net/samba46
Doug Sampson
dougs at dawnsign.com
Thu Apr 6 19:38:31 UTC 2017
> When I try to join a domain after building samba46, I get this error
> message:
>
> root at aries:/usr/local/etc # net ads join -U dspadmin%<password>
> Failed to join domain: failed to create kerberos keytab
> root at aries:/usr/local/etc #
>
>
> I cannot find anything in any of the samba4 logs.
>
> root at aries:/usr/ports/net/samba46 # make showconfig
> ===> The following configuration options are available for samba46-
> 4.6.1_2:
> ADS=on: Active Directory client support(implies LDAP)
> AD_DC=on: Active Directory Domain Controller support
> CUPS=off: CUPS printing system support
> DEBUG=on: Build with debugging support
> DEVELOPER=off: With development support(implies NTVFS)
> DOCS=on: Build and/or install documentation
> EXP_MODULES=off: Experimental modules(WANT_EXP_MODULES)
> FAM=on: File Alteration Monitor support
> LDAP=on: LDAP client support
> MANPAGES=off: Build manpages from DOCBOOK templates
> NTVFS=off: Build *DEPRECATED* NTVFS file server
> QUOTAS=on: Disk quota support
> SYSLOG=on: Syslog logging support
> UTMP=on: UTMP accounting support
> ====> Options available for the radio DNS: you can only select none or
> one of them
> NSUPDATE=off: Use samba NSUPDATE utility for AD DC
> BIND99=off: Use Bind 9.9 as AD DC DNS server frontend
> BIND910=off: Use Bind 9.10 as AD DC DNS server frontend
> BIND911=off: Use Bind 9.11 as AD DC DNS server frontend
> ====> Options available for the radio ZEROCONF: you can only select none
> or one of them
> AVAHI=off: Zeroconf support via Avahi
> MDNSRESPONDER=off: Zeroconf support via mDNSResponder
> ===> Use 'make config' to modify these settings
>
> Testparm reveals the following:
>
> [global]
> realm = DOMAIN.TLD
> server string =
> workgroup = DOMAIN
> domain master = No
> local master = No
> preferred master = No
> client ldap sasl wrapping = seal
> log file = /var/log/samba4/log.%m
> disable spoolss = Yes
> load printers = No
> printcap name = /dev/null
> disable netbios = Yes
> max xmit = 65535
> min receivefile size = 16384
> name resolve order = lmhosts hosts bcast
> smb ports = 445
> kerberos method = system keytab
> security = ADS
> server signing = if_required
> deadtime = 15
> max open files = 65535
> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
> template shell = /bin/bash
> winbind cache time = 10
> winbind enum groups = Yes
> winbind enum users = Yes
> winbind nss info = rfc2307
> winbind offline logon = Yes
> winbind refresh tickets = Yes
> winbind separator = -
> nfs4:chown = yes
> nfs4:acedup = merge
> nfs4:mode = special
> idmap config *:range = 1000-50000
> idmap config dsp:backend = rid
> idmap config dsp:default = yes
> idmap config dsp:range = 50001-60000
> idmap config * : backend = tdb
> map readonly = no
> store dos attributes = Yes
> strict locking = No
> directory name cache size = 0
> map acl inherit = Yes
> admin users = DOMAIN-doug
> hosts allow = 192.168.xxx. 192.168.xxx. 127. 10.8.
> inherit owner = Yes
> inherit permissions = Yes
> read only = No
> aio read size = 16384
> aio write size = 16384
> max connections = 65535
> use sendfile = Yes
> vfs objects = zfsacl acl_xattr audit netatalk
>
> Using the same make configure options and the same smb4.conf on
> net/samba45 allows me to join a domain successfully.
>
Is anyone running www/samba46 on a FreeBSD 11.0-RELEASE system utilizing winbindd? If you're not utilizing winbindd, what are you using for your authentication? LDAP?
~Doug
More information about the freebsd-ports
mailing list