Hello Bruno,
Am 25.08.2013 22:26, schrieb Bruno Vane:
Yes I read these sections, but I want something different. Users will
join on AD domain (Samba 4) and will connect to an entry SSH server,
and from this server they can access other SSH servers on the network.
All SSH servers are configured
Thank you Marc,
I will try this configuration. For this to work I need openLDAP proxy?
2013/8/26 Marc Muehlfeld sa...@marc-muehlfeld.de
Hello Bruno,
Am 25.08.2013 22:26, schrieb Bruno Vane:
Yes I read these sections, but I want something different. Users will
join on AD domain (Samba 4)
Am 26.08.2013 14:10, schrieb Bruno Vane:
I will try this configuration. For this to work I need openLDAP proxy?
No. You can access AD via LDAP direclty.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marc, sorry to bother you with this, but I can not access a SSH server
using these settings.
Could you take a look if you have time to find out if my settings are wrong?
When I do a ssh -l nslcd-connect (or any other user) to the server, i got
this in /var/log/auth.log:
Aug 26 11:09:14 ldap
Am 26.08.2013 16:11, schrieb Bruno Vane:
Marc, sorry to bother you with this, but I can not access a SSH server
using these settings.
Could you take a look if you have time to find out if my settings are wrong?
When I do a ssh -l nslcd-connect (or any other user) to the server, i
got this in
On Mon, 2013-08-26 at 19:09 +0200, Marc Muehlfeld wrote:
passwd: files ldap
shadow: files ldap
group: files ldap
@marc
Just curious, but why are you trying to pull shadow from the directory?
--
To unsubscribe from this list go to the following URL and read the
Am 26.08.2013 19:19, schrieb steve:
On Mon, 2013-08-26 at 19:09 +0200, Marc Muehlfeld wrote:
passwd: files ldap
shadow: files ldap
group: files ldap
@marc
Just curious, but why are you trying to pull shadow from the directory?
You are right. This is not
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap (since they have the posix attributes), new
Am 26.08.2013 20:12, schrieb Luca Olivetti:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap (since they have the posix attributes), new users/groups
Marc, it seems that the problem was actually that the posix information
were blank and I could not edit them. Made domain provision again with the
option --use RFC2307. After creating the user in AD (via RSAT in Win7) I
need to manually enable NIS domain info for that user. After this, I got to
On Mon, Jun 10, 2013 at 5:14 PM, Andrew Bartlett abart...@samba.org wrote:
On Mon, 2013-06-10 at 10:42 -0700, pranav desai wrote:
Thanks Andrew for the reply.
Do we have a TODO list need to support cross compilation using the waf
build system?
I can try and hack around the build
I've recently come across the same situation, while migrating a 3.0.33
PDC host to 3.6.9. I had renamed the old host some time ago from LANYARD
to TACS-DC. The old host still functions fine, except for not being able
to get its own SID.
Old DC host:
[root@tacs-dc samba]# net getdomainsid
If you are using winbind, you can use template home directory = and
template shell = in your smb.conf (man smb.conf for a more accurate
description)..
Ricky
On Mon, Aug 26, 2013 at 2:58 PM, Bruno Vane bro...@gmail.com wrote:
Marc, it seems that the problem was actually that the posix
Hi Ricky,
I'm not using winbind.
To auto create home dir I added:
session required pam_mkhomedir.so skel=/etc/skel umask=0022
in /etc/pam.d/common-session file.
I'm using Marc instructions to log in via SSH whithout join the machine in
the domain. Can I also use winbind with this
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from
Hi Steve,
I'm adding users through ADUC, in Remote Server Administration Tool.
Thank you.
2013/8/26 steve st...@steve-ss.com
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the
On Mon, 2013-08-26 at 18:02 -0300, Bruno Vane wrote:
Hi Steve,
I'm adding users through ADUC, in Remote Server Administration Tool.
new users/groups added
via samba-tool or windows didn't appear.
Ah, I see. It's just that your message said samba-tool (as
Am 26.08.2013 21:58, schrieb Bruno Vane:
Now i have to research how to auto-create the home dir and
change the shell to /bin/bash.
For the home auto creation, PAM maybe could help you (pam_mkhomedir).
But this won't help you, if use ssh with keyfiles, because someone have
to place the public
Al 26/08/13 20:28, En/na Marc Muehlfeld ha escrit:
Am 26.08.2013 20:12, schrieb Luca Olivetti:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap
Am 25.08.2013 09:27, schrieb Bruno Vane:
I have some Ubuntu LTS servers running openssh server authenticating to
external openldap. I installed a new Ubuntu LTS server with Samba4 to
create a domain and is working very well. I managed to make a pfsense
firewall authenticate users in this Samba4
Hello Luca,
Am 27.08.2013 00:11, schrieb Luca Olivetti:
The problem is, how do I get the posix information into samba4? With
samba 3 I could manage users and groups with ldap account manager and
they got both samba and posix attributes.
