[Samba] AD Member setup broken after samba upgrade

Rowland Penny rpenny at samba.org
Tue Apr 5 14:09:05 UTC 2022


On Tue, 2022-04-05 at 15:56 +0200, Thibault Roulet via samba wrote:
> Hi,
> 
> Okay this is pretty weird, it looks fine with the changes you
> proposed 
> in your last mail. Even if I'm pretty sure I tried all possible 
> combinations!
> The joy of trying 1000 conf and never falling on the good one \o/
> 
> Just to answer your propositions:
> 
> >       password server = AD1.DOMAIN.MYDOMAIN.ORG
> > 
> > You should let Samba find the best DC to use.
> 
> Tried to force it after reading it in a (bad?) doc where they said
> it 
> could be a problem
> 
> >       username map script = /bin/echo
> > 
> > No idea why you have that.
> That was a weird fix I found after an issue a few years ago.
> > Finally, is this a typo ?:
> > 
> >       idmap config INTRANET:schema_mode = rfc2307
> yep sorry, had many anonymizing procedures on my conf files before 
> posting it.
> > Did you restart Samba or reload the config after adding the line
> > Louis
> > suggested. If the latter did you run 'net cache flush' ?
> I finally made a script which
> - stop {smbd,winbind,nscd}

I suggest you turn off and remove nscd, it interferes with the winbind
cache.

> - net cache flush
> - nscd -i {hosts,passwd}

If you remove nscd, you will not have to do that again.

> - delete *.tdb files in /var/lib/samba and re-insert machine in AD
> - start {smbd,winbind,nscd}

As you do not seem to be running nmbd, your wins line is even more
useless (if it could be)

Rowland





More information about the samba mailing list