+--------------------------------------------------------------------------------+
+                            Domain Controller Status                            +
+--------------------------------------------------------------------------------+
Domain Controller is DISABLED


+--------------------------------------------------------------------------------+
+                           Domain Controller Settings                           +
+--------------------------------------------------------------------------------+
Realm:                   
Domain:                  
Role:                    
DNS Backend:             
DNS Forwarder:           
Forst Level:             
Kerberos Realm:          
Kerberos KDC:            
Kerberos Admin Server:   
Kerberos Kpasswd Server: 


+--------------------------------------------------------------------------------+
+                                 /etc/krb5.conf                                 +
+--------------------------------------------------------------------------------+
[appdefaults]
            pam = {
                forwardable = true
                ticket_lifetime = 86400
                renew_lifetime = 86400
            }

[libdefaults]
            dns_lookup_realm = true
            dns_lookup_kdc = true
            ticket_lifetime = 24h
            clockskew = 300
            forwardable = yes
            default_realm = NEWTYPE.US

[domain_realm]
            newtype.us = NEWTYPE.US
            .newtype.us = NEWTYPE.US
            NEWTYPE.US = NEWTYPE.US
            .NEWTYPE.US = NEWTYPE.US

[realms]
        NEWTYPE.US = {
            kdc = link.newtype.us:88
            admin_server = link.newtype.us:88
            kpasswd_server = link.newtype.us:464
            default_domain = NEWTYPE.US
        }

[logging]
            default = SYSLOG:INFO:LOCAL7



+--------------------------------------------------------------------------------+
+                               /etc/nsswitch.conf                               +
+--------------------------------------------------------------------------------+
services: files
rpc: files
group: files winbind
shells: files
passwd: files winbind
hosts: files mdns dns
sudoers: files
networks: files
protocols: files


+--------------------------------------------------------------------------------+
+                            /usr/local/etc/smb4.conf                            +
+--------------------------------------------------------------------------------+
[global]
    server max protocol = SMB3
    interfaces = 127.0.0.1 10.7.10.99
    bind interfaces only = yes
    encrypt passwords = yes
    dns proxy = no
    strict locking = no
    oplocks = yes
    deadtime = 15
    max log size = 51200
    max open files = 3773144
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes
    getwd cache = yes
    guest account = nobody
    map to guest = Bad User
    obey pam restrictions = yes
    directory name cache size = 0
    kernel change notify = no
    panic action = /usr/local/libexec/samba/samba-backtrace
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    server string = FreeNAS Server
    ea support = yes
    store dos attributes = yes
    lm announce = yes
    hostname lookups = yes
    acl allow execute always = true
    acl check permissions = true
    dos filemode = yes
    multicast dns register = yes
    domain logons = no
    idmap config *: backend = tdb
    idmap config *: range = 90000001-100000000
    server role = member server
    netbios name = FREENAS
    workgroup = NEWTYPE
    realm = NEWTYPE.US
    security = ADS
    client use spnego = yes
    cache directory = /var/tmp/.cache/.samba
    local master = no
    domain master = no
    preferred master = no
    ads dns update = yes
    winbind cache time = 7200
    winbind offline logon = yes
    winbind enum users = yes
    winbind enum groups = yes
    winbind nested groups = yes
    winbind use default domain = yes
    winbind refresh tickets = yes
    idmap config NEWTYPE: backend = rid
    idmap config NEWTYPE: range = 20000-90000000
    allow trusted domains = no
    client ldap sasl wrapping = plain
    template shell = /bin/sh
    template homedir = /home/%U
    pid directory = /var/run/samba
    create mask = 0755
    directory mask = 0755
    client ntlmv2 auth = yes
    dos charset = CP437
    unix charset = UTF-8
    log level = 1
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072
    min receivefile size = 131072
    write cache size = 131072
    

[ISO]
    path = /mnt/volume0/ISO
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = yes
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[Media]
    path = /mnt/volume0/Media
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[Private]
    path = /mnt/volume0/Private
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[Share]
    path = /mnt/volume0/Share
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[Sync]
    path = /mnt/volume0/Sync
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare
    

