Web lists-archives.com

Re: [Samba] Samba 4.6.5 Active Directory on CentOS




On Mon, 10 Jul 2017 15:26:01 +0200
Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Mandi! Rowland Penny via samba
>   In chel di` si favelave...
> 
> [Sorry for that late post... i was very busy on other things!]
> 
> > The howto also doesn't tell you that, on a DC, the
> > 'unixHomeDirectory' and 'loginShell' attributes are ignored. Once
> > you have 'getent' working, you will find that all your users have
> > their Unix home directories set to '/home/DOMAIN/username' and
> > their shell will be '/bin/false', see here for how to fix this:
> > https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
> 
> A-HA!
> 
> This is exactly my experience in migrating from NT to AD mode the
> domain, and finally i've switched to sssd to have home and shell
> correctly working (eg, rfc2307 data).

You don't have to use sssd, you can use the template lines, but it does
mean that you have to use the same settings for all users.
 
> 
> 
> > Finally, [homes] doesn't work on a DC, see here:
> > https://wiki.samba.org/index.php/User_Home_Folders
> 
> Uh. So, practically speaking, migrating an existing domain from NT do
> AD pose me the need to modify substantially the overral samba
> configuration, or split the server's domain in two, one running the DC
> and other as members?
> 

Using two computers is the recommended way of doing it, but you can use
a DC as a fileserver, you just have to know the limitations.

Rowland
 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba