Lin Pro
2017-Feb-21 19:26 UTC
[Samba] Setting Win ACLs via Comp Managment, connection to Member Server warning
When checking on the UNIX attributes of the Domain Admins group I get the warning "Unwilling to perform" Is this something I should resolve first? Lin
Rowland Penny
2017-Feb-21 19:32 UTC
[Samba] Setting Win ACLs via Comp Managment, connection to Member Server warning
On Tue, 21 Feb 2017 13:26:17 -0600 Lin Pro <linforpros at gmail.com> wrote:> When checking on the UNIX attributes of the Domain Admins group I get > the warning "Unwilling to perform" > Is this something I should resolve first? > > LinSounds like it, please post: /etc/hosts /etc/hostname /etc/resolv.conf /etc/krb5.conf smb.conf I take it the 2012R2 machine is the only DC in the domain. Rowland
Lin Pro
2017-Feb-21 20:58 UTC
[Samba] Setting Win ACLs via Comp Managment, connection to Member Server warning
Here are ADDC files you requested to help me out:
++++++++++
/etc/hostname:dc1
/etc/hosts:127.0.0.1 localhost
/etc/hosts:192.168.0.31 dc1.siouxfalls.samdom.org dc1
/etc/hosts:
/etc/krb5.conf:[libdefaults]
/etc/krb5.conf: default_realm = ${REALM}
/etc/krb5.conf: dns_lookup_realm = false
/etc/krb5.conf: dns_lookup_kdc = true
/etc/resolv.conf:nameserver 192.168.0.31
/etc/resolv.conf:search siouxfalls.samdom.org
/etc/samba/smb.conf:[global]
/etc/samba/smb.conf: workgroup = SIOUXFALLS
/etc/samba/smb.conf: realm = SIOUXFALLS.SAMDOM.ORG
/etc/samba/smb.conf: netbios name = DC1
/etc/samba/smb.conf: server role = active directory domain controller
/etc/samba/smb.conf: dns forwarder = 24.220.0.10
/etc/samba/smb.conf: idmap_ldb:use rfc2307 = yes
/etc/samba/smb.conf: bind interfaces only = yes
/etc/samba/smb.conf: interfaces = lo ens3
/etc/samba/smb.conf:[netlogon]
/etc/samba/smb.conf: path = /var/lib/samba/sysvol/siouxfalls.samdom.org/scri$
/etc/samba/smb.conf: read only = No
/etc/samba/smb.conf:
/etc/samba/smb.conf:[sysvol]
/etc/samba/smb.conf: path = /var/lib/samba/sysvol
/etc/samba/smb.conf: read only = No
++++++++++++++
and here is the Domain Member set of files:
/etc/hostname:ubuntu-dm1
/etc/hosts:127.0.0.1 localhost
/etc/hosts:192.168.0.34 ubuntu-dm1.siouxfalls.samdom.org ubuntu-dm1
/etc/hosts:
/etc/hosts:::1 ip6-localhost ip6-loopback
/etc/hosts:fe00::0 ip6-localnet
/etc/hosts:ff00::0 ip6-mcastprefix
/etc/hosts:ff02::1 ip6-allnodes
/etc/hosts:ff02::2 ip6-allrouters
/etc/hosts:ff02::3 ip6-allhosts
/etc/krb5.conf:[libdefaults]
/etc/krb5.conf: default_realm = SIOUXFALLS.SAMDOM.ORG
/etc/krb5.conf: dns_lookup_realm = false
/etc/krb5.conf: dns_lookup_kdc = true
/etc/krb5.conf:[realms]
/etc/krb5.conf: SIOUXFALLS.SAMDOM.ORG = {
/etc/krb5.conf: kdc = DC1
/etc/krb5.conf: admin_server = DC1.SIOUXFALLS.SAMDOM.ORG
/etc/krb5.conf: }
/etc/krb5.conf:[login]
/etc/krb5.conf: krb4_convert = true
/etc/krb5.conf: krb4_get_tickets = false
/etc/krb5.conf:
/etc/resolv.conf:nameserver 192.168.0.31
/etc/resolv.conf:search siouxfalls.samdom.org
/etc/samba/smb.conf:[global]
/etc/samba/smb.conf: security = ADS
/etc/samba/smb.conf: workgroup = SIOUXFALLS
/etc/samba/smb.conf: realm = SIOUXFALLS.SAMDOM.ORG
/etc/samba/smb.conf: netbios name = UBUNTU-DM1
/etc/samba/smb.conf: server role = member server
/etc/samba/smb.conf: log file = /var/log/samba/%m.log
/etc/samba/smb.conf: log level = 1
/etc/samba/smb.conf: idmap config * : backend = tdb
/etc/samba/smb.conf: idmap config * : range = 3000-7999
/etc/samba/smb.conf: idmap config SIOUXFALLS:backend = ad
/etc/samba/smb.conf: idmap config SIOUXFALLS:schema_mode = rfc2307
/etc/samba/smb.conf: idmap config SIOUXFALLS:range = 10000-999999
/etc/samba/smb.conf: winbind nss info = rfc2307
/etc/samba/smb.conf:
/etc/samba/smb.conf:winbind separator = +
/etc/samba/smb.conf:winbind enum users = yes
/etc/samba/smb.conf:winbind enum groups = yes
/etc/samba/smb.conf:winbind use default domain = yes
/etc/samba/smb.conf:
/etc/samba/smb.conf:[TGrassShare]
/etc/samba/smb.conf:path = /srv/samba/TGrassShare
/etc/samba/smb.conf:read only = no
/etc/samba/smb.conf:
/etc/samba/smb.conf:[eACLshare]
/etc/samba/smb.conf:path = /srv/samba/eACLshare
/etc/samba/smb.conf:read only = no
/etc/samba/smb.conf:vfs objects = acl_xattr
/etc/samba/smb.conf:map acl inherit = yes
/etc/samba/smb.conf:store dos attributes = yes
/etc/samba/smb.conf:
/etc/samba/smb.conf:[users]
/etc/samba/smb.conf: path = /srv/samba/users/
/etc/samba/smb.conf: read only = no
/etc/samba/smb.conf: force create mode = 0600
/etc/samba/smb.conf: force directory mode = 0700
At this moment I am only concerned with eACLshare share. It just does
not work as instructed on the wiki
Lin