Web lists-archives.com

Re: [Samba] Samba ADS-member-server: FQDNs in /etc/hosts




Am 2017-07-11 um 14:00 schrieb Rowland Penny:

>> template homedir = /home/%U
>>
>> works for me in this context, right?
> 
> That should work.

edited accordingly, and rm-ed that idmap schema line on DM.

I now have on the DM:

[global]
workgroup = BUERO
realm = secret.AT
netbios name = SERVER

security = ADS
map to guest = Bad User
username map = /etc/samba/smbusers

dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes

winbind trusted domains only = no
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes

# Use settings from AD for login shell and home directory
winbind nss info = template
template shell = /usr/sbin/nologin
template homedir = /mnt/samba/Daten/%U

map untrusted to domain = Yes

# Default idmap config used for BUILTIN and local accounts/groups
idmap config *:backend = tdb
idmap config *:range = 2000-9999

# idmap config for domain BUERO
idmap config BUERO:backend = rid
idmap config BUERO:range = 10000-99999

load printers = no
printing = bsd
printcap name = /dev/null

	# turn off roaming profiles
	logon path = ""
	logon home = ""

#hosts allow = localhost 192.168.16. 172.32.99.

log level = 3

----

Restarted winbind, did "killall -HUP" on smbd and nmbd.

still can't login to DM via smbclient and that mentioned user.

I assume I need to restart all the smbd daemons ... ?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba