+--------------------------------------------------------------------------------+
+                            Domain Controller Status                            +
+--------------------------------------------------------------------------------+
Domain Controller is DISABLED


+--------------------------------------------------------------------------------+
+                           Domain Controller Settings                           +
+--------------------------------------------------------------------------------+
Realm:                   
Domain:                  
Role:                    
DNS Backend:             
DNS Forwarder:           
Forst Level:             
Kerberos Realm:          
Kerberos KDC:            
Kerberos Admin Server:   
Kerberos Kpasswd Server: 


+--------------------------------------------------------------------------------+
+                                 /etc/krb5.conf                                 +
+--------------------------------------------------------------------------------+
[appdefaults]
            pam = {
                forwardable = true
                ticket_lifetime = 86400
                renew_lifetime = 86400
            }

[libdefaults]
            dns_lookup_realm = true
            dns_lookup_kdc = true
            ticket_lifetime = 24h
            clockskew = 300
            forwardable = yes

[domain_realm]
            depasse.net = DEPASSE.NET
            .depasse.net = DEPASSE.NET
            DEPASSE.NET = DEPASSE.NET
            .DEPASSE.NET = DEPASSE.NET

[realms]
        DEPASSE.NET = {
            kdc = ad1.depasse.net:88
            admin_server = ad1.depasse.net:88
            kpasswd_server = ad1.depasse.net:464
            default_domain = DEPASSE.NET
        }

[logging]
            default = SYSLOG:INFO:LOCAL7



+--------------------------------------------------------------------------------+
+                               /etc/nsswitch.conf                               +
+--------------------------------------------------------------------------------+
services: files
rpc: files
group: files winbind
shells: files
passwd: files winbind
hosts: files mdns dns
sudoers: files
networks: files
protocols: files


+--------------------------------------------------------------------------------+
+                            /usr/local/etc/smb4.conf                            +
+--------------------------------------------------------------------------------+
[global]
    server max protocol = SMB2
    encrypt passwords = yes
    dns proxy = no
    strict locking = no
    oplocks = yes
    deadtime = 15
    max log size = 51200
    max open files = 3771020
    syslog only = yes
    syslog = 1
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes
    getwd cache = yes
    guest account = nobody
    map to guest = Bad User
    obey pam restrictions = yes
    directory name cache size = 0
    kernel change notify = no
    dfree command = /usr/local/libexec/samba/dfree
    panic action = /usr/local/libexec/samba/samba-backtrace
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    server string = FreeNAS Server
    ea support = yes
    store dos attributes = yes
    acl allow execute always = true
    acl check permissions = true
    dos filemode = yes
    multicast dns register = yes
    domain logons = yes
    idmap config *: backend = tdb
    idmap config *: range = 90000001-100000000
    server role = member server
    netbios name = FREENAS1
    workgroup = DEPASSE
    realm = DEPASSE.NET
    security = ADS
    client use spnego = yes
    cache directory = /var/tmp/.cache/.samba
    local master = no
    domain master = no
    preferred master = no
    winbind cache time = 7200
    winbind offline logon = yes
    winbind enum users = yes
    winbind enum groups = yes
    winbind nested groups = yes
    winbind use default domain = no
    winbind refresh tickets = yes
    idmap config DEPASSE: backend = rid
    idmap config DEPASSE: range = 10000-90000000
    allow trusted domains = no
    client ldap sasl wrapping = plain
    template shell = /bin/sh
    template homedir = /home/%D/%U
    pid directory = /var/run/samba
    smb passwd file = /var/etc/private/smbpasswd
    private dir = /var/etc/private
    create mask = 0666
    directory mask = 0777
    client ntlmv2 auth = yes
    dos charset = CP437
    unix charset = UTF-8
    log level = 1
    

[Stuff]
    path = /mnt/tank/stuff
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    recycle:repository = .recycle/%U
    recycle:keeptree = yes
    recycle:versions = yes
    recycle:touch = yes
    recycle:directory_mode = 0777
    recycle:subdir_mode = 0700
    vfs objects = zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[backup]
    path = /mnt/tank/backup
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    recycle:repository = .recycle/%U
    recycle:keeptree = yes
    recycle:versions = yes
    recycle:touch = yes
    recycle:directory_mode = 0777
    recycle:subdir_mode = 0700
    vfs objects = zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[homes]
    valid users = %D\%U
    path = /mnt/tank/home/%D/%U
    comment = Home Directories
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = no
    recycle:repository = .recycle/%U
    recycle:keeptree = yes
    recycle:versions = yes
    recycle:touch = yes
    recycle:directory_mode = 0777
    recycle:subdir_mode = 0700
    vfs objects = zfsacl
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[media]
    path = /mnt/tank/media
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    recycle:repository = .recycle/%U
    recycle:keeptree = yes
    recycle:versions = yes
    recycle:touch = yes
    recycle:directory_mode = 0777
    recycle:subdir_mode = 0700
    vfs objects = zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = yes
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare


