[Samba] 'net rcp shudown' with mashine account (-n -P) possible???
Hello samba-list, I'm able to shutdown remote mashines using: supzli02pdc:~ # net rpc shutdown -S target-pc -U Administrator%passwd -r -t 1 --comment=Abmelden I wounder if this is also possible with an mashine account auth (from the PDC)? I couldn't get it to work: supzli02pdc:~ # net -n supzli02pdc -P rpc shutdown -r -t 1 -S target-pc --comment=Abmelden [2004/08/23 05:12:39, 0] utils/net_rpc.c:rpc_shutdown_internals(2766) Shutdown of remote machine failed! adding -I target_ip doesn't help Any sugestions ?? Question: Is this generally possible On the other hand quering user list works with -P : -- supzli02pdc:/ # net rpc user -P works !! supzli02pdc:/ # net rpc user Password: Could not connect to server 127.0.0.1 The username or password was not correct. so auth is required !!! -- Best regards, Malte mailto:[EMAIL PROTECTED] _ Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0173/90 32 167 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Request for sample qmailGroup ldif: LDAP attribute is not given b ut mandatory. (#5.3.5) error
Hallo, you have to add the qmailUser - objectClass and the corresponding attributes to the entry, qmailGroup is an derieved objectClass from qmailUser. Yours Malte Wednesday, July 28, 2004, 2:54:33 PM, you wrote: KA I would like to create email groups under a qmail-ldap installation. I KA created a sample group [EMAIL PROTECTED] in which I wanted KA [EMAIL PROTECTED] and [EMAIL PROTECTED] to receive a copy of mail sent KA to [EMAIL PROTECTED], I created an ldif for the test group and KA tried sending mail to it but I got an error. KA The sample ldif. KA dn: KA [EMAIL PROTECTED],ou=mysampledomain.com,ou=organisations,dc KA =mysampledomain,dc=com KA cn: Test KA sn: Group KA objectClass: top KA objectClass: person KA objectClass: qmailGroup KA mail: [EMAIL PROTECTED] KA mailAlternateAddress: [EMAIL PROTECTED] KA mailAlternateAddress: [EMAIL PROTECTED] KA mailMessageStore: [EMAIL PROTECTED]/testgroup2 KA filtermember: ((objectclass=qmailGroup)([EMAIL PROTECTED])) KA The error. KA When I do a tail -f /var/log/qmail/current|tai64nlocal I see the error KA LDAP_attribute_is_not_given_but_mandatory._(#5.3.5) KA And I receive an email reading KA Hi. This is the qmail-send program at arccnet.com. KA I'm afraid I wasn't able to deliver your message to the following addresses. KA This is a permanent error; I've given up. Sorry it didn't work out. KA testgroup2@ mysampledomain.com : KA LDAP attribute is not given but mandatory. (#5.3.5) KA --- Below this line is a copy of the message. KA What attributes am I missing or what errors/omissions are there in my ldif. KA Allan. -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0173/90 32 167 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Request for sample qmailGroup ldif: LDAP attribute is not given b ut mandatory. (#5.3.5) error
Sorry, wrong list!!! -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0173/90 32 167 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logged in users
Hallo, i've got a little question: is it possible to query the domain controller which user is loggid in from which workstation. I'm writing an webapp for teachers; it would be nice to know which pupil logged on from which workstation to shutdown the correkt workstation in order to kick the pupil (force logoff) or is there an other way to force an logout for an user? sorry for my bad english -- Best regards, Malte mailto:[EMAIL PROTECTED] _ Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0173/90 32 167 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] logged in users
