Re: [Samba] Samba as AD controller and local auth
- Date: Sun, 19 May 2019 09:59:36 +0100
- From: Rowland penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Samba as AD controller and local auth
On 19/05/2019 09:27, David Puffer via samba wrote:
I have been breaking my head about this for several days now - what seems to be something “easy” to do (or at least I suppose others would also encounter this problem) simply does not work: I am running a Samba Active Directory Domain Controller on my Synology NAS.
How did you create the AD DC ?
Did you provision it ?
Since I installed and set up the AD DC, local user authentication for shares is not working anymore.
Define 'local user authentication'
Before: Simple Samba shares with authentication against local samba users -> worked
Sounds like it was a standalone server
Now here is the thing, it is now an AD DC, so any user that connects
will need to be a Domain user.
After: Only domain user authentication works.
The global section of smb.conf:
include = /var/packages/ActiveDirectoryServer/conf/etc/smb.tls.conf
printcap name = cups
winbind enum groups = yes
include = /var/tmp/nginx/smb.netbios.aliases.conf
workgroup = <MYDOMAIN>
server services = rpc,nbt,wrepl,ldap,cldap,kdc,drepl,ntp_signd,kcc,dnsupdate
local master = no
realm = <FQDN_IF_MYDOMAIN>
netbios name = SYNOLOGY
private dir = /var/packages/ActiveDirectoryServer/target/private
server role = active directory domain controller
printing = cups
max protocol = SMB2
winbind enum users = yes
load printers = yes
log level = 10
Why have you mangled your smb.conf, for instance, what is in
Are you aware that there is no network browsing with a Samba AD DC ?
Fix your smb.conf, understand that your users will now need to be stored
in AD and you should get things to work.
To unsubscribe from this list go to the following URL and read the