On Fri, 2022-02-25 at 11:01 -0600, Patrick Goetz via samba
wrote:>
> On 2/25/22 10:53, Rowland Penny via samba wrote:
> > On Fri, 2022-02-25 at 08:33 -0800, Gregory Sloop via samba wrote:
> > > Dang
> > > It wasn't the library.
> > >
> > > So, details:
> > > Ubuntu 20.04 on the domain member, with 4.15.5 from Louis'
repo.
> > > (DC's are a mix of Ubuntu (2) 18.04 and (1) 20.04 - the
18.04's
> > > are
> > > running the distro Samba and the 20.04 is running Louis'
Samba
> > > package.)
> > >
> > > smb.conf on member
> > >
> > > ---
> > > SERVER ROLE = MEMBER SERVER
> > > workgroup = AD
> > > server string = FileServer
> > > SECURITY = ADS
> > > REALM = AD.SOMEDOMAIN.LOCAL
> > > idmap config * : backend = tdb
> > > idmap config * : range 3000-7999
> > > idmap config AD : backend = rid
> > > idmap config AD : range = 10000-999999
> > > username map = /etc/samba/user.map
> > > winbind enum users = yes
> > > winbind enum groups = yes
> > > passdb backend = tdbsam
> > > wins support = yes
> > > dns proxy = yes
> >
> > This is AD, so why are you running a wins server on your Unix
> > domain
> > member (wins support = yes) ? also I suggest you change 'dns proxy
> > > > yes' to 'dns proxy = no'.
> > Apart from that, there doesn't seem to be anything wrong, so is
> > there a
> > firewall getting in the way ?
> >
>
> Wouldn't a firewall block wbinfo too?
Not necessarily, you could be using port 139 for wbinfo, but winbind
could be using port 445 and this is blocked, it is worth checking.
Providing winbind is running, smb.conf is set up correctly, the winbind
links are installed and /etc/nsswitch.conf is set to use winbind, (all
of which seem to be correct on your machine) you should get users and
groups from AD, so if it isn't working, you need to check other things.
Rowland