I have a windows workstation at work. There I use ADUC.
Al 26/08/13 22:54, En/na steve ha escrit:
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it
On Tue, 2013-08-27 at 00:12 +0200, Marc Muehlfeld wrote:
Am 25.08.2013 09:27, schrieb Bruno Vane:
I have some Ubuntu LTS servers running openssh server authenticating to
external openldap. I installed a new Ubuntu LTS server with Samba4 to
create a domain and is working very well. I managed
On Tue, 2013-08-27 at 00:28 +0200, Luca Olivetti wrote:
Al 26/08/13 22:54, En/na steve ha escrit:
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when
Al 27/08/13 00:24, En/na Marc Muehlfeld ha escrit:
I have a windows workstation at work. There I use ADUC. Everything I
need to administrate users/groups, etc. And if you delegate permissions
Am 27.08.2013 00:28, schrieb Luca Olivetti:
I tried ADUC (again, in a test VM joined to the domain), which could be
suitable, but I couldn't see any unix tab (and if I have to manually
assign uids/gids there it's not an option).
In ADUC on Win7 the tab should be there (on XP you need to
Am 27.08.2013 00:56, schrieb Luca Olivetti:
..when I tried to add a user via ADUC I couldn't see it with nslcd.
Maybe I didn't really use ADUC? (dsa.msc)
Do the users have posix attributes (uid, shell, etc.)?
I published my nslcd HowTo some hours ago. Have a look on it. Maybe you
missed
Al 27/08/13 01:03, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 00:28, schrieb Luca Olivetti:
I tried ADUC (again, in a test VM joined to the domain), which could be
suitable, but I couldn't see any unix tab (and if I have to manually
assign uids/gids there it's not an option).
In ADUC
Al 27/08/13 01:11, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 00:56, schrieb Luca Olivetti:
..when I tried to add a user via ADUC I couldn't see it with nslcd.
Maybe I didn't really use ADUC? (dsa.msc)
Do the users have posix attributes (uid, shell, etc.)?
Users migrated from samba 3,
Hello Steve,
thanks for your suggestions.
Am 27.08.2013 00:40, schrieb steve:
1. Nested groups work fine with nslcd. Please use the latest version:
man nslcd.conf(5)
I use the version Redhat ships. I haven't used that latest version and I
think most will use the one shipped with their
Am 27.08.2013 01:13, schrieb Luca Olivetti:
In ADUC on Win7 the tab should be there (on XP you need to install
something additionally if I remember right).
Ah, OK, I'm on XP and I installed the tools here:
https://wiki.samba.org/index.php/Samba_AD_management_from_windows#Windows_XP_Pro
No
Am 27.08.2013 01:19, schrieb Luca Olivetti:
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
Yep, I only had to comment the map group uniqueMember member line,
though (migrated) groups show the members fine.
What didn't work when you have this line in?
I have
I have a server that is not replicating correctly, but passes all the tests
listed here: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
In particular running
# host -t CNAME 976c9c86-288d-483e-baec-7043a9c4a6cd._msdcs.ncs.k12.de.us
On 26/08/2013 9:37 PM, dahopk...@comcast.net wrote:
I have a server that is not replicating correctly, but passes all the tests
listed here: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
In particular running
# host -t CNAME
I checked and the ping didn't work, but after adding and entry in /etc/hosts
for all servers and verifying the ping and host are correct, I still get the
same behavior. ncssamba2 reports success for replication with ncssamba1, but
ncssamba1 reports failures with ncssamba2.
- Original
On 08/26/2013 01:21 PM, Eric Shubert wrote:
I'm guessing that adding a TACS-DC record to the old host would fix the
problem of not being able to get its SID.
This appears to work now.
I'm also guessing that adding a LANYARD record to the new host *might*
make it recognize that it's a domain
The branch, master has been updated
via 7614278 smbd: Simplify dropbox special case in unix_convert
from 84b8bdd Revert Fix the erroneous masking of chmod requests via the
UNIX extensions.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log
The branch, master has been updated
via 09940255011b119dc6af3304f5d3e9568e6006fd (commit)
from c446579fc442955ecc74f5566eaa0635c3171498 (commit)
http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master
- Log -
commit
The branch, master has been updated
via d1593a2 Fix the UNIX extensions CHOWN calls to use FCHOWN if
available, else LCHOWN.
via f1ff97f Allow UNIX extensions client to act on open fsp instead of
pathname if available.
via bd01569 Fix the erroneous masking of chmod
39 matches
Mail list logo