You should read up on the following smb.conf directives:
idmap uid
idmap gid
idmap domains
idmap config [domain]:backend
idmap config [domain]:default
idmap config [domain]:schema_mode
idmap config [domain]:range
Might be able to solve you problems.
On 12/06/10 22:27, Scott Ehrlich wrote:
I
default_tkt_enctypes = arcfour-hmac-md5
default_tgs_enctypes = arcfour-hmac-md5
permited_enctypes = arcfour-hmac-md5
2010/12/1 Jason Gerfen jason.ger...@utah.edu
mailto:jason.ger...@utah.edu
You need to first obtain a valid tgt. Use
error at ./UID2SID.pl line 239, near = ;
syntax error at ./UID2SID.pl line 380, near = ;
syntax error at ./UID2SID.pl line 404, near = )
syntax error at ./UID2SID.pl line 410, near }
Execution of ./UID2SID.pl aborted due to compilation errors.
Regards, Danilo
On 26. 07. 2010 15:54, Jason
Here is a document and perl script I developed to resolve UID to SID
mappings in Samba Active Directory authentication.
http://zerointeger.tumblr.com/post/589762841/samba-and-active-directory
Let me know if that helps any.
On 07/26/10 07:01, Danilo Godec wrote:
Got a problem after upgrading
the following:
nanoelecfs:/home/joel# wbinfo -t
checking the trust secret via RPC calls failed
Could not check secret
I am running a Debian Lenny system with kernel version 2.6.26-2-amd64
I am running samba version 2:3.2.5
Thanks in advance!
--
Jason Gerfen
Systems
mistofeles wrote:
We have a small Ubuntu 9.10 file server in a large Win 2003/2008 domain.
There is no X nor web browser in the server.
I have rights to join machines to the domain, but I'm not an Administrator
There is about 10 users in this server, who want to authenticate with domain
Timo Aaltonen wrote:
On Mon, 21 Sep 2009, Timo Aaltonen wrote:
Hi!
I'm trying to set up a samba client to authenticate from AD
(Win2k8), by using rfc2307 schema mode to map uidNumber, gidNumber
and unixHomeDirectory. The latter two seem to work, while uidNumber
doesn't, at least
when you specify the netbios name dikrective have you tried enclosing
the server netbios name in quotes when using a hyphen?
tisdn tisdn wrote:
Hi,
We've had a problem using Samba 3.3.2 and windows 2000 workstations sp4.
After many tests, it was discovered that when the netbios name has an
Chris Bolton wrote:
Hi all,
I've set up a CentOS machine with samba version 3.0.28-1.el5_2.1 to join a
Windows 2003 ADS. Everything seemed to go fine while joining the domain:
[EMAIL PROTECTED] ~]# net ads join -U administrator
administrator's password:
Using short domain name -- MYDOMAIN
]
kdc = FILE:/var/krb5/log/krb5kdc.log
admin_server = FILE:/var/krb5/log/kadmin.log
default = FILE:/var/krb5/log/krb5lib.log
--
Jason Gerfen
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo
Try using the following in your smb.conf
client signing = yes
client schannel = no
client use spnego = yes
client lanman auth = no
client NTLMv2 auth = yes
client plaintext auth = no
idmap domains = DOMAIN
idmap config DOMAIN:backend = ad
idmap config DOMAIN:default = yes
idmap config
}
[domain_realm]
.DNAME.local = DNAME.LOCAL
DNAME.local = DNAME.LOCAL
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
-Original Message-
From: Jason Gerfen [mailto:[EMAIL PROTECTED]
Sent
Which schema attributes are necessary for an AD user to authenticate
against active directory?
I am asking because I have some users which can authenticate and some
that cannot.
I tried to find this information in the samba howto but could not locate
it. Thanks.
--
Jas
--
To unsubscribe
Is there a way to change the lookup string (correct me if I am wrong
here) regarding the schema attribute Samba uses for AD authentication?
Not if this is accurate but it seems the AD lookup queries the CN
attribute within an active directory user account.
My problem is I have legacy user
Ok so I have a problem and I am trying to figure something out in
regards to samba ads authentication, winbindd sid to uid/gid mapping and
why some domain accounts can map the samba share from linux and windows
when others cannot.