Hallo, is it possible to query the domain controller which user is loggid in from which workstation. CW man smbstatus oh no, it's so simple - I didn't though... ;-) Just run smbstatus, grep (or parse output, which is more save) the user in question, get the ip of the workstation and finally (this I kney) shutdown the ws using 'net shutdown ...' (in real life you would use the 'logon' or 'profile' or 'home' share ...) e.g. want to kick user 'mwoelky' server:~ # smbstatus Samba version 2.2.8a-SuSE Service uid gid pid machine -- videoroot root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:10 2004 download root root 20801 ds9 (10.0.80.103) Tue Jul 27 16:23:37 2004 videoroot root 29421 rugaldo (10.0.80.176) Wed Jul 28 01:49:53 2004 videoroot root 29078 saugstation (10.0.80.23) Wed Jul 28 01:26:09 2004 storage root root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 download root root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 temp_mw root root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 mwoelky mwoelky users16735 woelky (10.0.80.230) Tue Jul 27 11:38:11 2004 cfusion_ww root root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:11 2004 mp3 root root 16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 upload mwoelky users16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 server:~ # smbstatus | grep mwoelky mwoelky mwoelky users16735 woelky (10.0.80.230) Tue Jul 27 11:38:11 2004 upload mwoelky users16735 woelky (10.0.80.230) Tue Jul 27 11:38:08 2004 server:~ # smbstatus | grep mwoelky| awk 'print $6' (or similary ...) voila, go the ip's (maybe user is logged on on different ips) 10.0.80.230 10.0.80.230 (sort and kill dupes...) 10.0.80.230 and then 'net shutdown ... ip' Big tnx, Craig !!! -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0173/90 32 167 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] ldap + samba + group membership problem
Hallo, Thursday, June 17, 2004, 4:40:06 PM, you wrote: PG Xavier wrote: Selon Paul Gienger [EMAIL PROTECTED]: Good ! thanks a lot Paul, it's a great solution. I'm now very interested onto your automatic directory profile-creation. It would be great to have your login script (anonymised) into the SAMBA source distribution (into examples dir), no ? PG I should note however, that there is a bug with my profile directory PG creation in that it brings up a very annoying error message on first PG login about not being able to find the profile directory, for some PG reason it either doesn't happen fast enough, or windows comes looking PG for the profile directory before the netlogon preexec happens. I'd be PG more inclined to believe the latter. PG Would anyone who knows the order of operations on logon care to comment PG on that? It makes more sense (to me anyway) to hook the script up to PG the preexec of the netlogon share, but if the access to the profile PG directory comes first then maybe that is actually the right place to do it? I'd like solve the priblem as i habe to deal with profile creation, would it be possible to post the script, so I can improve it (if it's possible ;-) and don't have to start from scratch. Yours Malte Woelky Bye Xavier -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Idealx programs and ldap backend
Hallo, Thursday, June 17, 2004, 3:43:16 AM, you wrote: AC Hi Paul, AC Thanks for your insights. I have corrected my add_posix_machine AC function. It should work fine. Would it be possible to post your changes, since I have the same problem. Yours Malte Woelky -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] ldap + samba + group membership problem
Hallo,
Thanks - I will look into this in detail this weekend and play around.
Yours Malte
Thursday, June 17, 2004, 6:17:07 PM, you wrote:
I'd like solve the priblem as i habe to deal with profile creation,
would it be possible to post the script, so I can improve it (if it's
possible ;-) and don't have to start from scratch.
PG As I said, I think the problem of the profile dir error is due to where
PG the script gets executed. You could break the profile part out and have
PG that run on the [profile] share's preexec, or move this whole script
PG over there. Creating an extra login script isn't so bad.
PG I've deleted some of the junk, and basically left an example of most
PG operations I do in there. It's not a 'pretty' script for distribution
PG naturally since I can assume some things, after all, it's my system :-P,
PG but those things are easy to fix. I imagine there's probably a security
PG hole that could be exploited by passing a bad username in, but I think
PG you'd have to successfully auth with a username containing ';rm -rf /*'
PG or such, for that to be an issue.
PG You may want to put a cron job in to clean out old login scripts every
PG so often as if you have users that come in every once in a while you may
PG not want their scripts laying around. I clear the dir every weekend.
