I have just setup samba ver 3.6.23-14 on CentOS 6.6 as a member server
to Windows 2008R2 ADS. Things seem to be working however looking at the
log files there is an error in the log.winbindd-idmap file indicating
that "idmap range not specified for domain SERVER2.
My setup is as follows:
Windows 2008R2 server name is "server"
CentOS hostname is "server2"
Domain name is "testnet"
Also there is a log file with the name of "log.wb-SERVER2" with
various
errors in it
name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED.
name_to_sid: SERVER2\NOBODY for domain SERVER2.
The domain is not SERVER2 rather TESTNET and the log.wb-TESTNET file
looks good. Not sure why it is trying to configure SERVER2 as the domain.
I would appreciate it if someone would give my config a sanity check and
see if there is something not quite right.
nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns winbind
krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = TESTNET.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = yes
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 3600
forwardable = true
krb4_convert = false
}
[domain_realm]
.testnet.local = TESTNET.LOCAL
testnet.local = TESTNET.LOCAL
smb.conf
[global]
workgroup = TESTNET
realm = TESTNET.LOCAL
security = ADS
domain master = no
local master = no
preferred master = no
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072
SO_SNDBUF=131072
use sendfile = true
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind refresh tickets = yes
winbind expand groups = 4
winbind normalize names = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
idmap config * : backend = tdb
idmap config * : range = 2000-9999
idmap config TESTNET : backend = rid
idmap config TESTNET : schema_mode = rfc2307
idmap config TESTNET : range = 10000-99999
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
disable spoolss = yes
server string = Samba Server 2
log level = 3
log file = /var/log/samba/%m
max log size = 25
[common]
comment = Common Files
path = /sharefiles/common
valid users = @"Domain Users"
force group = "Domain Users"
directory mode = 0770
create mode = 0660
force create mode = 0660
browseable = yes
read only = no
