thr3ads.net - samba - [Samba] clients not connecting to samba shares [Apr 2023]

If this information is useful, please help other people find it:
Share via:

Gary Dale

2023-Apr-11 18:05 UTC

[Samba] clients not connecting to samba shares

On 2023-04-11 10:12, Rowland Penny via samba wrote:>
>
> On 11/04/2023 13:36, Gary Dale via samba wrote:
>> On 2023-04-11 04:15, Rowland Penny via samba wrote:
>>>
>>>
>>> What 'Debian distribution-specific' installation did you
follow ?
>> The one linked to in AD DC wiki.
>
> Where abouts is this link ?
> I checked here:
>
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
>
>
> But couldn't see one.
> If you can supply a link, I will check it it.The link is on that page in the section Installing
Samba.>
>>>
>> OK. Now it passes the DNS test (again):
>>
>>> # host -t SRV _ldap._tcp.home.rahim-dale.org
>>> _ldap._tcp.home.rahim-dale.org has SRV record 0 100 389 
>>> dc1.home.rahim-dale.org.
>> and
>>> # host -t A dc1.home.rahim-dale.org
>>> dc1.home.rahim-dale.org has address 192.168.1.13
>>>
>> But when I use my Windows 10 VM (logged in as HOME\Administrator) to 
>> run Active Directory Users and Computers I get a pop-up saying 
>> "Naming information cannot be located for the following reason:
The
>> server is not operational." It goes on to suggest something about
a
>> service pack & Windows 2000 in relation to the tools....
>>
>> I also have to manually change to the DC1 domain controller to access 
>> the domain accounts.
>>
>> However once I get past that, I seem to be able to manipulate the 
>> domain accounts.
>>
>> Unfortunately I still can't access the shares. I can connect and 
>> disconnect but I can't actually see the files. I get an error
message
>> when I connect that says "Windows cannot access 
>> \\TheLibrarian\Archives\? You do not have permission to access 
>> \\TheLibrarian\Archives\. Contact your network administrator to 
>> request access."
>>
>> The share permissions are:
>>
>>> drwxrwx---+ 39 root HOME\domain admins 4096 Nov 23 16:32 archives
>
> I will say it again, you are using a Samba AD DC as a fileserver, this 
> means that you must set the permissions from a Windows machine and 
> those permissions are stored in an EA, what you see from 'ls' is 
> irrelevant
> I will say this again, you will be better off running a separate 
> fileserver (Unix domain member).That's what I am doing. However the permissions set from Linux are what 
the wiki on setting up file shares says to use.>
>>>
>> while the file permissions are (sample):
>>
>>> # ls -l /home/shares/archives/
>>> total 480
>>>
>> ....
>>
>>> drwxrwx---+ ?12 garydale HOME\domain admins ?4096 Nov ?2 ?2021
?2021
>>> drwxrwx---+ ?15 garydale HOME\domain admins ?4096 Nov 27 11:10
?2022
>>> drwxrwx---+ ?10 garydale HOME\domain admins ?4096 Feb 25 15:30
?2023
>> This is the same whether I am logged in as the Domain Administrator 
>> or myself (also in the Domain Admins group).
>
> If you notice, there is a '+' sign at the end of the permissions,
this
> denotes that there are further permissions that you can read with 
> getfacl, but these are not the ones set from Windows, you need to use 
> 'samba-tool ntacl' to read those.
>
> Rowland
>What is this telling me?
> # samba-tool ntacl get /home/shares/archives
> ???security_descriptor: struct security_descriptor
> ???????revision ????????????????: SECURITY_DESCRIPTOR_REVISION_1 (1)
> ???????type ????????????????????: 0x9004 (36868)
> ??????????????0: SEC_DESC_OWNER_DEFAULTED
> ??????????????0: SEC_DESC_GROUP_DEFAULTED
> ??????????????1: SEC_DESC_DACL_PRESENT
> ??????????????0: SEC_DESC_DACL_DEFAULTED
> ??????????????0: SEC_DESC_SACL_PRESENT
> ??????????????0: SEC_DESC_SACL_DEFAULTED
> ??????????????0: SEC_DESC_DACL_TRUSTED
> ??????????????0: SEC_DESC_SERVER_SECURITY
> ??????????????0: SEC_DESC_DACL_AUTO_INHERIT_REQ
> ??????????????0: SEC_DESC_SACL_AUTO_INHERIT_REQ
> ??????????????0: SEC_DESC_DACL_AUTO_INHERITED
> ??????????????0: SEC_DESC_SACL_AUTO_INHERITED
> ??????????????1: SEC_DESC_DACL_PROTECTED
> ??????????????0: SEC_DESC_SACL_PROTECTED
> ??????????????0: SEC_DESC_RM_CONTROL_VALID
> ??????????????1: SEC_DESC_SELF_RELATIVE
> ???????owner_sid ???????????????: *
> ???????????owner_sid ???????????????: S-1-22-1-1000
> ???????group_sid ???????????????: *
> ???????????group_sid ???????????????: 
> S-1-5-21-337654209-2357861877-656557748-512
> ???????sacl ????????????????????: NULL
> ???????dacl ????????????????????: *
> ???????????dacl: struct security_acl
> ???????????????revision ????????????????: SECURITY_ACL_REVISION_NT4 (2)
> ???????????????size ????????????????????: 0x0098 (152)
> ???????????????num_aces ????????????????: 0x00000006 (6)
> ???????????????aces: ARRAY(6)
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x03 (3)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x03: SEC_ACE_FLAG_VALID_INHERIT (3)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x00000000 (0)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-1-0
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x00 (0)
> ??????????????????????????????0: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0018 (24)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-22-1-1000
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x00 (0)
