Hello,
I'm following along with the wiki(Setup a Samba AD Member Server)
and I have a question after reading the 'Set up a basic smb.conf'
section. Do I need to extend the schema in order for my member server to
successfully join and service file shares? Do I need to configure a
krb5.conf file? Thanks.
--
-James
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello James, Am 31.12.2014 um 15:48 schrieb James:> Hello,> > I'm following along with the wiki(Setup a Samba AD Member Server) > and I have a question after reading the 'Set up a basic smb.conf' > section.Please show us your smb.conf Do I need to extend the schema in order for my member server to> successfully join and service file shares?No, you dont have to. Do I need to configure a> krb5.conf file? Thanks.If your DC is a samba4 DC just copy krb5.conf to your new memberserver>Stefan - -- Stefan Kania Landweg 13 25693 St. Michaelisdonn Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre E-Mail. Weiter Informationen unter http://www.gnupg.org Mein Schl?ssel liegt auf hkp://subkeys.pgp.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7 LScAoLDzorUJNDCik4FP9dBUxKCbAbGN =SOSt -----END PGP SIGNATURE-----
Hello Stefan,
Yes I'm using Samba4 as my DC's. I also provisioned my DC's
with
RFC2307.
[global]
netbios name = PFMS1
workgroup = DOMAIN
security = ADS
realm = DOMAIN.LOCAL
encrypt passwords = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
idmap config *:backend = tdb
idmap config *:range = 70001-80000
idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 500-40000
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
[demoshare]
path = /srv/samba/test
read only = no
On 12/31/2014 10:00 AM, Stefan Kania wrote:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello James,
>
> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>> I'm following along with the wiki(Setup a Samba AD Member Server)
>> and I have a question after reading the 'Set up a basic
smb.conf'
>> section.
> Please show us your smb.conf
>
> Do I need to extend the schema in order for my member server to
>> successfully join and service file shares?
> No, you dont have to.
>
> Do I need to configure a
>> krb5.conf file? Thanks.
> If your DC is a samba4 DC just copy krb5.conf to your new memberserver
> Stefan
>
> - --
> Stefan Kania
> Landweg 13
> 25693 St. Michaelisdonn
>
>
> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre
> E-Mail. Weiter Informationen unter http://www.gnupg.org
>
> Mein Schl?ssel liegt auf
>
> hkp://subkeys.pgp.net
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
> =SOSt
> -----END PGP SIGNATURE-----
--
-James
Hello Stefan,
I learned the hard way about .local. I understand going forward.
I do have an issue with the member server. Following along with the wiki
I get stuck at 'Testing the Winbind user/group mapping'. Wbinfo works as
expected but not
#*id DomainUser*
#*getent passwd*
#*getent group*
#*chown DomainUser:DomainGroup file*
#*chgrp DomainGroup file*
etc.
I receive 'id: sambauser: No such user'. It will only retrieve local
machine users. Let me preface by saying this is a Ubuntu 12.04 server
with Samba 4.1.14. Thanks.
On 12/31/2014 10:00 AM, Stefan Kania wrote:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello James,
>
> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>> I'm following along with the wiki(Setup a Samba AD Member Server)
>> and I have a question after reading the 'Set up a basic
smb.conf'
>> section.
> Please show us your smb.conf
>
> Do I need to extend the schema in order for my member server to
>> successfully join and service file shares?
> No, you dont have to.
>
> Do I need to configure a
>> krb5.conf file? Thanks.
> If your DC is a samba4 DC just copy krb5.conf to your new memberserver
> Stefan
>
> - --
> Stefan Kania
> Landweg 13
> 25693 St. Michaelisdonn
>
>
> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre
> E-Mail. Weiter Informationen unter http://www.gnupg.org
>
> Mein Schl?ssel liegt auf
>
> hkp://subkeys.pgp.net
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
> =SOSt
> -----END PGP SIGNATURE-----
--
-James
On 14-12-31 07:00 AM, Stefan Kania wrote:>> Do I need to configure a >> krb5.conf file? Thanks. > If your DC is a samba4 DC just copy krb5.conf to your new memberservercould someone please confirm that this is a good idea? I don't remember seeing it anywhere in the wiki, and I've been spending *way* too much time (re)reading it. cheers! d.