[Samba] Samba share not quite working on Domain Controller
Rowland Penny
rpenny at samba.org
Sun Dec 17 08:10:24 UTC 2023
On Sun, 17 Dec 2023 01:23:29 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:
>
> Since sysvol and netlogin folders didn't crash when I selected their
> Properties > Security, I reasoned there must be something about
> permissions or ownership afoot. Sure enough:
>
> # ls -ld /var/lib/samba/sysvol/
> drwxrwx---+ 3 root 3000000 4096 2023-11-29 21:16
> /var/lib/samba/sysvol/
>
> Both of those directories, created by provisioning, are members of
> group 3000000 which I presume is some administrative group (although
> 'getent group 3000000' on the DC returns nothing, so I'm not sure).
If this was Debian, I would suggest installing libnss-winbind and
libpam-winbind, but as this is slackware, I haven't a clue what the
required package(s) is/are called. However, on Debian the two '.so'
files the package(s) contain are 'libnss_winbind.so.2' and
'pam_winbind.so', installing these and adding 'winbind' to the 'passwd'
& 'group' lines in /etc/nsswitch.conf will get getent to work and the
'3000000' will very probably become 'Domain Admins'
Having to do the above is yet another reason not to use a DC as a
fileserver, all your users will then be able to login into the DC.
Rowland
More information about the samba
mailing list