> ??????????????????????????????0: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0024 (36)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: 
> S-1-5-21-337654209-2357861877-656557748-512
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x0b (11)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x0b: SEC_ACE_FLAG_VALID_INHERIT (11)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-3-0
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x0b (11)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x0b: SEC_ACE_FLAG_VALID_INHERIT (11)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x00000000 (0)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-3-1
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x0b (11)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x0b: SEC_ACE_FLAG_VALID_INHERIT (11)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0018 (24)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-22-2-100
>
Or a folder in the share:
> # samba-tool ntacl get /home/shares/archives/2023
> ???security_descriptor: struct security_descriptor
> ???????revision ????????????????: SECURITY_DESCRIPTOR_REVISION_1 (1)
> ???????type ????????????????????: 0x9004 (36868)
> ??????????????0: SEC_DESC_OWNER_DEFAULTED
> ??????????????0: SEC_DESC_GROUP_DEFAULTED
> ??????????????1: SEC_DESC_DACL_PRESENT
> ??????????????0: SEC_DESC_DACL_DEFAULTED
> ??????????????0: SEC_DESC_SACL_PRESENT
> ??????????????0: SEC_DESC_SACL_DEFAULTED
> ??????????????0: SEC_DESC_DACL_TRUSTED
> ??????????????0: SEC_DESC_SERVER_SECURITY
> ??????????????0: SEC_DESC_DACL_AUTO_INHERIT_REQ
> ??????????????0: SEC_DESC_SACL_AUTO_INHERIT_REQ
> ??????????????0: SEC_DESC_DACL_AUTO_INHERITED
> ??????????????0: SEC_DESC_SACL_AUTO_INHERITED
> ??????????????1: SEC_DESC_DACL_PROTECTED
> ??????????????0: SEC_DESC_SACL_PROTECTED
> ??????????????0: SEC_DESC_RM_CONTROL_VALID
> ??????????????1: SEC_DESC_SELF_RELATIVE
> ???????owner_sid ???????????????: *
> ???????????owner_sid ???????????????: S-1-22-1-1000
> ???????group_sid ???????????????: *
> ???????????group_sid ???????????????: 
> S-1-5-21-337654209-2357861877-656557748-512
> ???????sacl ????????????????????: NULL
> ???????dacl ????????????????????: *
> ???????????dacl: struct security_acl
> ???????????????revision ????????????????: SECURITY_ACL_REVISION_NT4 (2)
> ???????????????size ????????????????????: 0x0098 (152)
> ???????????????num_aces ????????????????: 0x00000006 (6)
> ???????????????aces: ARRAY(6)
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x03 (3)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x03: SEC_ACE_FLAG_VALID_INHERIT (3)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0018 (24)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-22-2-100
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x03 (3)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x03: SEC_ACE_FLAG_VALID_INHERIT (3)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x00000000 (0)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-1-0
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x00 (0)
> ??????????????????????????????0: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0018 (24)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-22-1-1000
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x00 (0)
> ??????????????????????????????0: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0024 (36)
> ???????????????????????access_mask ?????????????: 0x00000000 (0)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: 
> S-1-5-21-337654209-2357861877-656557748-512
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x0b (11)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x0b: SEC_ACE_FLAG_VALID_INHERIT (11)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x001f01ff (2032127)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-3-0
> ???????????????????aces: struct security_ace
> ???????????????????????type ????????????????????: 
> SEC_ACE_TYPE_ACCESS_ALLOWED (0)
> ???????????????????????flags ???????????????????: 0x0b (11)
> ??????????????????????????????1: SEC_ACE_FLAG_OBJECT_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_CONTAINER_INHERIT
> ??????????????????????????????0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
> ??????????????????????????????1: SEC_ACE_FLAG_INHERIT_ONLY
> ??????????????????????????????0: SEC_ACE_FLAG_INHERITED_ACE
> ???????????????????????????0x0b: SEC_ACE_FLAG_VALID_INHERIT (11)
> ??????????????????????????????0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
> ??????????????????????????????0: SEC_ACE_FLAG_FAILED_ACCESS
> ???????????????????????size ????????????????????: 0x0014 (20)
> ???????????????????????access_mask ?????????????: 0x00000000 (0)
> ???????????????????????object ??????????????????: union 
> security_ace_object_ctr(case 0)
> ???????????????????????trustee ?????????????????: S-1-3-1
>I'm maintaining Linux access by owning the folders with my Linux account 
but using the Windows group to allow Windows users to access them. I've 
tried propagating the ownership of the folder I'm most interested in to 
both :HOME\Domain Admins and also :HOME\Domain Users but neither is 
allowing me to see the folders in Windows. Nor can I grab access rights 
through the Windows Properties Security tab on the share.

