Re: [Samba] unable to mount nfs4v over krb5 after samba upgrade.
- Date: Mon, 17 Dec 2018 10:02:55 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] unable to mount nfs4v over krb5 after samba upgrade.
On Mon, 17 Dec 2018 13:22:49 +0530
VigneshDhanraj G <vigneshdhanraj.g@xxxxxxxxx> wrote:
> Hi Rowland,
> Still issue persists, i have removed passdb backend option from my smb
> config. i haven't found any passdb.tdb file in private folder. i only
> see smbpasswd file. whether passwd.tdb file will create automatically?
> I have created one more setup with samba 4.7 installed to check there
> is issue in my environment, everything works fine there.
> Whats the change causing this problem, i guess definitely samba
> upgrade causing issue, not my environment.
> Please help me out.
Certainly, which way did you come in ? ;-)
I take it you now have a smb.conf that looks similar to this:
netbios name= viky
idmap config *: backend= tdb
idmap config *: range= 10000000-19999999
idmap config VIKY: backend= rid
idmap config VIKY: range = 5000-9999999
dns proxy= no
template shell= /bin/sh
dedicated keytab file = /etc/krb5.keytab
kerberos method= secrets and keytab
map to guest= Bad User
printcap name= lpstat
max smbd processes= 500
use sendfile= yes
max log size= 50
state directory= /mnt/system/samba/system
ntlm auth= Yes
winbind expand groups= 1
winbind refresh tickets = Yes
vfs objects = acl_xattr
map acl inherit = Yes
I can see one potential problem, your workgroup name is the same as
your netbios name, You will have two domains (not counting the '*'
domain), a local domain and an active directory domain, they cannot
have the same name. For an example, if I run 'net getdomainsid' on a
Unix domain member, I get this:
rowland@devstation:~$ sudo net getdomainsid
SID for local machine DEVSTATION is: S-1-5-21-1108792384-1865707183-3144552696
SID for domain SAMDOM is: S-1-5-21-1768301897-3342589593-1064908849
What is your actual AD domain name ?
If it is 'VIKY', I would leave the AD domain, rename your client and
then join again.
To unsubscribe from this list go to the following URL and read the