[Torrent]
    path = /mnt/volume0/Torrent
    printable = no
    veto files = /.snapshot/.windows/.mac/.zfs/
    writeable = yes
    browseable = yes
    vfs objects = zfs_space zfsacl aio_pthread streams_xattr
    hide dot files = yes
    guest ok = no
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = true
    zfsacl:acesort = dontcare


+--------------------------------------------------------------------------------+
+                                Kerberos Tickets                                +
+--------------------------------------------------------------------------------+
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: Administrator@NEWTYPE.US

  Issued           Expires          Principal
Dec 12 10:30:00  Dec 12 20:30:00  krbtgt/NEWTYPE.US@NEWTYPE.US
Dec 12 14:12:47  Dec 12 20:30:00  ldap/link.newtype.us@NEWTYPE.US


+--------------------------------------------------------------------------------+
+                         /usr/local/etc/sssd/sssd.conf                          +
+--------------------------------------------------------------------------------+
[sssd]
config_file_version = 2
full_name_format = %2$s\%1$s
re_expression = (((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))
services = nss,pam

[nss]

[pam]



+--------------------------------------------------------------------------------+
+                         Domain Controller Domain Info                          +
+--------------------------------------------------------------------------------+
Environment LOGNAME is not defined. Trying anonymous access.
LDAP server: 10.7.10.2
LDAP server name: NEXUS.newtype.us
Realm: NEWTYPE.US
Bind Path: dc=NEWTYPE,dc=US
LDAP port: 389
Server time: Sat, 12 Dec 2015 14:13:03 PST
KDC server: 10.7.10.2
Server time offset: 0


+--------------------------------------------------------------------------------+
+                         Domain Controller Trust Secret                         +
+--------------------------------------------------------------------------------+
checking the trust secret for domain NEWTYPE via RPC calls succeeded


+--------------------------------------------------------------------------------+
+                     Domain Controller NETLOGON connection                      +
+--------------------------------------------------------------------------------+
checking the NETLOGON dc connection to "NEXUS.newtype.us" succeeded


+--------------------------------------------------------------------------------+
+                       Domain Controller trusted domains                        +
+--------------------------------------------------------------------------------+
BUILTIN
FREENAS
NEWTYPE


+--------------------------------------------------------------------------------+
+                         Domain Controller all domains                          +
+--------------------------------------------------------------------------------+
BUILTIN
FREENAS
NEWTYPE


+--------------------------------------------------------------------------------+
+                          Domain Controller own domain                          +
+--------------------------------------------------------------------------------+
NEWTYPE




+--------------------------------------------------------------------------------+
+                        Domain Controller online status                         +
+--------------------------------------------------------------------------------+
BUILTIN : online
FREENAS : online
NEWTYPE : online


+--------------------------------------------------------------------------------+
+                         Domain Controller domain info                          +
+--------------------------------------------------------------------------------+
Name              : NEWTYPE
Alt_Name          : newtype.us
SID               : S-1-5-21-2248898222-1491668805-4068053637
Active Directory  : Yes
Native            : Yes
Primary           : Yes


+--------------------------------------------------------------------------------+
+                           Domain Controller DC name                            +
+--------------------------------------------------------------------------------+
NEXUS.newtype.us
\\NEXUS
2
a2799ee2-7229-4f75-b9f3-b9c7acb15370
newtype.us
newtype.us
0xe000f1fd
Default-First-Site-Name
Default-First-Site-Name


+--------------------------------------------------------------------------------+
+                           Domain Controller DC info                            +
+--------------------------------------------------------------------------------+
NEXUS.newtype.us (10.7.10.2)