+--------------------------------------------------------------------------------+
+                                Kerberos Tickets                                +
+--------------------------------------------------------------------------------+
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: administrator@DEPASSE.NET

  Issued           Expires          Principal
Jun 12 22:21:39  Jun 13 08:21:39  krbtgt/DEPASSE.NET@DEPASSE.NET
Jun 12 22:21:52  Jun 13 08:21:39  cifs/ad2.depasse.net@DEPASSE.NET
Jun 12 22:21:52  Jun 13 08:21:39  ldap/ad2.depasse.net@DEPASSE.NET


+--------------------------------------------------------------------------------+
+                         /usr/local/etc/sssd/sssd.conf                          +
+--------------------------------------------------------------------------------+
[sssd]
config_file_version = 2
full_name_format = %2$s\%1$s
re_expression = (((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))
services = nss,pam
[nss]
[pam]


+--------------------------------------------------------------------------------+
+                         Domain Controller Domain Info                          +
+--------------------------------------------------------------------------------+
Environment LOGNAME is not defined. Trying anonymous access.
LDAP server: 172.16.1.21
LDAP server name: AD2.depasse.net
Realm: DEPASSE.NET
Bind Path: dc=DEPASSE,dc=NET
LDAP port: 389
Server time: Fri, 12 Jun 2015 22:28:41 EDT
KDC server: 172.16.1.21
Server time offset: 0


+--------------------------------------------------------------------------------+
+                         Domain Controller Trust Secret                         +
+--------------------------------------------------------------------------------+
checking the trust secret for domain DEPASSE via RPC calls succeeded


+--------------------------------------------------------------------------------+
+                     Domain Controller NETLOGON connection                      +
+--------------------------------------------------------------------------------+
checking the NETLOGON dc connection to "ad2.depasse.net" succeeded


+--------------------------------------------------------------------------------+
+                       Domain Controller trusted domains                        +
+--------------------------------------------------------------------------------+
BUILTIN
FREENAS1
DEPASSE


+--------------------------------------------------------------------------------+
+                         Domain Controller all domains                          +
+--------------------------------------------------------------------------------+
BUILTIN
FREENAS1
DEPASSE


+--------------------------------------------------------------------------------+
+                          Domain Controller own domain                          +
+--------------------------------------------------------------------------------+
DEPASSE




+--------------------------------------------------------------------------------+
+                        Domain Controller online status                         +
+--------------------------------------------------------------------------------+
BUILTIN : online
FREENAS1 : online
DEPASSE : online


+--------------------------------------------------------------------------------+
+                         Domain Controller domain info                          +
+--------------------------------------------------------------------------------+
Name              : DEPASSE
Alt_Name          : depasse.net
SID               : S-1-5-21-4000065454-2491860124-3439188521
Active Directory  : Yes
Native            : Yes
Primary           : Yes


+--------------------------------------------------------------------------------+
+                           Domain Controller DC name                            +
+--------------------------------------------------------------------------------+
AD1.depasse.net
\\172.16.1.20
1
d93d33d4-ba7a-4eab-a90b-cea07924d1f0
depasse.net
depasse.net
0xe00033fd
Default-First-Site-Name
Default-First-Site-Name


+--------------------------------------------------------------------------------+
+                           Domain Controller DC info                            +
+--------------------------------------------------------------------------------+
ad2.depasse.net (172.16.1.21)


