On 1/5/2015 3:19 AM, Rowland Penny wrote:
Hi, your sssd.conf shows that your domain name is 'netserver02.harvey.net' and RSAT shows the NIS domain to be 'harvey', so could 'netserver02' be the hostname of the machine and 'harvey.net' is the domain name ?
Could you please also post your smb.conf
Rowland
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
Thank you for getting back. The NIS name cannot be changed in Active Directory at least not in the menu. It seems I remember reading the the nis name should be domain name not harvey.net.
Contents of smb.conf: ------------------------------------------------------------------------------------- # Global parameters [global] workgroup = HARVEY realm = HARVEY.NET netbios name = NETSERVER02 server string = Samba PDC Harvey House server role = active directory domain controller dns forwarder = 192.168.1.1 # allow dns updates = nonsecure server services = +dns, +dnsupdate # idmap_ldb:use rfc2307 = yes # # From #https://wiki.archlinux.org/index.php/Active_Directory_Integration # # encrypt passwords = yes # password server = netserver02.harvey.net # # idmap config * : backend = rid # idmap config * : range = 10000-20000 # # winbind use default domain = Yes # winbind enum users = Yes # winbind enum groups = Yes # winbind nested groups = Yes # winbind separator = + # winbind refresh tickets = yes # template shell = /bin/bash template homedir = /home/%D/%U # #preferred master = no #dns proxy = no #wins server = netserver02.harvey.net #wins proxy = no # #inherit acls = Yes #map acl inherit = Yes #acl group control = yes # # End From # #acl map full control = True #acl group control = yes # # Controlling Access Control list, the way windows does # For member domain controllers only # #vfs objects = acl_xattr #map acl inherit = Yes #store dos attributes = Yes # # # this tells Samba to use a separate log file for each machine # that connects #log file = /var/samba/log/log.%m # Put a capping on the size of the log files (in Kb). # log level = 3 max log size = 1000 log file = /var/samba/log/%m.log # hosts allow = 192.168.1.0/26 192.168.1.64/26 192.168.1.128/26 127.0.0.1 hosts deny = 0.0.0.0/0 # Note this will have to remain because authentication # does not work with sssd yet service principle not recgonice etc.. # this seems to work for a semi manual approach for synchronize password # with the local account on this server unix password sync = Yes # passwd chat etc.. does not seem to be needed in this setup This server is the Active directory it's not #clear what is making it work sssd is not requied # it function I have cycled smamb4 service off/on to make sure it's the setttings have been updated # passwd program = /usr/bin/passwd %u # passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # [netlogon] path = /usr/local/samba/var/locks/sysvol/harvey.net/scripts read only = No
[sysvol] path = /usr/local/samba/var/locks/sysvol read only = No
#============================ Share Definitions ============================== -------------------------------------