пытаюсь подцепить машинку с самбой к домену пишет
[root@servilin etc]# net join -U DLMyakshin
Host is not configured as a member server.
Invalid configuration. Exiting....
Failed to join domain: WERR_INVALID_DOMAIN_ROLE
ADS join did not work, falling back to RPC...
Enter DLMyakshin's password:
Joined domain DBTS. ладно дальше вижу его как вторичный контроллер домена
почему не может работать ADS ?
и где прописать чтобы он был просто членом домена то есть рядовым, а не контроллером ?
нужно LDAP + AD потом буду по папкам доступ делать
вот конфиги:
[global]
realm = DBTS.LOCAL
netbios name = TSERV
server string = File-Server
log file = /var/log/samba/%m.log
log level = 3
max log size = 1024
##insert begin
password server = 192.168.1.100
security = ADS
idmap cache time = 604800
idmap uid = 1000000-2000000
idmap gid = 1000000-2000000
encrypt passwords = Yes
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
local master = no
load printers = No
disable spoolss = Yes
show add printer wizard = No
os level = 65
preferred master = No
domain master = No
dns proxy = No
wins support = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
timeserver = yes
deadtime = 15
[homes]
comment = "%U's home directory"
path = /home/%u
valid users = %S
read only = No
browseable = No
[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes
[public]
comment = "Share folders with public documents of stuffs"
path = /home/samba
write list = @smbusers
force group = smbusers
read only = No
create mask = 0664
force create mode = 0664
directory mask = 02775
force directory mode = 02775
volume = "network"
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = DBTS.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
[realms]
DBTS.LOCAL = {
kdc = DBTS-MAIN.DBTS.LOCAL:88
default_domain = DBTS.LOCAL
}
[domain_realm]
.dbts.local = DBTS.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
nsswich
passwd: files winbind
shadow: files winbind
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus