Denis Morejon
2021-Mar-24 20:30 UTC
[Samba] Linux workstations lose relationship with domain
How can I set computer account expiration time? To avoid expiration?? I think that It must be set in the workstations, as they are who query the password change to DCs. I can do that using policies for Windows workstations. But how can I do that on Linux WorkStations? El 23/3/21 a las 11:08, Rowland penny via samba escribi?:> On 23/03/2021 14:47, Denis Morejon via samba wrote: >> Thank you Rowland! >> >> I have another clue for my problem (The lost of domain relationship). >> The problem began just after the change of time in my country on >> Sunday. I changed the time manually on both domain servers >> >> (They use ntp for the clients to sync with they) and after that, on >> Monday, some linux workstations lost the relationship. But you know >> what? none of my Windows 10 workstations lost the domain relationship! >> >> We use pbis en Ubuntu 18.04 and Linux Mint 20 workstations to connect >> to the domain. I suspect that the change of time was the cause. But >> even changing the time on those linux workstations first (For some >> reason ntp didn't work, but this is not the point right now), they >> didn't connected to the domain! And It was necessary to join again >> manually (One by one!). >> >> This is the smb.conf of a workstation that lost the domain ralationship >> >> [global] >> ??? server string = %h server (Samba, Ubuntu) >> ?? dns proxy = no >> ?? log file = /var/log/samba/log.%m >> ?? max log size = 1000 >> ?? syslog = 0 >> ?? panic action = /usr/share/samba/panic-action %d >> ?? server role = standalone server >> ?? obey pam restrictions = yes >> ?? unix password sync = yes >> ?? passwd program = /usr/bin/passwd %u >> ?? passwd chat = *Enter\snew\s*\spassword:* %n\n >> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . >> ?? pam password change = yes >> ?? map to guest = bad user >> ?? usershare allow guests = yes >> >> [printers] >> ?? comment = All Printers >> ?? browseable = no >> ?? path = /var/spool/samba >> ?? printable = yes >> ?? create mask = 0700 >> >> [print$] >> ?? comment = Printer Drivers >> ?? path = /var/lib/samba/printers >> > > As we do not produce PBIS, we do not (cannot) provide support for it. > Also that smb.conf is for a standalone server and, as such, it cannot > be an AD domain member. > > Is winbind running ? > > Rowland > > >
Rowland penny
2021-Mar-24 20:46 UTC
[Samba] Linux workstations lose relationship with domain
On 24/03/2021 20:30, Denis Morejon via samba wrote:> How can I set computer account expiration time? To avoid expiration?? > > I think that It must be set in the workstations, as they are who query > the password change to DCs. > > I can do that using policies for Windows workstations. But how can I > do that on Linux WorkStations? > >Add 'winbind refresh tickets = yes' to the smb.conf file. Rowland