Andreas Ladanyi wrote:
There is one UNIX attribute tab and one Members Of tab.
During some tests we discover the following facts
=
In UNIX attribute tab:
winbind is only interested in the UID field -
in ldap tree the
Andreas Ladanyi wrote:
Hay Jerry,
Gerald (Jerry) Carter schrieb:
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
security=domain and security=ads ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
- second on unix site
Friedrich Strohmaier wrote:
Hi Doug, *,
again for whatever reason the listmail did not arrive in my mailbox. The
private copy did! Hmmm.
Doug VanLeuven schrieb:
Friedrich Strohmaier wrote:
Douglas VanLeuven schrieb:
[..]
I can't tell what you're trying to do from what
Naadir Jeewa wrote:
Sorry, yeah, I have munged it.
I did some further checking and found it works fine for the 1 user which
is on the home domain. It's users from other trusted domains which are a
problem.
CLDAP messages are getting rejected by the DCs, but Samba instead says
DC not found.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Naadir Jeewa wrote:
| Hullo,
|
| After having my Samba server joined to a domain, I'm now having
| difficulties configuring winbind. I want to use the idmap_rid backend,
| and have recompiled Samba from scratch with the requisite rid.so module.
|
|
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Friedrich Strohmaier wrote:
| Hi Doug, *,
|
| Sorry for my late answer - I discovered your mail, which never reached
| my box, on gmane..
|
| Douglas VanLeuven schrieb:
| Friedrich Strohmaier wrote:
|
| [..]
|
| I can't tell what you're trying to do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Lueck wrote:
| Rich West wrote:
| It might be easier to remove the system from the domain and re-add it
| to the domain...
|
| Except I have several copies of this VM saved, so rejoining one fixes
| one VM only.
|
| If it is troublesome to
Robert wrote:
I've having trouble getting XP SP2's to join a domain. Whenever I try to join,
at the point I'm asked for a user name and password with permission to join
the domain, I enter root and root's password, then get the dreaded Unknown
user or bad password error message.
The clients
Marcel Mulder wrote:
Hi,
Two weeks (18-01-2008) ago I posted a message with uid problems in the
lock database, but none seems to care or understand
I truly can't understand that I am the only one in the whole world with
this problem
I have a standard setup of my server running Ubuntu
Anne Wilson wrote:
On Thursday 17 January 2008 10:29:26 [EMAIL PROTECTED] wrote:
What happens when you browse to \\server\homes ?
An error occurred while loading smb://david.lydgate.net/homes:
The file or folder smb://david.lydgate.net/homes does not exist.
Anne
You should be
Marcin Kucharczyk wrote:
DV You should be able to delete /var/db/samba (plus maybe the pid file) and
DV restart samba. Samba will create any tdb files it needs like the
DV initial startup.
Tried ... reinstall was required
Some mor information:
It looks like the same or similar problem:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wiesner Thomas wrote:
Additionally to the problems I reported earlier, I'Ve discovered another
problem with my server/client setup.
find reports
find: WARNING: Hard link count is wrong for ./foo: this may be a bug in
your filesystem driver.
[EMAIL PROTECTED] wrote:
Hello,
I have a problem with samba 3.0.26a (from ports) on FreeBSD (amd64,
SMP, 6.2 RELEASE). My log.smbd looks like below:
--- samba starts normally:
[2007/11/24 16:55:22, 0] smbd/server.c:main(944)
smbd version 3.0.26a started.
Copyright Andrew Tridgell and the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bai, Junmin wrote:
Guys
I was so frustrated about installing samba with ADS and winbind support
on solaris 8.
Just a guess, what version Kerberos are you running on solaris 8?
Latest version of Kerberos for solaris is 5 something.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ben Ladd wrote:
Update:
Each time we set up a new user on the system, passwords need changing on the
AD and the samba server. Is there a way to set permissions for the samba from
the AD so that we do not need to go through this rigmarole?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Cleghorn wrote:
Doug,
Is the sarcasm and condescension really necessary?
