Michael Tokarev
2014-Dec-06 19:36 UTC
[Samba] Runnung samba4 as classic domain controller, win7 thinks it is AD
To: Rowland Penny <rowlandpenny at googlemail.com> 06.12.2014 21:47, Rowland Penny wrote: []> Any chance we can see your smb.conf ?Sure, here it is. Somehow I forgot to add it initially, even if planned. Thank you for looking into this. /mjt [global] workgroup = TLS server string = %h samba server %v netbios name = FS netbios aliases = PALTUS LINUX SERVER acl allow execute always = true wins support = yes dns proxy = yes interfaces = 192.168.177.2/26 127.0.0.1/8 bind interfaces only = yes allow hosts = 192.168.177.0/26 127.0.0.0/8 log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 remote browse sync = 192.168.19.1 security = user encrypt passwords = true passdb backend = tdbsam:/var/lib/samba/passdb.tdb obey pam restrictions = yes unix password sync = no pam password change = yes username map = /etc/samba/username.map utmp = yes hostname lookups = yes # temp for win95 lanman auth = yes ########## Domains ########### preferred master = auto domain master = yes local master = yes domain logons = yes os level = 64 # added to try to join a machine to samba4 domain, does not help server role = classic primary domain controller # Location of the user's profile directory logon path = \\%L\%U\Profile # The following setting only takes effect if 'domain logons' is set # It specifies the location of a user's home directory (from the client # point of view) logon drive = H: logon home = \\%L\%U load printers = no printing = bsd ; printcap name = /etc/printcap print command = lpr -h -P%p '%s'; rm -f '%s' map archive = no # map hidden = yes # map system = yes create mask = 0775 directory mask = 0775 host msdfs = yes # unix ext and wide links are incompatible. we need wide links. unix extensions = no wide links = yes #======================= Share Definitions ====================== [homes] comment = Home Directories browseable = no [... other share definitions follow....]> Rowland >
Rowland Penny
2014-Dec-06 20:00 UTC
[Samba] Runnung samba4 as classic domain controller, win7 thinks it is AD
On 06/12/14 19:36, Michael Tokarev wrote:> To: Rowland Penny <rowlandpenny at googlemail.com> > > 06.12.2014 21:47, Rowland Penny wrote: > [] >> Any chance we can see your smb.conf ? > Sure, here it is. Somehow I forgot to add it initially, even if planned. > Thank you for looking into this. > > /mjt > > [global] > workgroup = TLS > server string = %h samba server %v > netbios name = FS > netbios aliases = PALTUS LINUX SERVER > > acl allow execute always = true > > wins support = yes > dns proxy = yes > > interfaces = 192.168.177.2/26 127.0.0.1/8 > bind interfaces only = yes > allow hosts = 192.168.177.0/26 127.0.0.0/8 > > log file = /var/log/samba/log.%m > max log size = 1000 > syslog = 0 > > remote browse sync = 192.168.19.1 > > security = user > encrypt passwords = true > passdb backend = tdbsam:/var/lib/samba/passdb.tdb > obey pam restrictions = yes > unix password sync = no > pam password change = yes > username map = /etc/samba/username.map > utmp = yes > hostname lookups = yes > > # temp for win95 > lanman auth = yes > > ########## Domains ########### > > preferred master = auto > domain master = yes > local master = yes > domain logons = yes > os level = 64 > # added to try to join a machine to samba4 domain, does not help > server role = classic primary domain controller > > # Location of the user's profile directory > logon path = \\%L\%U\Profile > # The following setting only takes effect if 'domain logons' is set > # It specifies the location of a user's home directory (from the client > # point of view) > logon drive = H: > logon home = \\%L\%U > > load printers = no > printing = bsd > ; printcap name = /etc/printcap > print command = lpr -h -P%p '%s'; rm -f '%s' > > map archive = no > # map hidden = yes > # map system = yes > create mask = 0775 > directory mask = 0775 > > host msdfs = yes > > # unix ext and wide links are incompatible. we need wide links. > unix extensions = no > wide links = yes > > #======================= Share Definitions ======================> > [homes] > comment = Home Directories > browseable = no > > [... other share definitions follow....] > > >> Rowland >>OK, I think that 'netbios aliases = PALTUS LINUX SERVER' will give you three extra netbios names, try enclosing PALTUS LINUX SERVER in single quotes i.e. 'PALTUS LINUX SERVER' The following should only be used in a share: acl allow execute always = true map archive = no create mask = 0775 directory mask = 0775 wide links = yes I take it that you realise that '192.168.177.2/26' will only allow 62 clients finally, you have this: unix password sync = no This means that you will not have any connection between the users in samba and the underlying Unix machine. I would suggest that you change your smb.conf and then try again. Rowland
Michael Tokarev
2014-Dec-06 20:40 UTC
[Samba] Runnung samba4 as classic domain controller, win7 thinks it is AD
06.12.2014 23:00, Rowland Penny wrote:> On 06/12/14 19:36, Michael Tokarev wrote:[]> > OK, I think that 'netbios aliases = PALTUS LINUX SERVER' will give you three extra netbios names, try enclosing PALTUS LINUX SERVER in single quotes i.e. 'PALTUS LINUX SERVER'Yes, that's 3 extra bios names. Enclosing them in quotes will make it a single name, which is wrong.> The following should only be used in a share: > > acl allow execute always = true > map archive = no > create mask = 0775 > directory mask = 0775 > wide links = yesYes, these are share-mode parameters. When used in [global] section, these changes global defaults and apply to all shares unless overriden in a share.> I take it that you realise that '192.168.177.2/26' will only allow 62 clientsSure.> finally, you have this: unix password sync = no > This means that you will not have any connection between the users in samba and the underlying Unix machine.Not users but their passwords. When users (or machines) change their windows passwords, they're not propagated to unix password databse, only windows passwords (in tdbsam) are changed.> I would suggest that you change your smb.conf and then try again.Change what, exactly? Unix password sync? Why? Unix passwords are not used by windows. The problem at hand is that a client is unable to, as it seems, find the AD domain controller, but there is no AD domain controller, only NT-style controller... Thanks, /mjt
Reasonably Related Threads
- Runnung samba4 as classic domain controller, win7 thinks it is AD
- Runnung samba4 as classic domain controller, win7 thinks it is AD
- Runnung samba4 as classic domain controller, win7 thinks it is AD
- Runnung samba4 as classic domain controller, win7 thinks it is AD
- Runnung samba4 as classic domain controller, win7 thinks it is AD