root@freebsd:~ # kinit administrator administrator@TEST.JP's Password: root@freebsd:~ # klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: administrator@TEST.JP Issued Expires Principal Jun 17 19:47:20 2019 Jun 18 05:47:20 2019 krbtgt/TEST.JP@TEST.JP root@freebsd:~ # samba-tool user add chibi Note: samba-tool user add is deprecated. Please use samba-tool user create for the same function. New Password: Retype Password: User 'chibi' created successfully root@freebsd:~ # wbinfo -u TEST\administrator TEST\guest TEST\krbtgt TEST\chibi root@freebsd:~ # wbinfo -n chibi S-1-5-21-1593849174-3160430826-2334651641-1103 SID_USER (1) root@freebsd:~ # net ads info LDAP server: 192.168.1.165 LDAP server name: freebsd.test.jp Realm: TEST.JP Bind Path: dc=TEST,dc=JP LDAP port: 389 Server time: Mon, 17 Jun 2019 19:48:09 JST KDC server: 192.168.1.165 Server time offset: 0 Last machine account password change: Mon, 17 Jun 2019 19:46:18 JST root@freebsd:~ # host -4 freebsd freebsd.test.jp has address 192.168.1.165 freebsd.test.jp has IPv6 address 2400:4052:46e0:b700:20c:29ff:fecf:8bce root@freebsd:~ # host -t SRV _ldap._tcp.test.jp _ldap._tcp.test.jp has SRV record 0 100 389 freebsd.test.jp. root@freebsd:~ # host -t SRV _kerberos._udp.test.jp _kerberos._udp.test.jp has SRV record 0 100 88 freebsd.test.jp. root@freebsd:~ # host -t A freebsd.test.jp. freebsd.test.jp has address 192.168.1.165 root@freebsd:~ # smbclient -L localhost -U% Sharename Type Comment --------- ---- ------- netlogon Disk sysvol Disk IPC$ IPC IPC Service (Samba 4.8.12) Reconnecting with SMB1 for workgroup listing. Server Comment --------- ------- Workgroup Master --------- ------- root@freebsd:~ # smbclient //localhost/netlogon -Uadministrator Enter TEST\administrator's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Mon Jun 17 19:46:11 2019 .. D 0 Mon Jun 17 19:46:16 2019 19278748 blocks of size 1024. 14593796 blocks available smb: \> exit root@freebsd:~ # smbclient //localhost/sysvol -Uadministrator Enter TEST\administrator's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Mon Jun 17 19:46:17 2019 .. D 0 Mon Jun 17 19:49:23 2019 test.jp D 0 Mon Jun 17 19:46:16 2019 19278748 blocks of size 1024. 14593848 blocks available smb: \> exit root@freebsd:~ # net ads lookup Information for Domain Controller: 192.168.1.165 Response Type: LOGON_SAM_LOGON_RESPONSE_EX GUID: 1985b722-d670-4f5f-84d9-f5d5bb86c79b Flags: Is a PDC: yes Is a GC of the forest: yes Is an LDAP server: yes Supports DS: yes Is running a KDC: yes Is running time services: yes Is the closest DC: yes Is writable: yes Has a hardware clock: yes Is a non-domain NC serviced by LDAP server: no Is NT6 DC that has some secrets: no Is NT6 DC that has all secrets: yes Runs Active Directory Web Services: no Runs on Windows 2012 or later: no Forest: test.jp Domain: test.jp Domain Controller: freebsd.test.jp Pre-Win2k Domain: TEST Pre-Win2k Hostname: FREEBSD Server Site Name : Default-First-Site-Name Client Site Name : Default-First-Site-Name NT Version: 5 LMNT Token: ffff LM20 Token: ffff root@freebsd:~ # uname -a FreeBSD freebsd 13.0-CURRENT FreeBSD 13.0-CURRENT r349025 GENERIC amd64 root@freebsd:~ # samba -V Version 4.8.12 root@freebsd:~ # wbinfo -t checking the trust secret for domain TEST via RPC calls succeeded root@freebsd:~ # wbinfo -g TEST\cert publishers TEST\ras and ias servers TEST\allowed rodc password replication group TEST\denied rodc password replication group TEST\dnsadmins TEST\enterprise read-only domain controllers TEST\domain admins TEST\domain users TEST\domain guests TEST\domain computers TEST\domain controllers TEST\schema admins TEST\enterprise admins TEST\group policy creator owners TEST\read-only domain controllers TEST\dnsupdateproxy root@freebsd:~ #