Is anyone using Rocky Linux or AlmaLinux or RHEL 8.8 as a Samba Domain Member joined to a Samba Active Directory Domain? realm list returns : ad.example.com type: kerberos realm-name: AD.EXAMPLE.COM domain-name: ad.example.com configured: kerberos-member server-software: active-directory client-software: winbind required-package: oddjob-mkhomedir required-package: oddjob required-package: samba-winbind-clients required-package: samba-winbind required-package: samba-common-tools login-formats: %U login-policy: allow-any-login /etc/nsswitch.conf passwd: files winbind systemd group: files winbind systemd Thanks, Dale
It works for us with Rocky Linux 8.8 and Samba 4.17.5. DCs are Samba 4.18.2. Looking at your conf I see this: I do _not_ have this: idmap config DOMAIN:unix_primary_group = yes I have and you don't: disable netbios = yes smb ports = 445 server min protocol = SMB2 client min protocol = SMB2 Different: kerberos method = secrets and keytab And this is deprecated: winbind nss info = rfc2307 see here: wiki.samba.org/index.php/Idmap_config_ad Maybe some things to try. I know another "it works for me" is not always helpful... Regards Christian Am Mittwoch, dem 31.05.2023 um 10:12 -0300 schrieb Dale Renton via samba:> Is anyone using Rocky Linux or AlmaLinux or RHEL 8.8 as a Samba Domain > Member joined to a Samba Active Directory Domain? > > realm list returns : > ad.example.com > ? type: kerberos > ? realm-name: AD.EXAMPLE.COM > ? domain-name: ad.example.com > ? configured: kerberos-member > ? server-software: active-directory > ? client-software: winbind > ? required-package: oddjob-mkhomedir > ? required-package: oddjob > ? required-package: samba-winbind-clients > ? required-package: samba-winbind > ? required-package: samba-common-tools > ? login-formats: %U > ? login-policy: allow-any-login > > /etc/nsswitch.conf > passwd:???? files winbind systemd > group:????? files winbind systemd > > Thanks, > Dale-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: <lists.samba.org/pipermail/samba/attachments/20230531/2f0bf32c/signature.sig>