PG #!/usr/bin/perl
PG $user = $ARGV[0];
PG $profiledir = /export/profiles/$user;
PG $groups = `/usr/bin/groups $user`;
PG chomp $groups;
PG #
PG ##Make sure that the system environment is sane##
PG #
PG if ( !-d $profiledir )
PG {
PG mkdir($profiledir, oct(700));
PG $uid = getpwnam($user);
PG chown($uid, -1, $profiledir);
PG }
PG #
PG ## Start to create the logon script ##
PG #
open (LOGON,/opt/samba/share/netlogon/$user.bat);
PG print LOGON [EMAIL PROTECTED] OFF\r\n;
PG print LOGON NET TIME /SETSNTP:10.2.0.1 \r\n;
PG print LOGON REM Delete old drives that may be hanging around\r\n;
PG print LOGON NET USE G: /delete\r\n;
PG print LOGON rem Drives everyone gets\r\n;
PG print LOGON NET USE H: SERVERNAME\\$user\r\n;
PG print LOGON IF NOT EXIST G: NET USE G: SERVERNAME\\shared\r\n;
PG ##Map drives based upon group memberships
PG # debug line:
PG print LOGON rem :: groups entry: $groups\r\n;
PG ## DRIVES SECTION
PG if ( $groups =~ m/itserv/ )
PG {
PG print LOGON NET USE I: SERVERNAME\\itserv\r\n;
PG }
PG # big snip as groups checking repeats for more groups
PG ## END DRIVES SECTION
PG ## PRINTERS SECTION
PG # Everyone gets certain printers
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\hplj /r SERVERNAME\\hplj /m \HP LaserJet 5000
PG Series PS \\r\n;
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\pdf /r SERVERNAME\\pdf /m \AdobePSPDF\\r\n;
PG # this should be everyone's default printer unless we've got a good
PG reason to change it
PG print LOGON rundll32 printui.dll,PrintUIEntry /y /z /n
PG SERVERNAME\\hplj\r\n;
PG if ( $groups =~ m/engserv/ ) # engserv gets the plotter
PG {
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\hp755\r\n;
PG }
PG ## END PRINTERS
PG close LOGON;
--
Best regards,
Maltemailto:[EMAIL PROTECTED]
Malte Woelky -=[SkyNet]=-
Unix/DBs/Networks/LDAP/Active Directory
Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003
voice : 0209/977 37 03 : 0174/95 32 105
eMail : [EMAIL PROTECTED]
WWW : http://www.woelky.net/
_ ICQ# 12 767 43 99 _
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] install software when the user logs on (with admin previledges)
Hallo, Friday, June 4, 2004, 6:15:42 AM, you wrote: CW On Thu, 2004-06-03 at 17:34, Malte Woelky wrote: Hi All, is it possible to install software when the user logs on ? I think the problem is, that some software needs admin-rights to be correctly installed? The logon script is executeted with the username/right of the logging-on user, so one can think of changing the user from within the netlogon-script... but this would be dangerous, as one has to write the password of an admin account in the netlogon-script to change the user, right? Does someone have an better idea or how this could be savely done? CW --- CW Microsoft.com Software Update Services My problem are not windows software updates, I need to install applications like education software, office software on an automaticalle base (something like Software installation without GPO as I use Samba3 as NT DC, so maybe netlogon scripts are an solution ) etc Does someone have an idea how this can be done, -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] install software when the user logs on (with admin previledges)
Hi All, is it possible to install software when the user logs on ? I think the problem is, that some software needs admin-rights to be correctly installed? The logon script is executeted with the username/right of the logging-on user, so one can think of changing the user from within the netlogon-script... but this would be dangerous, as one has to write the password of an admin account in the netlogon-script to change the user, right? Does someone have an better idea or how this could be savely done? -- Best regards, Malte mailto:[EMAIL PROTECTED] _ Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: FIX: Re: [Samba] prerequisites for winbind (Samba-3.0.4-SuSE-9.0)
Hallo,
Cool, figured it out this night or better this morning (6 o'ckock ;-) , too.
Maybe wbinfo -a / -u seems not to work because of our
missing/uncomplete PAM or nsswitch configuration, but we don't need
it vor squid auth... my accounts/groups come from pam_ldap nss_ldap Co
My biggest mistake was running this from within mc (Midnight
Commander) e.g. wbinfo -a User.xy%3xyz
which expanses to something likewbinfo -a User.xyxyz
and enver works.
