Web lists-archives.com

Re: [Samba] Listing AD group members




On Mon, 30 Oct 2017 17:32:17 +0000
"A. James Lewis" <james@xxxxxxxxxx> wrote:

> Oh, apologies, I thought you were referring to the fact that I had
> changed your -d0 to -d10 since I was getting no output for 10
> minutes... :)
> 
> smb.conf
> [global]
>    workgroup = DOMAIN
>    security = ADS
>    realm = DOMAIN.LOCAL
> 
>    idmap config *:backend = tdb
>    idmap config *:range = 95000-99999
>    idmap config DOMAIN:backend = rid
>    idmap config DOMAIN:range = 100000-999999
>    
>    winbind trusted domains only = no
>    winbind use default domain = yes
>    winbind refresh tickets = yes
> 
>    template shell = /bin/bash
>    template homedir = /home/%D/%U
> 
> /etc/resolv.conf
> search domain.local
> nameserver 10.x.x.20
> nameserver 10.x.x.21
> nameserver 10.x.x.11
> nameserver 10.x.y.10
> nameserver 10.x.y.20
> nameserver 10.y.x.90
> nameserver 10.y.x.21
> nameserver 10.y.x.90

Are all of the above DCs ?
If not remove any that aren't

> 
> /etc/hosts
> 127.0.0.1	localhost proxy1 proxy2 printer
> 127.0.1.1	hostname.dev.domain.local hostname

Aha, your Unix domain members IP isn't 127.0.1.1, so either change
'127.0.1.1' to its ipaddress, if it has a fixed IP, or remove the line
if it is getting its IP via DHCP.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba