[Samba] Domain member?

Joachim Lindenberg samba at lindenberg.one
Mon Oct 25 18:49:41 UTC 2021 

Hello,

I installed a new Ubuntu 20.04 system with Samba 4.14.8 and joined as member.

 

I am now trying to configure pam authentication with winbindd, following https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Testing_the_Winbindd_Connectivity, and am struggling with:

 

root at le:/home/jo# wbinfo --ping-dc

checking the NETLOGON for domain[WORKGROUP] dc connection to "" failed

failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND

 

root at le:/home/jo# net ads info

LDAP server: 192.168.177.19

LDAP server name: cobra.samba.lindenberg.one

Realm: SAMBA.LINDENBERG.ONE

Bind Path: dc=SAMBA,dc=LINDENBERG,dc=ONE

LDAP port: 389

Server time: Mon, 25 Oct 2021 18:36:46 UTC

KDC server: 192.168.177.19

Server time offset: 0

Last machine account password change: Mon, 25 Oct 2021 18:15:42 UTC

 

My smb.conf on that client is:

# Global parameters

[global]

        netbios name = LE

        realm = SAMBA.LINDENBERG.ONE

        workgroup = SAMBA

        security = ADS

        dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool

#        idmap_ldb:use rfc2307 = yes

        disable netbios = yes

        smb encrypt = mandatory

        kerberos method = secrets and keytab

#        winbind refresh tickets = yes

        template shell = /bin/bash

        template homedir = /home/%U

        winbind use default domain = yes

 

systemctl status * ends with:

Oct 25 18:41:18 le smbd[835]:   daemon_ready: daemon 'smbd' finished starting up and ready to serve connections

Oct 25 18:41:27 le smbd[835]: [2021/10/25 18:41:27.256861,  0] ../../source3/libads/kerberos_util.c:73(ads_kinit_password)

Oct 25 18:41:27 le smbd[835]:   kerberos_kinit_password LE$@SAMBA.LINDENBERG.ONE failed: Client not found in Kerberos database

 

Oct 25 18:41:17 le nmbd[731]:   daemon_ready: daemon 'nmbd' finished starting up and ready to serve connections

Oct 25 18:41:40 le nmbd[731]: [2021/10/25 18:41:40.800798,  0] ../../source3/nmbd/nmbd_become_lmb.c:398(become_local_master_st>

Oct 25 18:41:40 le nmbd[731]:   *****

Oct 25 18:41:40 le nmbd[731]:

Oct 25 18:41:40 le nmbd[731]:   Samba name server LE is now a local master browser for workgroup SAMBA on subnet 192.168.176.9

Oct 25 18:41:40 le nmbd[731]:

Oct 25 18:41:40 le nmbd[731]:   *****

 

systemctl status winbindd

Unit winbindd.service could not be found.

 

Why is nmbd active if I ask to disable netbios?

special issue: DC and member are in different subnets.

 

Thanks, Joachim

More information about the samba mailing list