+--------------------------------------------------------------------------------+
+                       Domain Controller Users and Groups                       +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                  Using wbinfo                                  +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                     Users                                      +
+--------------------------------------------------------------------------------+
guest
krbtgt
administrator
jimmy
jenny
thuan
eric
nagios
henry
ldapuser
veeam
aika
+--------------------------------------------------------------------------------+
+                                     Groups                                     +
+--------------------------------------------------------------------------------+
domain computers
cert publishers
domain users
domain guests
ras and ias servers
domain admins
schema admins
enterprise admins
group policy creator owners
allowed rodc password replication group
denied rodc password replication group
enterprise read-only domain controllers
cloneable domain controllers
protected users
domain controllers
read-only domain controllers
esx admins
dnsadmins
dnsupdateproxy
network admins
oc users
backup users
winrmremotewmiusers__
+--------------------------------------------------------------------------------+
+                                  Using getent                                  +
+--------------------------------------------------------------------------------+
+--------------------------------------------------------------------------------+
+                                     Users                                      +
+--------------------------------------------------------------------------------+
root:$6$Go4bVUyY3bp4l2Me$eUJNMPzkCYO1LD7M/1T5il5Rg5je4lMFEYlDvxiau9oo/EZ34f3auRG9axuGZ7L/pG6rlSlqrT8YMaLawO4UA0:0:0:root:/root:/bin/csh
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:2:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
avahi:*:200:200:avahi user:/nonexistent:/usr/sbin/nologin
messagebus:*:201:201:messagebus user:/nonexistent:/usr/sbin/nologin
ftp:*:14:14::/nonexistent:/bin/csh
auditdistd:*:78:77:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
hast:*:845:845:HAST unprivileged user:/var/empty:/usr/sbin/nologin
ladvd:*:79:78:ladvd user:/var/empty:/usr/sbin/nologin
webdav:*:666:666:WebDAV Anonymous User:/var/empty:/usr/sbin/nologin
guest:*:20501:20514:Guest:/home/guest:/bin/sh
krbtgt:*:20502:20513:krbtgt:/home/krbtgt:/bin/sh
administrator:*:20500:20513:Administrator:/home/administrator:/bin/sh
jimmy:*:21104:20513:Jimmy Chen:/home/jimmy:/bin/sh
jenny:*:21604:20513:Jenny Tung:/home/jenny:/bin/sh
thuan:*:21615:20513:Thuan Lam:/home/thuan:/bin/sh
eric:*:21602:20513:Eric Chiu:/home/eric:/bin/sh
nagios:*:22106:20513:Nagios:/home/nagios:/bin/sh
henry:*:21603:20513:Henry Cheng:/home/henry:/bin/sh
ldapuser:*:21120:20513:LDAP User:/home/ldapuser:/bin/sh
veeam:*:21107:20513:Veeam User:/home/veeam:/bin/sh
aika:*:21114:20513:Aika Nagaoka:/home/aika:/bin/sh
+--------------------------------------------------------------------------------+
+                                     Groups                                     +
+--------------------------------------------------------------------------------+
wheel:*:0
daemon:*:1
kmem:*:2
sys:*:3
tty:*:4
operator:*:5:uucp
mail:*:6
bin:*:7
news:*:8
man:*:9
games:*:13
ftp:*:14
staff:*:20
sshd:*:22
smmsp:*:25
mailnull:*:26
guest:*:31
bind:*:53
proxy:*:62
authpf:*:63
_pflogd:*:64
_dhcp:*:65
uucp:*:66
dialer:*:68
network:*:69
audit:*:77
www:*:80
nogroup:*:65533
nobody:*:65534
avahi:*:200
messagebus:*:201
hast:*:845
ladvd:*:78
webdav:*:666
domain computers:x:20515
cert publishers:x:20517
domain users:x:20513
domain guests:x:20514
ras and ias servers:x:20553
domain admins:x:20512:jimmy,administrator
schema admins:x:20518:administrator
enterprise admins:x:20519:administrator
group policy creator owners:x:20520:administrator
allowed rodc password replication group:x:20571
denied rodc password replication group:x:20572:krbtgt
enterprise read-only domain controllers:x:20498
cloneable domain controllers:x:20522
protected users:x:20525
domain controllers:x:20516
read-only domain controllers:x:20521
esx admins:x:21108:jimmy
dnsadmins:x:21102
dnsupdateproxy:x:21103
network admins:x:21113:jimmy
oc users:x:21119:jimmy,aika
backup users:x:21122:jimmy,veeam
winrmremotewmiusers__:x:21000


