一番大事な三つのファイルを確認してください (実質、この三つ以外に編集するファイルはありません)。
/etc/resolv.conf /etc/krb5.conf /etc/samba/smb.conf
[/etc/resolv.conf] search ad.fml.org nameserver 192.168.0.2(注: 192.168.0.2 は、この AD 自身の IP アドレスになります)
[/etc/krb5.conf] [libdefaults] default_realm = AD.FML.ORG dns_lookup_realm = false dns_lookup_kdc = trueもちろん realm は各サイトごとにちがうはずです。 それ以外に Kerberos のデフォルト値と「dns_lookup_kdc = true」が違います。 あとはデフォルトのままのようです。
[/etc/samba/smb.conf] # Global parameters [global] workgroup = AD realm = AD.FML.ORG netbios name = DC00 server role = active directory domain controller dns forwarder = 202.232.0.1 server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns, smb dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver, winreg, srvsvc idmap_ldb:use rfc2307 = yes [netlogon] path = /var/lib/samba/sysvol/ad.fml.org/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No [home] path = /var/samba/home browseable = yes read only = no create mask = 0644 directory mask = 0755 [profiles] path = /var/samba/profiles browseable = no read only = no create mask = 0644 directory mask = 0755
Copyright (C) 1993-2025 Ken'ichi Fukamachi mail:< fukachan at fml.org >