Samba 412 could not use fqdn to enter share

Paul-LKW

Member

Reaction score: 1
Messages: 88

I have a FreeBSD-12.2 new box with Samba-4.12 installed however after follow the "Setting_up_Samba_as_an_Active_Directory_Domain_Controller"
I find I could not open the share by \\o.o\User\someone but I could open the \\o.o\netlogon\ without any problem, however if I use \\10.10.100.10\Users\someone could be opened but \\10.10.100.10\netlogon could not be opened, below is my config file.
Code:
[global]
         dns forwarder = 8.8.8.8
         netbios name = HOME
         realm = O.O
         server role = active directory domain controller
         workgroup = AD
         idmap_ldb:use rfc2307 = yes
         vfs objects = dfs_samba4 zfsacl acl_xattr
         socket options = TCP_NODELAY

[sysvol]
         path = /var/db/samba4/sysvol
         read only = No

[netlogon]
         path = /var/db/samba4/sysvol/o.o/scripts
         read only = No

[Profiles]
         path = /HOME/Profiles
         read only = No
         oplocks = No

[Users]
         path = /HOME/Users
         read only = No
         force create mode = 0600
         force directory mode = 0700
         map acl inherit = yes

[FamilyShares]
         path = /HOME/FamilyShares
         read only = No
any help would be appreciated.


BR.
Paul.LKW
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 10,739
Messages: 36,540

The O.O isn't an FQDN, it's the kerberos realm. It's typically the same as the domain name but in uppercase. An FQDN has two parts, a hostname and a domain, i.e. host.domain.tld or myhost.example.com.
 
OP
P

Paul-LKW

Member

Reaction score: 1
Messages: 88

Thanks for your info (I used the wrong name), but how to solve such issue ? It related to krb5.conf setting?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 10,739
Messages: 36,540

Not sure but I assume it hinges on the fact that AD is actually a mix of kerberos, DNS and LDAP. So the issue is probably with DNS.

I find I could not open the share by \\o.o\User\someone
Also note that your share is called Users, not User.
 
Top