Web lists-archives.com

Re: [Samba] Winbind error "Could not fetch our SID - did we join?"




On 2017-11-13 14:55, Rowland Penny wrote:
> On Mon, 13 Nov 2017 14:32:11 +0100
> Sven Schwedas via samba <samba@xxxxxxxxxxxxxxx> wrote:
> 
>> Making no additional changes to the configuration, using "net ads
>> join" instead of "samba-tool domain join" immediately worked. I'd be
>> really curious where's the difference between the two and why
>> samba-tool pretends to not have run into any errors…
>>
> 
> This is the first time you mentioned that you used samba-tool to join
> the Unix domain member to the domain.

Yeah, brain fart on my part, I figured I had it in the attachment file
name in my first email, but I just realized I named it too ambiguously.

> Did you read this Samba wikipage:

No, I foolishly assumed that manpages would suffice.

> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Joining_the_Domain
> 
> If you did, did you entirely miss the big fat warning in the middle of
> the page ???
> 
> The one that says:
> 
> Do not provision or join a domain member using the samba-tool utility.
> These options are unsupported and can cause problems with your AD
> replication.

Sounds like something that should be added to the samba-tool manpage /
--help output. I'll try to make a pull request later this week…

> PS, your configs are still wrong.

It would be *really* helpful if you explained *why*. Sprinkling magic
pixie dust over random config files isn't exactly purposeful debugging.

-- 
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
Mail/XMPP sven.schwedas@xxxxxx | Skype sven.schwedas
TAO Digital | Lendplatz 45 | A8020 Graz
https://www.tao-digital.at | Tel +43 680 301 7167

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba