Ubuntu 服务器 18.04
安装/配置 Samba
加入域成功
可以浏览服务器并查看“打印机共享” – 从 Windows PC >net view \servername 列出打印机共享
使用 kinit、klist 确认 Kerberos 功能
服务器名称在 Active Directory 用户和计算机中列出。
:/$ net rpc rights grant "DOMAIN\Domain Admins" SeDiskOperatorPrivilege -U
"DOMAIN\administrator"
Enter DOMAIN\administrator's password:
Bad SMB2 signature for message
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0000] D8 29 57 39 05 18 72 BE 62 9E 74 58 90 88 FF 57 .)W9..r. b.tX...W
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_ACCESS_DENIED
smb.conf:
[global]
dns forwarder = my.DNS.ip.address
dns proxy = No
log file = /var/log/samba/log.%m
logging = syslog@1 /var/log/samba/log.%m
map to guest = Bad User
max log size = 1000
panic action = /usr/share/samba/panic-action %d
realm = DOMAIN.COM
security = ADS
server role = member server
server string = %h server (Samba, Ubuntu)
template shell = /bin/bash
usershare allow guests = Yes
winbind enum groups = Yes
winbind enum users = Yes
winbind nss info = rfc2307
winbind use default domain = Yes
workgroup = DOMAIN
idmap config DOMAIN : range = 50000-1000000
idmap config DOMAIN : backend = ad
idmap config * : range = 3000-7999
idmap config * : backend = tbd
map acl inherit = Yes
store dos attributes = Yes
vfs objects = acl_xattr
[printers]
browseable = No
comment = All Printers
create mask = 0700
path = /var/spool/samba
printable = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
答案1
有点尴尬,因为我已经研究这个问题一整天了。最后我妥协了,在这里发帖,然后找到了解决方案:
需要创建用户映射文件:例如/etc/samba/user.map
!root = SAMDOM\Administrator SAMDOM\administrator
将其添加到 smb.conf 的 [global] 部分
username map = /etc/samba/user.map
重新启动 smbd 即可正常工作。