> It should work,
> what OS ?
> what is the DC running
> If Samba, post the smb.conf
> Post your smb.conf from the domain member again
> Rowland
Dear Rowland,
In both Samba installed, the version is 4.4.5, rises the Centos7.
We have 2 DC's Samba and fileserver.
If it was missing some information, just ask.
Follows the smb.conf main DC:
[global]
#bind interfaces only = Yes
interfaces = lo eth0
netbios name = SRV14
realm = DOMAIN.LOCAL
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
ntp_signd, kcc, dnsupdate
workgroup = DOMAIN
server role = active directory domain controller
comment =
log file = /var/log/samba/samba.log
log level = 1
max log size = 10000
#
idmap_ldb:use rfc2307 = yes
winbind enum users = yes
winbind enum groups = yes
#
allow dns updates = secure only
nsupdate command = /usr/bin/nsupdate -g
client ldap sasl wrapping = sign
ldap server require strong auth = no
time server = yes
eventlog list = Application System Security SyslogLinux
[netlogon]
path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
Follows the smb.conf the domain member fileserver:
[global]
workgroup = DOMAIN
security = ADS
realm = domain.local
netbios name = SRV16
server string = Samba4 Server
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = Yes
winbind nss info = RFC2307
idmap config * : backend = tdb
idmap config * : range = 2000-9999
idmap config DOMAIN: backend = rid
idmap config DOMAIN: range = 10000-99999
log file = /var/log/samba/samba.log
log level = 9
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
guest account = guest
# MAP AS ADMINISTRATOR IN ROOT UNIX
#username map = /etc/samba/user.map
[data]
comment = Folder data
path = /mnt/data
read only = no
browseable = yes
guest ok=yes
vfs objects = acl_xattr, recycle, shadow_copy2, full_audit
#inherit acls = Yes # NOTE: using acl_xattr turns this on
#inherit permissions = Yes # NOTE: this overides the next two lines
create mask = 0774
directory mask = 0774
# Recycle
recycle:facility = LOCAL1
recycle:priority = NOTICE
recycle:maxsize = 0
recycle:directory_mode = 0774
recycle:subdir_mode = 0774
recycle:keeptree = true
recycle:touch = true
recycle:versions = true
recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.exe, *.bin
recycle:exclude_dir = tmp, temp, cache
# SHADOW COPY / SNAPSHOT
shadow:mountpoint = /mnt/data/
shadow:snapdir = .snapshot
shadow:basedir = /mnt/
shadow:sort = desc
shadow:localtime = yes
shadow:format = @GMT-%Y.%m.%d-%H.%M.%S
# AUDIT FILESERVER
full_audit:prefix = %u|%I|%S|%g
full_audit:success = all
full_audit:failure = all !open
full_audit:facility = local1
full_audit:priority = ALERT