But from pure command line it succeeds ;-)
At the time of writing of my post last evening, I additionally
mixed up my Administrator/uid=0 - Account, so I couldn't join from
Win2k-Workstation,
which days ago was alredy working for nearly four month... shit happens ;-)
(I'm writing my diplom thesis)
Yours
Malte
Tuesday, June 1, 2004, 11:06:31 AM, you wrote:
FD hello, I'v the same problem with wbinfo -{u,g} but winbind works
FD when used with squid, also wbinfo -a Administrator%XX
FD work.
FD [EMAIL PROTECTED] root]# wbinfo -a Administrator%X
FD plaintext password authentication succeeded
FD challenge/response password authentication succeeded
FD but
FD [EMAIL PROTECTED] root]# wbinfo -u
FD Error looking up domain users
FD [EMAIL PROTECTED] root]# wbinfo -g
FD Error looking up domain groups
FD francesco.
FD Malte Woelky wrote:
Hi there,
I'm not able to get winbind to work, although searched google and studied
and tried nearly every howto
and forum entry on the net the last week it simply doesn't work and I don't
understand
why
My Samba3-Domain SUPZ (samba ldap Linux PDC, Windows Clients) works
perfektly
with all ldap users, groups (linux and from windows) and computer accounts
(Win2000 WS).
I'm using samba3-3.0.4-1.i586.rpm (etc) for SuSE 9.0 and smpldap-tools 0.8.4
form www.idealx.org
But I cannot get the winbind stuff zu work. I'm trying to integrate winbind
for ntlm_auth and Squid.
What do prequisites do I need for winbind?
my smb.conf (only winbind, logon ldap related stuff)
--
[...]
logon script = \\supzli02pdc\netlogon\logon.bat
logon path =
logon drive = H:
logon home =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
add user script = /usr/local/sbin/smbldap-useradd -m
add group script = /usr/local/sbin/smbldap-groupadd -p
add user to group script = /usr/local/sbin/smbldap-groupmod -m
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
set primary group script = /usr/local/sbin/smbldap-usermod -g
add machine script = /usr/local/sbin/smbldap-useradd -w
passdb backend = ldapsam:ldap://192.168.10.50/
passwd program = /usr/local/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*all*authentication*tokens*updated*
username map = /etc/samba/smbusers
ldap suffix = dc=supz,dc=schulenge,dc=de
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap admin dn = cn=admin,dc=schulenge,dc=de
ldap ssl = no
ldap passwd sync = Yes
ldap delete dn = Yes
winbind use default domain = yes
winbind trusted domains only = yes
#winbind separator = +
#winbind nested groups = no
idmap uid = 5-6
idmap gid = 5-6
template shell = /bin/bash
template homedir = /home/%D/%U
winbind enum groups = yes
winbind enum users = yes
winbind enable local accounts = yes
winbind cache time = 10
[...]
--
I always get the following errors:
--
supzli02pdc:/ # wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_INTERNAL_ERROR (0xc0e5)
Could not check secret
supzli02pdc:/etc/samba # wbinfo -u
Error looking up domain users
supzli02pdc:/ # wbinfo -a SUPZ\\Hans.Meiserestme
plaintext password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc0da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user SUPZ\Hans.Meiserestme with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc0da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user SUPZ\Hans.Meiserestme with challenge/response
-
= tried setting an user vor wbinfo, but this doesn't help:
supzli02pdc:/ # wbinfo --set-auth-user=administrator
Password:
Press any key to continue...
supzli02pdc:/ # wbinfo --get-auth-user
SUPZ\administrator%[...]
= password replaced in posting and verified:
supzli02pdc:/etc/samba # smbclient -UAdministrator -L supzli02pdc
Password:
Domain=[SUPZ] OS=[Unix] Server=[Samba 3.0.4-SerNet-SuSE]
Sharename Type Comment
[Samba] prerequisites for winbind (Samba-3.0.4-SuSE-9.0)
-588480087-512
sambaSID: S-1-5-21-1040516133-489134623-588480087-2996
loginShell: /bin/false
sambaAcctFlags: [U]
sambaLMPassword: [...]
sambaNTPassword: [...]
gecos: Netbios Domain Administrator
sambaPwdCanChange: 1083754399
sambaPwdMustChange: 2147483647
sambaPwdLastSet: 1083754399
employeeType: PROXYACCESS
userPassword: {CRYPT} [...]
password are correct set and verified, I replaced them in the post with
[...]
