I have centos 6.9 working this way but I was trying to get fedora27
working with the same smb.conf file I used for centos 6.9 and ubuntu
16.04.
authconfig --updateall --smbrealm ${SUBDOMAIN}.${DOMAIN} --krb5realm
${SUBDOMAIN}.${DOMAIN} --enablewinbindauth --enablewinbind
--enablecache --enablewinbindkrb5 --enablewinbindoffline
cp domain.smb.conf /etc/samba/smb.conf
restart smbd
restart winbind
[root@fedora27 ~]# cat /etc/samba/smb.conf| sed
"s/${SUBDOMAIN}/SUBDOMAIN/g" | sed "s/${DOMAIN}/DOMAIN/g"
[global]
security = ads
realm = SUBDOMAIN.DOMAIN
workgroup = SUBDOMAIN
idmap config * : backend = tdb
idmap config * : range = 2000-7999
idmap config SUBDOMAIN:backend = ad
idmap config SUBDOMAIN:schema_mode = rfc2307
idmap config SUBDOMAIN:range = 8000-9999999
winbind nss info = rfc2307
winbind use default domain = yes
# so that the users show up in getent
winbind enum users = yes
# so that the groups show up in getent
winbind enum groups = yes
restrict anonymous = 2
#added the following 2 for the Badlock updates that change the defaults
#to no longer work with my domain controllers
ldap server require strong auth = no
client ldap sasl wrapping = plain
Expected result:
root@ubuntu16:~# getent passwd jefftest
jefftest:*:11507:8004:Jeff Test:/nfsmount/jefftest:/bin/bash
Fedora27 result:
[root@fedora27 ~]# getent passwd jefftest
jefftest:*:11507:8513::/home/SUBDOMAIN/jefftest:/bin/false
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