I have a few domain users that when they try to map a samba
John H Terpstra wrote:
On Wednesday 04 June 2008 10:58:52 Jason Gerfen wrote:
Ok so I have a problem and I am trying to figure something out in
regards to samba ads authentication, winbindd sid to uid/gid mapping and
why some domain accounts can map the samba share from linux and windows
when
I just updated Samba on Gentoo due to a security vulnerability and the
authentication for domain accounts is now failing. Has anyone else seen
this?
--
Jas
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
I tried that. After upgrading Samba yesterday using Gentoo's emerge
facility due to the vulnerability listed
http://www.samba.org/samba/security/CVE-2008-1105.html and
http://www.gentoo.org/security/en/glsa/glsa-200805-23.xml the
authentication of AD users has ceased working.
krb5.conf
wrote:
On Tue, Jun 3, 2008 at 7:52 AM, Jason Gerfen [EMAIL PROTECTED] wrote:
I just updated Samba on Gentoo due to a security vulnerability and the
authentication for domain accounts is now failing. Has anyone else seen
this?
--
I have upgraded a domain memberservers last week to
net-fs/samba
Installing it now... it looks like the amd64 package is masked for samba
however.
John Drescher wrote:
On Tue, Jun 3, 2008 at 9:07 AM, Jason Gerfen [EMAIL PROTECTED] wrote:
I tried that. After upgrading Samba yesterday using Gentoo's emerge facility
due to the vulnerability listed
Did you
John Drescher wrote:
Ok I have updated it and am no able to authenticate. It seems that even
though my smb.conf shows 'client plaintext auth = no' in the logs when
performing a 'wbinfo --krb5auth=username%password' it shows
plaintext kerberos password authentication for [username%password]
John Drescher wrote:
On Tue, Jun 3, 2008 at 9:07 AM, Jason Gerfen [EMAIL PROTECTED] wrote:
I tried that. After upgrading Samba yesterday using Gentoo's emerge facility
due to the vulnerability listed
Did you try 3.0.30? It is in portage now.
John
Ok I have updated it and am no able
for
now so I can figure out why its not working. What is the best practice
for this folders permissions? Thanks.
Jason Gerfen wrote:
John Drescher wrote:
Ok I have updated it and am no able to authenticate. It seems that even
though my smb.conf shows 'client plaintext auth = no' in the logs when
account from active directory
2. Can you roll back to Samba 3.0.24 if you emerge 3.0.30
Nope, the lastest in portage right now is 3.0.28
Thanks to any info you can provide.
-Ivan
Jason Gerfen wrote:
I rolled it back and experienced the same problems so I went ahead and
followed the following
Hello again, I am seeing something I never thought I would see.
I can open a dos prompt on a windows machine and map a drive to the
samba server using the ADS authentication and read/write from the share etc.
My problem is if I try to mount the samba share from a linux client I
receive
I am having a problem with the pam_mkhomedir.so not setting up the users
home directory. Relevant data:
/etc/pam.d/system-auth
sessionoptional pam_mkhomedir.so umask=0022 skel=/etc/skel/
/etc/samba/smb.conf
nt acl support = yes
inherit permissions = yes
create mask = 0022
template
I need some assistance.
I had my ads authentication working and today I am having problems with
the following;
check_ntlm_password: Checking password for unmapped user
[EMAIL PROTECTED] with the new password interface
Where it should be
check_ntlm_password: Checking password for unmapped
for 'wbinfo -u' ?
I think I had the same problem before, I'll try to remember it.
David Molina
On Tue, May 27, 2008 at 3:25 PM, Jason Gerfen [EMAIL PROTECTED]
wrote:
I can enumerate users and groups from the domain but I cannot authenticate
the users.
Any help?
--
Jas
--
To unsubscribe from
This is the error i am seeing in /var/log/samba/log.winbindd-idmap
[2008/05/28 11:46:50, 10] nsswitch/idmap_util.c:idmap_sid_to_gid(145)
idmap_sid_to_gid: sid = [S-1-5-21-2868754479-89028146-2101856903-513]
[2008/05/28 11:46:50, 10] nsswitch/idmap_util.c:idmap_sid_to_gid(165)
sid
Volker Lendecke wrote:
On Wed, May 21, 2008 at 11:23:36AM -0600, Jason Gerfen wrote:
Hello again. Well I am stuck again. I cannot for the life of me get the
wbinfo -i username to work properly
Here is some more information pulled from the log.winbind file:
[2008/05/21 11:15:15, 10] nsswitch
I have been ready everything I can regarding this setup but am having a
problem that I am unsure of.