I thought the original author was trolling and I bit. Rereading I see
he was referring to password changing as rigmarol not configuring samba.
So OK, it would seem
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
BIS wrote:
Any help Please
On Tue, 2007-11-13 at 16:35 -0600, BIS wrote:
I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is
very basic setup with Ldap setup.
All of our desktop (Windows and MAC) clients (250)
Samuel Melrose wrote:
Hey,
I'm having problems with samba. It has never worked properly on my server
since I've had it installed.. Its for a home server, running xbox-Linux
Fedora Core 6.
I've just uninstalled every trace of the old samba, and started a fresh.
With the latest samba sources I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric Diven wrote:
-Original Message-
From: Eric Diven
Sent: Tuesday, October 30, 2007 11:29 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [Samba] Can't see or change ACLs on Windows
On Tue, Oct 30, 2007 at 10:59:41AM -0400, Eric Diven
James Lamanna wrote:
On 10/7/07, James Lamanna [EMAIL PROTECTED] wrote:
On 10/7/07, Volker Lendecke [EMAIL PROTECTED] wrote:
On Sun, Oct 07, 2007 at 09:31:23AM -0700, James Lamanna wrote:
Server sends 1500 byte packet
Client sends 52 bye ACK
Server sends 1500 byte packet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James Lamanna wrote:
Hi all,
Disregard my previous posts, I've consolidated everything here.
I'm having terrible performance issues with samba over a WAN
(point-to-point T1 link).
Doing a copy of a 2MB file from a samba server to a linux client
Christopher Dick wrote:
I am currently running an openSuSE 10.2 machine in a
Windows 2k3 domain. I have upgraded to Samba 3.0.26a,
hoping it would solve my issue, but so far no luck.
I was successful in adding my machine to the domain,
and the DC logs show repeated successful
authentications,
eric roseme wrote:
I know this sounds a little strange, but I was having the same problem
on 3.0.25c, but adding the password to the command line solved it. I
have no idea why:
net ads join -U administrator%password
Eric Roseme
Peter Baumgartner wrote:
I running 3.0.25c on OpenSolaris. I
[EMAIL PROTECTED] wrote:
Hello
A really annoying question.
I'm managing a high school network with two WinXP subnets (192.168.1.X and
192.168.3.X).
These subnets are linked by a SUSE 9.3 server with two network cards and a
Samba server (version 3.0.12-5 SUSE) acting as PDC.
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ian wrote:
Hi,
Anyone have any idea to the problem below? Sorry if its already been answered.
Cheers
Ian
On 9/11/07, Ian [EMAIL PROTECTED] wrote:
Hi,
I am trying to join my FreeBSD machine to an AD domain and keep
getting the following
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thompson, Jimi wrote:
Jerry,
I'm really frustrated with SAMBA. All I want to do is have my users
I'd like to point out here that you're really frustrated with the
default group assigned by Windows Active Directory
authenticate using the domain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Simon Chappell wrote:
Hello All
got a nasty problem that has reared its head this morning.
Windows 2003 ADS controller.
Samba 3.022
Ubuntu 6.06LTS
getent passwd returns users but not all of them.
I am missing a couple of hundred.
Also if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brad C wrote:
Hmm.. this is windows to linux, the file however does copy across to a
windows system just fine. does anyone have experience with copying large
files using samba?
You are using mount -t cifs ? If you're using -t smbfs that could
Wilkinson, Alex wrote:
0n Mon, Aug 13, 2007 at 01:44:19AM -0700, Doug VanLeuven wrote:
Have a look and see if this report is relevant in your case (it's fairly
long): https://bugzilla.samba.org/show_bug.cgi?id=3990
This is my *exact* problem. I am using version 3.0.25a,1.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wilkinson, Alex wrote:
Hi all,
I am successfully authenticating FreeBSD 7.0-CURRENT #1: Wed Jul 25
17:31:15 WST 2007 against AD. Users can log in succesfully with home
directories being served via amd(8) and NFS. However, I have discovered
a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bo Lynch wrote:
This is what I get when using the -d 3 switch
lp_load: refreshing parameters
Initialising global parameters
params.c:pm_process() - Processing configuration file /etc/samba/smb.conf
Processing section [global]
added interface
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bo Lynch wrote:
Just created a new backup server using CentOS 5.0. I am using a auth file
to access windows shares for backups. When connecting like this
smbclient //server/share -A=/auth/file
it works.
