On 03/02/2021 18:01, Maurizio Caloro wrote:>>> That's different, yes your AD users & groups should be
available. What do
> the following commands show:
>>> net ads testjoin
>>> You will need to run that as root, it should return 'Join is
OK'
> root at SRVCAR010:/shares# net ads testjoin
> Join is OK
>
> root at SRVCAR010:/shares# net ads info
> LDAP server: 192.168.201.105
> LDAP server name: srvcarad003.carag.local
> Realm: CARAG.LOCAL
> Bind Path: dc=CARAG,dc=LOCAL
> LDAP port: 389
> Server time: Wed, 03 Feb 2021 18:51:47 CET KDC server: 192.168.201.105
> Server time offset: 0 Last machine account password change: Wed, 03 Feb
> 2021 17:41:30 CET
>
>>> getent passwd smbadmin
> root at SRVCAR010:/shares# getent passwd smbadmin
> root at SRVCAR010:/shares#
>
>>> getent group Domain\ Users
> root at SRVCAR010:/shares# getent group carag.local\mauriziocaloro
> root at SRVCAR010:/shares#
You have 'winbind use default domain = yes' set, so just use the
commands that I posted, you do not need the Netbios domain prefix (not
that it is what you are using, you are using the dns domain).
Do you have these packages installed:
libpam-winbind libnss-winbind libpam-krb5
Do you have 'winbind' in the 'passwd' & 'group'
lines in
/etc/nsswitch.conf ?
Rowland