I am unable to authenticate any user despite the following commands working:
% getent passwd username
% wbinfo -u
% wbinfo -g
With the getent passwd I am able to see all of my UID/GID being
UPDATE
Jason Gerfen wrote:
I have been ready everything I can regarding this setup but am having a
problem that I am unsure of.
I am unable to authenticate any user despite the following commands
working:
% getent passwd username
% wbinfo -u
% wbinfo -g
With the getent passwd I am able
password required pam_deny.so
sessionrequired pam_mkhomedir.so umask= skel=/etc/skel/ silent
sessionrequired pam_limits.so
sessionrequired pam_unix.so
sessionoptional pam_krb5.so
Linux Addict wrote:
On Thu, May 22, 2008 at 2:03 PM, Jason Gerfen [EMAIL
Ok I have a problem and I am not sure how I can go about resolving it.
This environment utilizes a strange configuration I have not seen
anywhere else.
Kerberos Realm is: REALM.COM
SMB.CONF
realm = REALM.COM
% net ads join
Failed: no servers
If I change it to this:
SMB.CONF
realm =
Hello again. Well I am stuck again. I cannot for the life of me get the
wbinfo -i username to work properly
Here is some more information pulled from the log.winbind file:
[2008/05/21 11:15:15, 10] nsswitch/winbindd.c:process_request(314)
process_request: request fn GETPWNAM
[2008/05/21
help, pointers etc. is appreciated. Thanks.
--
Jason Gerfen
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[EMAIL PROTECTED]
Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime)
--
Jason Gerfen
I practice my religion
while stepping on your
toes...
~The Ditty Bops
--
To unsubscribe from this list go to the following URL and read the
instructions: https
msdfs root = no
# force user = A
Folder permisions:
lrwxrwxrwx 1 nobody sclusers 22 Mar 13 06:38 Desktop -
/home/username/Desktop
--
Jason Gerfen
I practice my religion
while stepping on your
toes...
~The Ditty Bops
--
To unsubscribe from this list go to the following URL
I thought that as well at first but if I change the default share to
'/tmp' I am able to map the drive but I am NOT able to view any of the
symlinks in that directory with windows.
John Drescher wrote:
On Thu, Mar 13, 2008 at 9:57 AM, Jason Gerfen [EMAIL PROTECTED] wrote:
I am having a hard
.
Any help is appreciated.
John Drescher wrote:
On Thu, Mar 13, 2008 at 12:43 PM, Jason Gerfen
[EMAIL PROTECTED] wrote:
I thought that as well at first but if I change the default share to
'/tmp' I am able to map the drive but I am NOT able to view any of the
symlinks in that directory
server and I am
unsure why it is still putting the [SCL]\[username] into the authentication.
--
Jason Gerfen
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[global]
workgroup = SCL
netbios name = ODIN
security = share
log level = 2
interfaces = eth*
bind interfaces only = yes
socket options = IPTOS_LOWDELAY TCP_NODELAY
[images]
comment = ODIN
path = /odin/images
browseable = yes
Security = share to allow samba to authenticate against the local passwd
files correct?
--
Jas
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
= 262144
[images]
comment = ODIN
user = %S
path = /odin/images
inherit acls = Yes
browseable = yes
writeable = yes
read only = no
public = yes
--
Jason Gerfen
The charge that he had insulted Turkey's armed forces was dropped, but he still
:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Gerfen wrote:
Ok, well what version of samba impliments the winbind nss support?
I don't remember exactly. Check the release notes but it
was 3.0.20 IIRC.
cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux
and stores
mappings in so called idmaps.
Markus
Jason Gerfen wrote:
Ok in my test environment I just got done updating the schema on the
Win2K domain to include the AD4Unix package and I am still able to
authentication and view all users from any container including the
CN=Users (default
networks: files dns
services: files
protocols: files
rpc:files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases:files
--
Jason Gerfen
Oh I have seen alot of what
the world can do
on this? The only major difference between the test domain and
the live domain is the number of users at this point and the container
setup in AD.