I get the same results when I follow the letter of the file server wiki 
and set the share ownership to root.

Rowland Penny

2023-Apr-11 19:09 UTC

head link

[Samba] clients not connecting to samba shares

On 11/04/2023 19:05, Gary Dale via samba wrote:
>> I will say it again, you are using a Samba AD DC as a fileserver, this 
>> means that you must set the permissions from a Windows machine and 
>> those permissions are stored in an EA, what you see from 'ls'
is
>> irrelevant
>> I will say this again, you will be better off running a separate 
>> fileserver (Unix domain member).
> That's what I am doing. However the permissions set from Linux are what
> the wiki on setting up file shares says to use.
Are you following this :

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

or this:

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs
> What is this telling me?
It is telling me that you are mixing local Linux users and Domain groups.

>>
> I'm maintaining Linux access by owning the folders with my Linux
account
First mistake.
> but using the Windows group to allow Windows users to access them. I've
> tried propagating the ownership of the folder I'm most interested in to
> both :HOME\Domain Admins and also :HOME\Domain Users but neither is 
> allowing me to see the folders in Windows. Nor can I grab access rights 
> through the Windows Properties Security tab on the share.
> 
> I get the same results when I follow the letter of the file server wiki 
> and set the share ownership to root.
You do not have to believe me or follow what I advise, but if you don't, 
I am finished with this thread.

You do not use local Unix users with AD, you create the required users 
in AD and use those, to prove it, look at this:

rowland at devstation:~$ grep 'rowland' /etc/passwd
rowland at devstation:~$

As you can see, my username isn't in /etc/passwd

So, how does this work ?

rowland at devstation:~$ getent passwd rowland
rowland:*:11104:10513:Rowland Penny:/home/rowland:/bin/bash

Yes, my username etc comes from AD.

I am fairly sure that I have said this, forget most of what you know 
about NT4-style domains, you need to put EVERYTHING into AD.
You only need a few local Unix users (perhaps only one) just in case 
something locally goes wrong and you need to log in and fix it.

You can have multiple DC's for failover, if one DC goes faulty, you can 
easily replace it, without losing the domain.

Rowland

Maybe Matching Threads

Search for more maybe matching threads

samba - Apr 2023 - clients not connecting to samba shares

[Samba] clients not connecting to samba shares

[Samba] clients not connecting to samba shares

Maybe Matching Threads