On Tue, 2021-10-26 at 07:31 -0500, K. R. Foley wrote:> On 10/26/21 7:09 AM, Rowland Penny via samba wrote:
> > On Tue, 2021-10-26 at 06:54 -0500, K. R. Foley wrote:
> > > On 10/26/21 2:28 AM, Rowland Penny via samba wrote:
> > > > On Mon, 2021-10-25 at 20:19 -0500, K. R. Foley wrote:
> > > > > On 10/25/21 3:18 AM, Rowland Penny via samba wrote:
> > > > > > On Sun, 2021-10-24 at 18:21 -0500, K. R. Foley
wrote:
> > > > > > > I am just getting back to troubleshooting
this.
> > > > > > > 
> > > > > > > I do not think that sssd is enabled. In fact
I do not
> > > > > > > think
> > > > > > > it is
> > > > > > > even
> > > > > > > installed on this system.
> > > > > > OK, I have lost track of this, but it looks like
you are
> > > > > > running
> > > > > > Samba
> > > > > > as an AD DC. Have you checked that sssd isn't
installed ?
> > > > > Yes. sssd is not installed.
> > > > > 
> > > > > "rpm -qa | grep sss" returns nothing.
> > > > > 
> > > > > > If it is, remove it along with all the
'sss' in
> > > > > > /etc/nsswitch.conf
> > > > > Commented all references in nsswitch.conf
> > > > > 
> > > > > > Have you created the libnss-winbind links ? either
manually
> > > > > > (see
> > > > > > here:
> > > > > >
https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
> > > > > I followed those instructions.
> > > > > 
> > > > > [root at cln-files-prod kr]# ls -lt
/lib64/libnss_winbind.so.2
> > > > > 
> > > > > lrwxrwxrwx 1 root root 40 Oct 11 21:21
> > > > > /lib64/libnss_winbind.so.2
> > > > > ->
> > > > > /usr/local/samba/lib/libnss_winbind.so.2
> > > > > [root at cln-files-prod kr]# ls -lt
/lib64/libnss_winbind.so
> > > > > lrwxrwxrwx 1 root root 26 Oct 11 21:21
> > > > > /lib64/libnss_winbind.so
> > > > > ->
> > > > > /lib64/libnss_winbind.so.2
> > > > This is on fedora if I remember correctly, so have you
> > > > installed
> > > > these
> > > > packages:
> > > > 
> > > > samba samba-winbind samba-winbind-clients oddjob-mkhomedir
> > > > 
> > > > Rowland
> > > > 
> > > Actually it is
> > > 
> > > CentOS 7
> > > 
> > > Samba 4.11.13 built from source  on AD and member server
> > > 
> > > Does the Samba build on the client include everything needed or
> > > do I
> > > still need to add some package?
> > Yes, If you built Samba by './configure && make &&
make install'
> > follow
> > the wiki, as everything should be in /usr/local/samba.
> 
> I built it using the commands above following the wiki to build from
> source.
> 
> - built from source
> 
> - AD was migrated from Samba NT4 Domain
> 
> - DNS is Bind9 external DNS server
> 
> - everything seems to work on the AD
> 
> - DNS works from linux Samba member server
> 
> - linux Samba member setup following wiki here 
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
> 
> - joined using "# net ads join -U administrator"
> 
> - wbinfo seems to work fine
> 
> [root at cln-files-prod kr]# wbinfo --ping-dc
> checking the NETLOGON for domain[LOCAL] dc connection to 
> "ss-prod.local.SAMDOM.com" succeeded
> 
> - wbinfo -g lists the domain groups
> 
> - wbinfo -u lists the  domain users
> 
> - getint passwd tech - tech is a domain user that is not a local
> user. 
> This returns nothing on the domain member. Returns expected result on
> the AD
> 
> - getint passwd local\\tech - also does not return anything on the 
> member server, but works fine on the AD
> 
> kr
Please post the output of 'testparm -s' run on the Unix domain member
Rowland