Jason Gerfen wrote:
Scenario: Samba-3.0.20b domain member server on SuSE 9.3 (w/ all
available patches applied) providing kerberos authentication through
/winbindd_util.c:trustdom_recv(259)
Got invalid trustdom response
--
Jason Gerfen
Oh I have seen alot of what
the world can do, and its
breaking my heart in two...
~ Wild World, Cat Stevens
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman
/cli_pipe.c:cli_rpc_close(1767)
Nov 28 10:31:44 new-odin winbindd[7389]: cli_rpc_open failed on pipe
\NETLOGON to machine LOKI. Error was SUCCESS - 0
Anyone have some insight into this?
--
Jason Gerfen
Oh I have seen alot of what
the world can do, and its
breaking my heart in two...
~ Wild World, Cat
Can anyone verify the functionality of the RPM's for SuSE 9.3 located here?
http://us3.samba.org/samba/ftp/Binary_Packages/SuSE/pre/x86_64/9.3/
I am leary of getting an unstable version setup. Thanks in advance.
Doug VanLeuven wrote:
Jason Gerfen wrote:
Doug VanLeuven wrote:
Jason
Units in the default domain. ???
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Doug VanLeuven wrote:
Jason Gerfen wrote:
I can authenticate users on a default setup of Windows 2000 using
'Security = ADS'. However if I install Windows Services for Unix
(http://www.microsoft.com/windowsserversystem/sfu/productinfo/features/default.mspx)
I am not able to authenticate
in ANY container or OU in active directory.
On the current live domain which I am attempting the same setup I can
only see users from one OU, is this a known issue?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
=authenticated.
On a lighter note, where can I get an updated SuSE RPM for Samba?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https
proxiable = false
retain_after_close = false
minimum_uid = 0
}
Any help is appreciated.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https
I want a samba machine to be a member of the domain and authentication
the users, but I do not want to use kerberos as authentication and I
also want to limit or authentication users from a specific group.
Examples of this?
--
Jason Gerfen
My girlfriend threated to
leave me if I went
is definately appreciated.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
that there is a gPLink attribute on
the container I DONT want to use vs. the other. Any assistance is
appreciated.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
[domain_realm]
.domain.com = DOMAIN.COM
domain.com = DOMAIN.COM
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
}
--
Jason
:-(.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Jason Gerfen
Sent: Wednesday, October 19, 2005 12:28 PM
To: samba-technical@lists.samba.org
Subject: Changing OU to default?
I have posted a few questions in the normal samba lists and have not
recieved an answer, other
, if I run
getent passwd I do not see the users and I am hoping that resolving that
error with winbind will solve this.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL
the users and I am hoping that resolving that
error with winbind will solve this.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https
How can I resolve the error in the logs with
ads_connect failed for domain *, cannot read password?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read
Mark Foster wrote:
Is this smb.conf directive valid in 3.0.20?
idmap backend = ads
Thanks.
examples:
idmap = ldapsam:ldap://ip or hostname of ldap / active directory server
or for local authentication
idmap = smbpasswd
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding
conversion operation, data 0, v893
How can I resolve this?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo
Directory, I have followed some advice of deleting the account from the
Active Directory and then re-joining the samba box to the domain for
security = ads authentication but it has not resolved the problem.
Any help is appreciated.
--
Jason Gerfen
My girlfriend threated to
leave me if I went
I am not sure how to resolve this error, and googling has not produced
anything for me.
I join the domain as a domain member server (security = ads) and the
winbind log shows
ads_connect for domain SCL failed: Cannot read password
Any help?
--
Jason Gerfen
My girlfriend threated to
leave
. rejoined box to domain (worked fine), omitting the specification of a
OU for authenticated users
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https
: [EMAIL PROTECTED]
[mailto:samba-
[EMAIL PROTECTED] On Behalf Of Jason
Gerfen
Sent: Monday, September 26, 2005 8:43 AM
To: samba@lists.samba.org; samba-technical@lists.samba.org
Subject: [Samba] Samba/AD/Winbbind OU vs. CN?