When I try to tar with smbclient like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul wrote:
Hi Doug,
Thanks for your timely reply.
We have verified the things which you have mentioned in your mail in the
security settings but with any combination the result does not change. We
have also resolved the invalid
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Simon Ashford wrote:
Have just upgraded from 3.0.14a to 3.0.25b.
On starting winbindd it puts the following in /var/log/messages:
initialize_winbindd_cache: clearing cache and re-creating with version
number 1
All the winbind UID/GID
Brijesh Shukla wrote:
Hi,
I am getting the problem to access shared folder when I am using Dual boot
operating System.
Let say I have two operating system on the same machine.
1) XP and the name of the machine in xp environment is XYZ
2)Cent OS (Linux) and the name of the machine in Linux
Aaron Kincer wrote:
I am having trouble envisioning a network where people are constantly
signing onto different computers (outside of schools and libraries). If
users move around that much, perhaps a VNC/Citrix/Terminal Services
approach
would be better.
Roaming profiles are a solution to a
Alexander van der Leun wrote:
Hello all,
This is my first post on this list, so please bear with me. :-)
I'm managing a couple of Samba servers located at our customers. Since
a couple of weeks we have a problem with winbind on one of our samba
servers. It runs in a mixed Windows/Samba
samba SVN 17972, Linux 2.6.16-1.2096
That should be about the same as 2.0.23c
getent passwd works to list domain accounts
getent group works to list domain groups
kinit works for domain accounts
wbinfo -u lists domain user accounts
wbinfo -g lists domain group accounts
In order to access
Thorsten Hamester wrote:
Hello
samba SVN 17972, Linux 2.6.16-1.2096
That should be about the same as 2.0.23c
getent passwd works to list domain accounts
getent group works to list domain groups
kinit works for domain accounts
wbinfo -u lists domain user accounts
wbinfo -g lists domain group
Mark Smith wrote:
I also tried your values, with the tcp_window_scaling, with no luck.
It's enable by default, but I explicitly set options other options
depend on.
I set up my test rig again.
Host server
2.6.12-1.1376_FC3, samba 3.0.23
Broadcom Nextreme BCM5702X Gigabit, tg3 driver default
OK, I'll top post.
I can't let this stand unanswered.
I ran a LOT of tests with gigabit copper and windows machines. I never
did better than 40 seconds per gig. That was with the Intel cards
configured for maximum cpu utilization. 80-90% cpu for 40 sec per gig.
On windows. Uploads went
pagod wrote:
if i try something like this:
smbmount //fili/xlibs /mnt/temp -o username=dvergnaud
i get the following error:
3600: session setup failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed
the weird thing is, it all works fine when doing it from another linux
computer
I've tried everything I can think of. I kept thinking it must be
something I needed to configure when I changed over from padl xad to the
samba ad builtin module.
Everything had been working for the last 2 years. AD. samba, and unix
passwords are synchronized.
Samba version
Brian D. McGrew wrote:
Trying to do a net ads join, which has always worked fine in the past is
now throwing the below errors when I try and rejoin the domain after a
Windows server reboot.
What am I doing wrong?
:b!
[2006/08/23 19:45:00, 0] libads/ldap.c:ads_add_machine_acct(1405)
Dominic Iadicicco wrote:
Hello all,
My network users are receiving an error when they try to save changes
to an
execl file that is stored in a samba share. The error is The file
filename.xls may have been changed by another user since you last
saved it.
In that case, what do you want to do?
Przemyslaw Smiejek wrote:
W odpowiedzi na pismo z niedziela, 20 sierpnia 2006 14:52
(autor Robert Schetterer
publikowane na gmane.network.samba.general,
wasz znak: [EMAIL PROTECTED]):
Hi,
jep samba can act as a win nt (4) domain controller PDC.
PDC it's only authorization, as I
Derrick MacPherson wrote:
What am I missing? Is ther esome more info I can add to get someone to
respond? Is there a better place to be getting help?
No better place.
Mostly people only respond when your problem is similar to
a problem they themselves have had. I regularly transfer
2 Gig
Gerald (Jerry) Carter wrote:
Yup. That's what I meant. I'll try to repro your results
on Monday (if all goes well). Thanks.
I started up a machine that was on the shelf.
This one had been joined as rc4.
I edited krb5.conf and userAccountControl for des only
My DHCP registers machines in
oly wrote:
hi i have set up samba as a pdc with ldap but i am having problems with
passwords they do not seem to be taken from ldap instead i have to run
smbpasswd username to allow a user to login.
this directory will have around 800 users when complete and the ldap is also
used for other
Gerald (Jerry) Carter wrote:
(a) deriving the DES salt
(b) generating the keytab file
(c) optionally creating the UPN as part of the join.
Please give it a whirl and let me know how it goes.
Our Krb5 code is over 3 years old spreading about
multiple MIT and heimdal versions. It's time for some
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Doug,
Thanks for testing this.
OK.
I then removed support for rc4 in enctypes in /etc/krb5.conf.
Edited the machine acct and added the flag for des_only.
The domain controller can't browse the samba server. Get
the
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Doug VanLeuven wrote:
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Doug,
File a bug report if you believe this to be true. I'm not at 3.0.23
right now and don't have the time to try
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Doug,
File a bug report if you believe this to be true. I'm
not at 3.0.23 right now and don't have the time to try it
here. I wouldn't want to lose this. I did see a mention
they dropped support of joins from
Scott Armstrong wrote:
First thing - I'd like to say a big THANK YOU to the developers.
I just upgraded to samba-3.0.23 and I've noticed an alarming issue with
respect to my configuration.
I've been using the built-in keytab management and it looks like the updated
code no longer creates the
No offense intended, but what is the purpose of
adding the variations of case especially with respect to
the FQDN?
Too much guessing IMO.
True. Very true. But I'll chime in with we got there after
numerous authentication failures at different sites.
It always seemed there had to be a
Eric Evans wrote:
I'm STILL having difficulty getting my PC client to connect to the
domain. I've got the IP address of the Samba server entered into the
list of WINS servers in the network control panel on the client
machine. And I've got a machine account set up for the client machine
Eric Evans wrote:
Hello Craig et al,
I didn't think it was possible that you would refute everything that I
said without checking a single bit of information but you definitely did
that.
Jeez, what did I say that was objectionable? I believe that everything
I said was factual, and I
EHines wrote:
John H Terpstra wrote:
On Friday 07 July 2006 19:27, Craig White wrote:
On Fri, 2006-07-07 at 16:54 -0700, Huck wrote:
This link may be of some assistance to those updating from Samba 2.
http://www.phptr.com/articles/article.asp?p=419048rl=1
Since the
Craig White wrote:
On Fri, 2006-07-07 at 19:10 -0700, Doug VanLeuven wrote:
Someone correct me if I'm wrong, then point samba at itself
(I've been using windows servers for WINS)
wins server = 127.0.0.1
you're wrong - wins support = yes is sufficient
Thanks for the correction
Thomas Garson wrote:
Questions:
Has there been some kind of hidden parameter relatively recently added
to samba 3 that identifies shares as cifs or smbfs? Is the Linux client
programmed to react to this? Are these protocols becoming mutually
exclusive? If any of this is true, where is the
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Henrik,
You were right. ( as usual.. )
I had the wrong FQDN on the samba server.
After reconfiguring my network and I got the FQDN back
from 'hostname' the join worked as planned.
For the record, this is what WinXP
TSZ wrote:
Michael Gasch napisał(a):
and you can solve this with the sticky bit
http://docsrv.sco.com:507/en/OSAdminG/ssC.stickydirs.html
you could also try to play with map read only (S) parameter.
Thank you for your help and link. I know the sticky bit, but I don't
know how to implement it
Logan Shaw wrote:
On Sat, 24 Jun 2006, Doug VanLeuven wrote:
Nir Barkan wrote:
I'm trying to compile samba-3.0.22 with Heimdal Kerberos on Solaris 8
When I configure compile from non -standard libs,
I explicitly set the paths required.
Some people like to put it on the command line
Nir Barkan wrote:
Hi All,
I'm trying to compile samba-3.0.22 with Heimdal Kerberos on Solaris 8
configure works fine but make fails
I am running configure with the option --with-krb5=/opt/local which is
where I have heimdal installed. The problem is that after running make,
it still
Luis Rodrigues wrote:
Hello,
I have an Lacie NAS disk attached to an Gigabit network. Since it only exports
samba I mounted on one
of my gigabit Linux boxes with
smbmount //lacie/terabyte /TERABYTE -o
defaults,username=genuser,password=genuser
Hi Luis,
Although I don't use
Ryan Steele wrote:
All,
I desperately need a resolution to this issue. I've asked once (about a
day or two ago), but I haven't heard anything back. The only reason I
press the issue is I may because without a quick resolution, I may be
forced to switch over to AD (cry!). I submitted a
Collins, Kevin wrote:
Four years ago, I migrated our network from Windows NT based servers to
Linux, Samba+LDAP based setups. This setup has worked fine. Last year,
we replaced our Exchange 5.5 server - the last real Windows server -
with Scalix. This last decision has come back to bite me.
Volker Lendecke wrote:
On Tue, Jun 06, 2006 at 12:02:42PM -0400, Jeremiah Martell wrote:
wbinfo -t
checking the trust secret via RPC calls succeeded
wbinfo -r test
Could not get groups for user test
wbinfo -a test%test
challenge/response password authentication succeeded
wbinfo -r test
Could
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James,
This was your change right ?
Doug, I'm more interested in why winbindd is seg
faulting in the SAMBA_3_0 tree. Can you give me more
details?
Jerry, I was wrong before. Please read.
Sometime in the last 8
Gautier, B (Bob) wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
] On Behalf Of Doug VanLeuven
Sent: 31 May 2006 09:56
/usr/local/samba3/sbin/winbindd [0xdda5cf]
May 31 01:19:14 gate winbindd[5355]:#7
/usr/local/samba3/sbin/winbindd(talloc_free
Guenther Deschner wrote:
I just fixed this today in subversion
(http://websvn.samba.org/cgi-bin/viewcvs.cgi?rev=15980view=rev)
Let me know if you still see problems with that.
Hi,
Updated to svn 15985, running 1/2 hour now, no more core dumps.
Thanks Guenther!
Regards, Doug
--
To
According to the doco, winbind nss info = template sfu
requires idmap backend = idmap_ad
which has been depreciated to idmap backend = ad
but,
[2006/05/30 13:43:23, 1] nsswitch/winbindd.c:main(953)
winbindd version 3.0.23pre2-SVN-build-15864 started.
Copyright The Samba Team 2000-2004
Alessio Bandini wrote:
Hello,
First of all sorry for my English.
I am experiencing with Samba and I have a problem.
I have an old server (OLD) with Red Hat 9 and Samba 2.2.7a that is
working well.
Now I try to start up a new server (NEW) with Red Hat Enterprise 4 and
Samba 3.0.22.
If I try
James Peach wrote:
On Mon, 15 May 2006 09:40 pm, Doug VanLeuven wrote:
James Peach wrote:
On Sat, 13 May 2006 12:16 am, Gerald (Jerry) Carter wrote:
James,
This was your change right ?
Yup. It's deliberately not configurable so that we can always get
*something* that might help with fault
of the internal ad module?
Still interested? If so, I have to find a copy on
an old DVD backup disc.
Doug VanLeuven wrote:
Sorry Jeff, been there, done that, if you'd read the whole post.
Jeff Saxton wrote:
man ulimit
hint: ulimit -c
This probably won't work because in fault.c we explicitly set
Hi all,
Is there anyway to limit the new core dumping panics?
Can't find anything on it. (If I'd only looked in that ...)
Was my mistake, but winbindd filled up an entire volume
and froze out every process writing to that drive.
I started it from a shell and my soft limit is
already zero.
Sorry Jeff, been there, done that, if you'd read the whole post.
Jeff Saxton wrote:
man ulimit
hint: ulimit -c
Doug VanLeuven wrote:
Hi all,
Is there anyway to limit the new core dumping panics?
Can't find anything on it. (If I'd only looked in that ...)
Was my mistake, but winbindd filled
in this
type of environment without one?
On Thu, 2006-05-11 at 21:17 -0700, Doug VanLeuven wrote:
When using domain logons, after resuming from a hibernate that
exceeded the lifetime of the Kerberos ticket, the client doesn't
immediately renew the ticket. It will auto renew, but I've not
determined
overriding my ulimit,
and what I might do to override your override during normal
operations.
Regards, Doug
Gerald (Jerry) Carter wrote:
Doug, I'm more interested in why winbindd is seg
faulting in the SAMBA_3_0 tree. Can you give me more
details?
Doug VanLeuven wrote:
Sorry Jeff, been
When using domain logons, after resuming from a hibernate that
exceeded the lifetime of the Kerberos ticket, the client doesn't
immediately renew the ticket. It will auto renew, but I've not
determined the amount of time it takes.
Is there a way to force the client to renew the ticket? Short of
[EMAIL PROTECTED] wrote:
My agency is migrating from Solaris PCnetlink to Samba 3.0.20b for file
and print sharing. Samba is installed on Solaris 9 (which I just recently
inherited). Is there any way to tell if Samba was compiled with ACL
support? I am having some trouble matching permissions
Zoran Ljubisic wrote:
Hi all,
In table:
Locked files:
PidDenyMode Access R/WOplock Name
--
28938 DENY_NONE 0x2019f RDWR EXCLUSIVE+BATCH
Tom Peters wrote:
At 10:40 PM 3/29/2006 +0200, you wrote:
Hi @all,
are there any problems known with 3.0.21c and bigger video files (mpg
and wmv greater than 700 MB)?
Received the information that these files cannot copied from XP to
Samba (W2K is okay). Error message is the well known:
Barry, Christopher wrote:
You could be SOL then.
-Original Message-
From: Michael Voss [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 28, 2006 10:30 AM
To: Barry, Christopher
Subject: AW: [Samba] Access shares over IPSEC
Hm, but i don't no where i can this make.
We connect over an
James F. Hranicky wrote:
I have everything in place to move to a Samba/Heimdal/OpenLDAP auth
database and have just discovered that some of the Windows products
we use are required to run on a domain controller. Since domain
sync doesn't work between Samba and NT4 it looks like I'm stuck:
James F. Hranicky wrote:
On Thursday 23 March 2006 13:09, Doug VanLeuven wrote:
Hi James,
Would you mind letting us know what product requires to be installed
on a domain controller? I, for one, would like to shy away from ever
evaluating their product.
Desktop Authority:
http
David Shapiro wrote:
What is the KRB5A option going to provide?
The daemon winbindd resolves uid/gid to sids and vice versa
The AIX WINBIND provides authentication services by calling a PDC
The AIX KRB5A provides authentication services by Kerberos
and can use a windows AD server. IBM has
David Shapiro wrote:
Why does it need a shared library? Can't it use static?