+--------------------------------------------------------------------------------+
+                       Domain Controller Users and Groups                       +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                  Using wbinfo                                  +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                     Users                                      +
+--------------------------------------------------------------------------------+
DEPASSE\guest
DEPASSE\krbtgt
DEPASSE\administrator
DEPASSE\ldapbind
DEPASSE\splunkservice
DEPASSE\vmwareadmin
DEPASSE\viewcompadmin
DEPASSE\greg
DEPASSE\pete
DEPASSE\renee
DEPASSE\debbie
+--------------------------------------------------------------------------------+
+                                     Groups                                     +
+--------------------------------------------------------------------------------+
DEPASSE\domain computers
DEPASSE\cert publishers
DEPASSE\domain users
DEPASSE\domain guests
DEPASSE\ras and ias servers
DEPASSE\domain admins
DEPASSE\schema admins
DEPASSE\enterprise admins
DEPASSE\group policy creator owners
DEPASSE\allowed rodc password replication group
DEPASSE\denied rodc password replication group
DEPASSE\enterprise read-only domain controllers
DEPASSE\read-only domain controllers
DEPASSE\domain controllers
DEPASSE\dnsadmins
DEPASSE\dnsupdateproxy
DEPASSE\vmware view desktops
DEPASSE\vmware view users
DEPASSE\vmware view admins
+--------------------------------------------------------------------------------+
+                                  Using getent                                  +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                     Users                                      +
+--------------------------------------------------------------------------------+
root:$6$HT8L9C7s8X5/JGfH$RWQVnbiaSw0aRywJCi/B.7DRcscT8RPQG42VH2QEn.JMlZ7OxVmwOGX8ZQzR3kLNFOc3E8yhiup0ptTUpxZlS.:0:0:root:/root:/bin/csh
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:2:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
avahi:*:200:200:avahi user:/nonexistent:/usr/sbin/nologin
messagebus:*:201:201:messagebus user:/nonexistent:/usr/sbin/nologin
ftp:*:14:14::/nonexistent:/bin/csh
auditdistd:*:78:77:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
hast:*:845:845:HAST unprivileged user:/var/empty:/usr/sbin/nologin
ladvd:*:79:78:ladvd user:/var/empty:/usr/sbin/nologin
webdav:*:666:666:WebDAV Anonymous User:/var/empty:/usr/sbin/nologin
media:*:816:99:media:/nonexistent:/sbin/nologin
DEPASSE\guest:*:10501:10514:Guest:/home/DEPASSE/guest:/bin/sh
DEPASSE\krbtgt:*:10502:10513:krbtgt:/home/DEPASSE/krbtgt:/bin/sh
DEPASSE\administrator:*:10500:10513:Administrator:/home/DEPASSE/administrator:/bin/sh
DEPASSE\ldapbind:*:11106:10513:LDAP Bind:/home/DEPASSE/ldapbind:/bin/sh
DEPASSE\splunkservice:*:11105:10513:Splunk Service:/home/DEPASSE/splunkservice:/bin/sh
DEPASSE\vmwareadmin:*:11113:10513:VMwareAdmin:/home/DEPASSE/vmwareadmin:/bin/sh
DEPASSE\viewcompadmin:*:11114:10513:ViewCompAdmin:/home/DEPASSE/viewcompadmin:/bin/sh
DEPASSE\greg:*:11178:10519:Greg DePasse:/home/DEPASSE/greg:/bin/sh
DEPASSE\pete:*:11220:10513:Pete Jackson:/home/DEPASSE/pete:/bin/sh
DEPASSE\renee:*:11225:10513:Renee DePasse:/home/DEPASSE/renee:/bin/sh
DEPASSE\debbie:*:11229:10513:Debbie DePasse:/home/DEPASSE/debbie:/bin/sh
+--------------------------------------------------------------------------------+
+                                     Groups                                     +
+--------------------------------------------------------------------------------+
wheel:*:0
daemon:*:1
kmem:*:2
sys:*:3
tty:*:4
operator:*:5:uucp
mail:*:6
bin:*:7
news:*:8
man:*:9
games:*:13
ftp:*:14
staff:*:20
sshd:*:22
smmsp:*:25
mailnull:*:26
guest:*:31
bind:*:53
proxy:*:62
authpf:*:63
_pflogd:*:64
_dhcp:*:65
uucp:*:66
dialer:*:68
network:*:69
audit:*:77
www:*:80
nogroup:*:65533
nobody:*:65534
avahi:*:200
messagebus:*:201
hast:*:845
ladvd:*:78
webdav:*:666
media:*:99
DEPASSE\domain computers:x:10515
DEPASSE\cert publishers:x:10517:DEPASSE\ad1$
DEPASSE\domain users:x:10513:DEPASSE\greg
DEPASSE\domain guests:x:10514
DEPASSE\ras and ias servers:x:10553
DEPASSE\domain admins:x:10512:DEPASSE\ldapbind,DEPASSE\greg,DEPASSE\administrator
DEPASSE\schema admins:x:10518:DEPASSE\administrator
DEPASSE\enterprise admins:x:10519:DEPASSE\administrator
DEPASSE\group policy creator owners:x:10520:DEPASSE\administrator
DEPASSE\allowed rodc password replication group:x:10571
DEPASSE\denied rodc password replication group:x:10572:DEPASSE\krbtgt
DEPASSE\enterprise read-only domain controllers:x:10498
DEPASSE\read-only domain controllers:x:10521
DEPASSE\domain controllers:x:10516
DEPASSE\dnsadmins:x:11101
DEPASSE\dnsupdateproxy:x:11102
DEPASSE\vmware view desktops:x:11110
DEPASSE\vmware view users:x:11111
DEPASSE\vmware view admins:x:11112:DEPASSE\vmwareadmin,DEPASSE\administrator