Question: Is it required for winbindd use winbind in nsswitch.conf I
only need winbind for squid ntlm_auth
my /etc/nsswitch.conf:
passwd: compat ldap
group: compat ldap
I get my accounts from LDAP and posixAccount-class:
supzli02pdc:/etc # getent passwd
root:x:0:0:root:/root:/bin/bash
[...]
squid:x:31:65534:WWW-proxy squid:/var/cache/squid:/bin/false
Administrator:x:0:512:Netbios Domain Administrator:/home:/bin/false
nobody:x:999:514:nobody:/dev/null:/bin/false
supz0100$:x:1000:553:supz0100$:/dev/null:/bin/false
testmw1:x:1001:513:System User:/home/testmw1:/bin/bash
Martin.Monster:x:1005:513:Monster, Martin:/home/Martin.Monster:/bin/bash
Karl.King:x:1006:513:King, Karl:/home/Karl.King:/bin/bash
Holger.Mertens:x:1011:513:Mertens, Holger:/home/Holger.Mertens:/bin/bash
Lieschen.Mueller:x:1018:513:Mueller,
Lieschen:/home/Lieschen.Mueller:/bin/bash
Franz.Meier:x:1027:513:Meier, Franz:/home/Franz.Meier:/bin/bash
[...]
this works perfectly and shows all local and ldap users
Any ideas what I did wrong or what I missed ??
Thanks in advance for reading the detailed infos
I'm using SuSE 9.0 pro and the samba3-rpm from
http://us3.samba.org/samba/ftp/Binary_Packages/SuSE/3.0/i386/9.0/
(tried http://ftp.sernet.de/pub/samba/suse90/ - with no different effect on
my winbind problem)
--
Best regards,
Malte mailto:[EMAIL PROTECTED]
_
Malte Woelky -=[SkyNet]=-
Unix/DBs/Networks/LDAP/Active Directory
Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003
voice : 0209/977 37 03 : 0174/95 32 105
eMail : [EMAIL PROTECTED]
WWW : http://www.woelky.net/
_ ICQ# 12 767 43 99 _
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] small question
Hello frieds, do I need to do 'net rpc join -U Administrator' (to selfjoin the localhost to the domain) if I have samba3.0.4 running in ROLE_DOMAIN_PDC and with ldapsam-Backend and want to use winbindd for ntlm_auth squid authentification? -- Best regards, Malte mailto:[EMAIL PROTECTED] _ Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] small question
Hallo, I think, I figured it right out by myself: /var/log/samba/winbindd.log says: [2004/05/29 13:51:14, 1] nsswitch/winbindd.c:main(843) winbindd version 3.0.4-SUSE started. Copyright The Samba Team 2000-2004 [2004/05/29 13:51:14, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain SUPZ S-1-5-21-1040516133-489134623-588480087 [2004/05/29 13:51:14, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain BUILTIN S-1-5-32 - So, it's not needed - right? MfG Malte Tuesday, June 1, 2004, 1:22:13 AM, you wrote: MW Hello frieds, MW do I need to do 'net rpc join -U Administrator' MW (to selfjoin the localhost to the domain) MW if I have samba3.0.4 running MW in ROLE_DOMAIN_PDC and with ldapsam-Backend MW and want to use winbindd for ntlm_auth squid authentification? MW -- MW Best regards, MW Malte mailto:[EMAIL PROTECTED] MW _ MW Malte Woelky -=[SkyNet]=- MW Unix/DBs/Networks/LDAP/Active Directory MW Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 MW voice : 0209/977 37 03 : 0174/95 32 105 MW eMail : [EMAIL PROTECTED] MW WWW : http://www.woelky.net/ MW _ ICQ# 12 767 43 99 _ -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
