Web lists-archives.com

Re: [Samba] winbind failed to reset devices.list was: samba.service is masked (Debian 9)




On Sun, 13 Jan 2019 14:01:36 +0100
Anton Blau via samba <samba@xxxxxxxxxxxxxxx> wrote:


> >
> > Can you post the contents of the following files:
> >
> > /etc/hostname
> > /etc/hosts
> > /etc/resolv.conf
> 
> Sorry, this is my
> 
> -> smb.conf
> 
> # Global parameters
> [global]
>          netbios name = FILESERVER
>          realm = SMBDOMAIN.DUCK.LOCALLAN
>          workgroup = SMBDOMAIN
>          dns forwarder = 192.168.1.254
>          server role = active directory domain controller
>          idmap_ldb:use rfc2307 = yes
> 
> [netlogon]
>          path = /var/lib/samba/sysvol/smbdomain.duck.locallan/scripts
>          read only = No
> 
> [sysvol]
>          path = /var/lib/samba/sysvol
>          read only = No
> 
> 
> -> /etc/hostname
> 
> fileserver
> 
> -> /etc/hosts
> 
> 127.0.0.1       localhost
> ::1             localhost ip6-localhost ip6-loopback
> ff02::1         ip6-allnodesff02::2         ip6-allrouters
> # --- BEGIN PVE ---
> 192.168.1.220 fileserver.duck fileserver
> # --- END PVE ---

Your realm (which is usually in uppercase) MUST be the same as your DNS
domain.
Your realm is 'SMBDOMAIN.DUCK.LOCALLAN'
Your dns domain is 'duck'

They do not match!

> 
> -> /etc/resolv.conf
> 
> # --- BEGIN PVE ---
> search duck
> nameserver 192.168.1.254
> # --- END PVE ---

This is a DC, it MUST use its own ipaddress as the nameserver, so it
should be:

search duck
nameserver 192.168.1.220

I forgot to ask for the contents of /etc/krb5.conf
It should be this:

[libdefaults]
	default_realm = SAMDOM.EXAMPLE.COM
        dns_lookup_realm = false
        dns_lookup_kdc = true

Where 'SAMDOM.EXAMPLE.COM' is replaced with your realm.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba