[Samba] gpo client linux sssd does not apply
Rowland Penny
rpenny at samba.org
Tue Apr 18 17:22:16 UTC 2023
On 18/04/2023 18:15, David Mulder via samba wrote:
> I was able to get it to work by setting up a simple smb.conf, and doing
> a `net ads join`. SSSD is still the auth provider.
>
> My simple smb.conf looks like this:
>
> dmulder at dmm-tw:~> cat /etc/samba/smb.conf
> [global]
> idmap config * : backend = tdb
> idmap config * : range = 10000-20000
> idmap config dmm : backend = rid
> idmap config dmm : range = 20001-99999
> kerberos method = secrets and keytab
> security = ADS
> usershare allow guests = No
> workgroup = DMMSUSE
> realm = dmm.suse.de
>
> Then I set `ad_update_samba_machine_account_password = true` in
> /etc/sssd/sssd.conf.
>
> And finally:
>
> sudo kinit Administrator
> sudo net ads join -k
>
> This creates the secrets.tdb for samba, which SSSD will now keep updated
> for samba-gpupdate. Afterward samba-gpupdate is working for me with SSSD.
>
>>
>>
That may work for sssd, but it is never going to work for Samba:
'DMM' != 'DMMSUSE'
Rowland
More information about the samba
mailing list