I have encountered a problem so I am posting this question
= yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /samba/netlogon
browseable = no
guest ok = yes
--
Jason Gerfen
Student Computing Labs, University Of Utah
[EMAIL PROTECTED]
J. Willard Marriott Library
295 S 1500 E, Salt Lake City, UT 84112-0860
801-585-9810
My girlfriend
only able to view the OU below the CN=users,DC=domain,DC=com
Any help?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org
I am able to view groups after joining the domain but not users using
getent passwd and getent group. Anyone else seen this?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following
I am sorry to post this again, but I need some help on using Active
Directory mapping.
Jason Gerfen wrote:
When joining the samba box to a domain:
% net ads join -U username
% kinit [EMAIL PROTECTED]
% net ads join -U username LDAP/AD Container of users
The last command fails and when doing
reason you see the ou=Users in your trace is because Admin
lives in ou=Users by default.
Can you authenticate ? Have you tried?
-Original Message-
From: Jason Gerfen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 1:46 PM
To: Edward Brookhouse
Subject: Re: [Samba] AD
= Home Directories
browseable = no
writable = yes
user = @CORP+domain users
Where 'CORP' is my domain
-Original Message-
From: Jason Gerfen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 21, 2005 2:26 PM
To: Edward Brookhouse
Subject: Re: [Samba] AD Authentication help
in the active directory?
Any help is appreciated.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
trying to map?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Jason Gerfen
Sent: Tuesday, September 20, 2005 11:25 AM
To: samba@lists.samba.org
Subject: [Samba] AD Authentication help please?
I am having a problem which with much help from this list I have
are, are you sure the
winbind daemon is running?
Dimitri
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka
this is a good indication I am a member server, but the startup logs
are still indicating this as a logon server. Am I running the wrong
command to join the domain?
% net ads join -Uadmin ad_container_name
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her
on the ou=users vs. cn=users, anyone shed some light on this?
--
Jason Gerfen
Student Computing Labs, University Of Utah
[EMAIL PROTECTED]
J. Willard Marriott Library
295 S 1500 E, Salt Lake City, UT 84112-0860
801-585-9810
My girlfriend threated to
leave me if I went boarding...
I will miss her
Jason Gerfen wrote:
/snip
Ok I think I have found my problem. I need to find a way to map Samba
to an active directory common name:
% net ads join -UAdministrator cn=users,dc=domain,dc=com
(example, I know the syntax is incorrect)
As far as I can tell it is hard coded in the net ads
Could I get an example of the /etc/pam.d/login configuration for use
with winbind?
Dimitri Yioulos wrote:
On Tuesday 13 September 2005 3:58 pm, Rex Dieter wrote:
Jason Gerfen wrote:
I am having a hard time getting Samba to authentication correctly
against a Windows Active Directory
to include unix
services)?
Dimitri Yioulos wrote:
On Wednesday 14 September 2005 10:21 am, you wrote:
Could I get an example of the /etc/pam.d/login configuration for use
with winbind?
Dimitri Yioulos wrote:
On Tuesday 13 September 2005 3:58 pm, Rex Dieter wrote:
Jason Gerfen
}
And I am starting both the winbind daemon with the samba daemon.
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman
-NEWB is now a local master browser for
workgroup DOMAIN.Com on subnet 192.168.0.3
*
I am still not able to authenticate against the domain, any other
suggestions?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
Jason Gerfen wrote:
snippit
dns_lookup_realm = true
dns_lookup_kdc = true
default_tkt_enctypes = des-cbc-crc des-cbc-md5
default_tgs_enctypes = des-cbc-crc
I have added these options to my krb5.conf per your suggestion
Note the default enctypes. Seems in the way back I was getting
' to realm 'SCL.UTAH.EDU'
Am I ok up to this point?
--
Jason Gerfen
My girlfriend threated to
leave me if I went boarding...
I will miss her.
~ DIATRIBE aka FBITKK
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
/local/files/
read only = no
force group = users
force user = users
guest ok = no
I can run the net ads join command which works fine, but if I try to
authentication without a local account I am recieving errors. Any
assistance or pointers is appreciated.
--
Jason
Dimitri Yioulos wrote:
On Tuesday 13 September 2005 11:09 am, Jason Gerfen wrote:
I am having a hard time getting Samba to authentication correctly
against a Windows Active Directory setup.
Here is a snap of the smb.conf
[global]
passdb backend = ldapsam
security = domain
90 matches
Mail list logo