On 10/26/21 7:09 AM, Rowland Penny via samba wrote:> On Tue, 2021-10-26 at 06:54 -0500, K. R. Foley wrote:
>> On 10/26/21 2:28 AM, Rowland Penny via samba wrote:
>>> On Mon, 2021-10-25 at 20:19 -0500, K. R. Foley wrote:
>>>> On 10/25/21 3:18 AM, Rowland Penny via samba wrote:
>>>>> On Sun, 2021-10-24 at 18:21 -0500, K. R. Foley wrote:
>>>>>> I am just getting back to troubleshooting this.
>>>>>>
>>>>>> I do not think that sssd is enabled. In fact I do not
think
>>>>>> it is
>>>>>> even
>>>>>> installed on this system.
>>>>> OK, I have lost track of this, but it looks like you are
>>>>> running
>>>>> Samba
>>>>> as an AD DC. Have you checked that sssd isn't installed
?
>>>> Yes. sssd is not installed.
>>>>
>>>> "rpm -qa | grep sss" returns nothing.
>>>>
>>>>> If it is, remove it along with all the 'sss' in
>>>>> /etc/nsswitch.conf
>>>> Commented all references in nsswitch.conf
>>>>
>>>>> Have you created the libnss-winbind links ? either manually
>>>>> (see
>>>>> here:
>>>>>
https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
>>>> I followed those instructions.
>>>>
>>>> [root at cln-files-prod kr]# ls -lt /lib64/libnss_winbind.so.2
>>>>
>>>> lrwxrwxrwx 1 root root 40 Oct 11 21:21
/lib64/libnss_winbind.so.2
>>>> ->
>>>> /usr/local/samba/lib/libnss_winbind.so.2
>>>> [root at cln-files-prod kr]# ls -lt /lib64/libnss_winbind.so
>>>> lrwxrwxrwx 1 root root 26 Oct 11 21:21 /lib64/libnss_winbind.so
>>>> ->
>>>> /lib64/libnss_winbind.so.2
>>> This is on fedora if I remember correctly, so have you installed
>>> these
>>> packages:
>>>
>>> samba samba-winbind samba-winbind-clients oddjob-mkhomedir
>>>
>>> Rowland
>>>
>> Actually it is
>>
>> CentOS 7
>>
>> Samba 4.11.13 built from source on AD and member server
>>
>> Does the Samba build on the client include everything needed or do I
>> still need to add some package?
> Yes, If you built Samba by './configure && make && make
install' follow
> the wiki, as everything should be in /usr/local/samba.
I built it using the commands above following the wiki to build from source.
- built from source
- AD was migrated from Samba NT4 Domain
- DNS is Bind9 external DNS server
- everything seems to work on the AD
- DNS works from linux Samba member server
- linux Samba member setup following wiki here
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
- joined using "# net ads join -U administrator"
- wbinfo seems to work fine
[root at cln-files-prod kr]# wbinfo --ping-dc
checking the NETLOGON for domain[LOCAL] dc connection to
"ss-prod.local.SAMDOM.com" succeeded
- wbinfo -g lists the domain groups
- wbinfo -u lists the? domain users
- getint passwd tech - tech is a domain user that is not a local user.
This returns nothing on the domain member. Returns expected result on the AD
- getint passwd local\\tech - also does not return anything on the
member server, but works fine on the AD
kr