Hi Thierry, list,
I would like to revive this discussion from last month. I started a new
discussion on the samba mailinglist on the "password server =" subject.
Please see here:
https://lists.samba.org/archive/samba/2017-June/208999.html
The outcome of that discussion is that the samba team (specifically
Rowland Penny and Andrew Bartlett) recommend that the "password server
=" line better be removed from the packetfence generated smb.conf.
I wanted to have confirmation of the samba developpers, before asking
that here.
I think it would improve packetfence if the line was removed from the
generated config. And if you are not willing to do that, is there a
place where I can perhaps edit a template to comment it out on our own
installation?
Best regards!
MJ
On 05/10/2017 03:54 PM, Thierry Laurion wrote:
Hi MJ,
1-In PacketFence Admin, under domains configuration, clone your current
domain configuration.
2- Change the IP address of the ActiveDirectory Server by it's DNS name.
Rejoin the domain from each PacketFence server.
3-Make sure that the DNS server in the configuration can resolve that
domain name. (If you need multiple DNS server, this got introduced
recently: https://github.com/inverse-inc/packetfence/pull/2223/files)
The resulting configuration change:
/etc/krb5.conf:
[...]
[libdefaults]
default_realm = domainname.local
[...]
/chroots/domainname/etc/samba/domainname.conf
[...]
password server = domainname.local
Uppercase/Lowercase realm is not problematic.
Regards,
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
