On 1/5/2015 3:19 AM, Rowland Penny wrote:
Hi, your sssd.conf shows that your domain name is
'netserver02.harvey.net' and RSAT shows the NIS domain to be 'harvey',
so could 'netserver02' be the hostname of the machine and 'harvey.net'
is the domain name ?
Could you please also post your smb.conf
Rowland
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
Thank you for getting back.
The NIS name cannot be changed in Active Directory at least not in the menu.
It seems I remember reading the the nis name should be domain name not
harvey.net.
Contents of smb.conf:
-------------------------------------------------------------------------------------
# Global parameters
[global]
workgroup = HARVEY
realm =
HARVEY.NET
netbios name = NETSERVER02
server string = Samba PDC Harvey House
server role = active directory domain controller
dns forwarder = 192.168.1.1
#
allow dns updates = nonsecure
server services = +dns, +dnsupdate
#
idmap_ldb:use rfc2307 = yes
#
# From
#https://wiki.archlinux.org/index.php/Active_Directory_Integration
#
# encrypt passwords = yes
# password server =
netserver02.harvey.net
#
# idmap config * : backend = rid
# idmap config * : range = 10000-20000
#
# winbind use default domain = Yes
# winbind enum users = Yes
# winbind enum groups = Yes
# winbind nested groups = Yes
# winbind separator = +
# winbind refresh tickets = yes
#
template shell = /bin/bash
template homedir = /home/%D/%U
#
#preferred master = no
#dns proxy = no
#wins server =
netserver02.harvey.net
#wins proxy = no
#
#inherit acls = Yes
#map acl inherit = Yes
#acl group control = yes
#
# End From
#
#acl map full control = True
#acl group control = yes
#
# Controlling Access Control list, the way windows does
# For member domain controllers only
#
#vfs objects = acl_xattr
#map acl inherit = Yes
#store dos attributes = Yes
#
#
# this tells Samba to use a separate log file for each machine
# that connects
#log file = /var/samba/log/log.%m
# Put a capping on the size of the log files (in Kb).
#
log level = 3
max log size = 1000
log file = /var/samba/log/%m.log
#
hosts allow = 192.168.1.0/26 192.168.1.64/26 192.168.1.128/26 127.0.0.1
hosts deny = 0.0.0.0/0
# Note this will have to remain because authentication
# does not work with sssd yet service principle not recgonice etc..
# this seems to work for a semi manual approach for synchronize
password
# with the local account on this server
unix password sync = Yes
# passwd chat etc.. does not seem to be needed in this setup This server
is the Active directory it's not
#clear what is making it work sssd is not requied
# it function I have cycled smamb4 service off/on to make sure it's the
setttings have been updated
# passwd program = /usr/bin/passwd %u
# passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
#
[netlogon]
path = /usr/local/samba/var/locks/sysvol/harvey.net/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
#============================ Share Definitions
==============================
-------------------------------------