David
I see in /usr/local/openldap/lib:
drwxr-sr-x 10 root system 512 Feb 7 15:22 ..
-rw-r--r-- 1 root system 293847 Feb 8 14:58 liblber-2.3.a
lrwxrwxrwx 1 root system
or not that was possible with
your version of samba.
Regards, Doug
David Shapiro
Unix Team Lead
919-765-2011
Doug VanLeuven [EMAIL PROTECTED] 2/9/2006 11:03:38 PM
David Shapiro wrote:
What can I look at to understand why chown keeps saying user does not
exist.
wbinfo -u/-g returns
David Shapiro wrote:
Hmm, I am not sure why this worked, but I moved my WINBIND stanza in
/usr/lib/security/methods.cfg up in the file prior to the PAM stanza,
and save it. After this, I was able to load the module. Any ideas on
why this worked?
Because aix will scan methods.cfg sequentially
David Shapiro wrote:
What can I look at to understand why chown keeps saying user does not
exist.
wbinfo -u/-g returns the user information
klist -v shows kerberos is working
net ads join works fine
wbinfo -t shows secret is fine
aix does not have getent so I can't run getent passwd --
David Shapiro wrote:
/etc/host, resolv.conf are fine. nsswitch.conf does not exist on aix
systems, but I did add the winbindd entry where aix expects it.I
guess we will see if people respond, but I noticed nobody answered this
type of question in the past...
Not that many people using
Greg Fischer wrote:
Hi all,
I just setup my Samba PDC. Mostly everything works, but I am wondering why
on some clients, they have the wrong USERDOMAIN environment variable. (when
you run 'set' in win xp cmd)
The domain name is MEIDLING, and the user and computer are joined ok. But
in set,
Christoph Kaegi wrote:
On 23.11-02:22, Doug VanLeuven wrote:
Well, no. Maybe. Yes. Been a while since I confronted moving
between des arc4.
in source/libads/ldap.c
#ifndef ENCTYPE_ARCFOUR_HMAC
acct_control |= UF_USE_DES_KEY_ONLY;
#endif
I have in source/include/config.h
Doug VanLeuven wrote:
Then I converted it to your system of using a ktpass.exe generated
keytab using rc4-hmac.
Stopped samba
edit smb.conf and remove use kerberos keytab = yes
Deleted the existing computer account in AD
Deleted the existing mapped user account in AD
Deleted /etc/krb5.keytab
Christoph Kaegi wrote:
On 22.11-09:35, Doug VanLeuven wrote:
Hm, how can I determine, if I use DES keys? I have the following in
krb5.conf (if that is what you mean):
-- 8
--
default_tkt_enctypes = des-cbc-crc, des-cbc
Christoph Kaegi wrote:
On 22.11-10:58, Guenther Deschner wrote:
-- 8 --
[2005/11/21 16:09:28, 3] libsmb/clikrb5.c:smb_krb5_verify_checksum(695)
smb_krb5_verify_checksum: krb5_c_verify_checksum() failed: Bad encryption
Jason Gerfen wrote:
I can authenticate users on a default setup of Windows 2000 using
'Security = ADS'. However if I install Windows Services for Unix
(http://www.microsoft.com/windowsserversystem/sfu/productinfo/features/default.mspx)
I am not able to authenticate or view users from
Jason Gerfen wrote:
Doug VanLeuven wrote:
Jason Gerfen wrote:
I can authenticate users on a default setup of Windows 2000 using
'Security = ADS'. However if I install Windows Services for Unix
(http://www.microsoft.com/windowsserversystem/sfu/productinfo/features/default.mspx)
I am
Jason Gerfen wrote:
I have a question regarding joining a Samba 3 machine to a Windows 2000
Domain using ADS authentication.
I have been able to join the machine to the domain, enumerate users with
getent and wbinfo -u. The problem I am having is with a Windows 2000
default domain setup an
1 - 100 of 169 matches
Mail list logo
