/lib/samba/printers
>>
>
> As we do not produce PBIS, we do not (cannot) provide support for it.
> Also that smb.conf is for a standalone server and, as such, it cannot
> be an AD domain member.
>
> Is winbind running ?
>
> Rowland
>
>
>
More information about the samba
mailing list