JB
2016-Aug-04 11:08 UTC
[Samba] Migration from samba3 to samba4 : PDC doesn't not appear in network
Rowland Penny a écrit :> On Thu, 4 Aug 2016 12:12:42 +0200 > JB <jb at eikeo.com> wrote: > >> Hello, >> >> I'm trying to migrate an old PDC controller running samba >> 3.0.4 to a more decent server. Now, I use samba 4.2.10 (from >> debian/jessie). >> >> My smb.conf is : >> >> # Global parameters >> [global] >> workgroup = CABINET >> realm = SYSTELLA.NET >> netbios name = CERVANTES >> server role = active directory domain controller >> security = user >> encrypt passwords = yes >> dns forwarder = 192.168.4.254 >> idmap_ldb:use rfc2307 = yes >> server string = %h server >> domain master = yes >> local master = yes >> domain logons = yes >> os level = 65 >> logon path = \\%N\home\profile >> logon drive = Z: >> logon home = \\%N\home >> logon script = netlogon.cmd >> interfaces = 192.168.0.0/24 lo >> hosts allow = 192.168.0., 127.0.0. >> bind interfaces only = yes >> unix password sync = yes >> passwd program = /usr/bin/passwd %u >> passwd chat = *Enter\snew\s*\spassword:* %n\n >> *Retype\snew\s*\spassword:* %n\n >> *password\supdated\ssuccessfully* . pam password change = yes >> vfs objects = acl_xattr >> map acl inherit = yes >> store dos attributes = yes >> winbind nss info = rfc2307 >> winbind trusted domains only = no >> winbind use default domain = yes >> winbind enum users = yes >> winbind enum groups = yes >> log file = /var/log/samba/log.%m >> max log size = 50 >> >> [netlogon] >> comment = Network Logon Service >> guest ok = yes >> path = /var/lib/samba/sysvol/systella.net/scripts >> read only = yes >> >> [sysvol] >> path = /var/lib/samba/sysvol >> read only = yes >> >> [home] >> comment = Répertoire privé >> path = /home/%u >> create mask = 0700 >> directory mask = 0700 >> browseable = yes >> writeable = yes >> >> [partage] >> comment = Répertoire partagé >> path = /home/partage >> force create mode = 0666 >> force directory mode = 0777 >> writable = yes >> browseable = yes >> >> [visiodent] >> comment = Visiodent >> path = /home/visiodent >> force create mode = 0666 >> force directory mode = 0777 >> writable = yes >> browseable = yes >> >> and samba seems to be a active directory server. I have added without >> error a workstation in this new domain. But I don't see controller in >> network windows (I have tried from Windows XP). If I mannually run >> >> net use X: \\cervantes\visiodent >> >> I can add X: disk and all files from X: are browsable. >> >> As server is not browsable, netlogon doesn't work as expected (I can >> manually launch netlogon.cmd after successfully login). >> >> I suppose I have done a mistake... >> >> Any idea ? >> >> Best regards, >> >> JB >> > > > Hi > > You now have a DC, your old domain used a PDC, in AD all DCs are > supposed to be equal and to refer to the first DC as a PDC is confusing. > > Can I suggest you remove most of the lines that you have added to the > [global] section, they are not required on a DC or are even making > things worse. > > I hope the test workstation is just that, because it will now never > see the PDC again without re-installing the OS. > > Finally, there is no network browsing with a Samba AD DC, AD works > differently to your old NT4-style domain. > > Can I suggest your go and browse the Samba wiki: > > https://wiki.samba.org/index.php/Main_Page >I have installed my DC with this wiki. But I don't see what lines I can remove from my global section. Of course, before posting here, I have read PDC to DC migration process. I would keep something like roaming profiles and execute netlogon.cmd. Best regards, JB
Rowland Penny
2016-Aug-04 11:22 UTC
[Samba] Migration from samba3 to samba4 : PDC doesn't not appear in network
On Thu, 4 Aug 2016 13:08:30 +0200 JB <jb at eikeo.com> wrote:> > I have installed my DC with this wiki. But I don't see what > lines I can remove from my global section.Try starting with the [global] section that the upgrade produced.> Of course, before posting > here, I have read PDC to DC migration process. > > I would keep something like roaming profiles and execute > netlogon.cmd.See here for roaming profiles: https://wiki.samba.org/index.php/Implementing_roaming_profiles You will probably be better off using a GPO to set logon scripts, see windows documentation for how to do this. AD works differently to an NT4-style PDC. Rowland> > Best regards, > > JB > >
JB
2016-Aug-04 15:07 UTC
[Samba] Migration from samba3 to samba4 : PDC doesn't not appear in network
Rowland Penny a écrit :> On Thu, 4 Aug 2016 13:08:30 +0200 > JB <jb at eikeo.com> wrote: > > >> >> I have installed my DC with this wiki. But I don't see what >> lines I can remove from my global section. > > Try starting with the [global] section that the upgrade produced. > >> Of course, before posting >> here, I have read PDC to DC migration process. >> >> I would keep something like roaming profiles and execute >> netlogon.cmd. > > See here for roaming profiles: > > https://wiki.samba.org/index.php/Implementing_roaming_profiles > > You will probably be better off using a GPO to set logon scripts, see > windows documentation for how to do this.OK. I have used dsa.msc to add roaming profiles but it doesn't work as expected. I have set : Profile path : \\cervantes\home\profile Netlogon : \\cervantes\netlogon\netlogon.cmd Home folder : Connect Z: \\cervantes\home \\cervantes\home is now automatically mounted in Z: when user starts a new connection. But netlogon is not executed and Windows says that it cannot find roaming profile. If I open a CMD window, I can launch \\cervantes\netlogon\netlogon.cmd without any error. And \\cervantes\home\profile contains a valid roaming profile. Best regards, JB> >