Re: [Samba] Regular users can't log in to Samba AD DC from Windows
- Date: Mon, 6 Feb 2017 11:11:09 +0200
- From: Alnis Morics via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Regular users can't log in to Samba AD DC from Windows
Thank you, Rowland, for the reply.
On 02/06/2017 10:44, Rowland Penny via samba wrote:
On Mon, 6 Feb 2017 10:07:18 +0200
Alnis Morics via samba <samba@xxxxxxxxxxxxxxx> wrote:
I continue setting up my FreeBSD 11.0 machine with Samba 4.4.9 built
from sources. (Actually, OS type and Samba version don't matter so
much, as I have the same problem with Debian Jessie and Samba 4.5.5)
I followed the Wiki very close. Some details from provisioning:
Did you run the provision command like this:
samba-tool domain provision --use-rfc2307 --interactive
path = /samba-share
read only = no
Have you set up the libnnss_winbind links ?
ln -s /usr/local/samba/lib/nss_winbind.so.1 /usr/local/lib/nss/
ln -s /usr/local/samba/lib/nss_winbind.so.1
And the nss tests as per Wiki seem to pass:
checking the NETLOGON for domain[RW] dc connection to
# getent passwd Administrator
# getent passwd user1
# getent group "Domain Users"
# touch testfile
# ll testfile
-rw-r--r-- 1 root wheel 0 Jan 28 19:25 testfile
# chown user1:"domain users" testfile
# ll testfile
-rw-r--r-- 1 RW\user1 staff 0 Jan 28 19:25 testfile
Only I would expect that a regular users' GID numbers are not within
0-1000, but I don't know.
Next, I successfully joined a Windows 10 Enterprise machine and
logged in as a domain administrator. I can access the file share,
write to it, set Windows permissions.
But when I open ADUC and click a user properties, I only have 5 tabs
there (Environment, Sessions, Remote control, Remote Desktop Service
Profile, COM+), and I can't add any other user. Windows just says
nothing but from Samba logs I see something like this:
This is a windows 10 problem, do a search on 'windows 10 missing tabs'
To unsubscribe from this list go to the following URL and read the