I'm repeatedly needing to restart winbind v3.0.22 on ubuntu server
v6.10. The reason why is that it fails to get group info. The passwd
info is still accessible; it just can't figure out what groups a person
is in. I'm using idmap backend = ad , and winbind nss info = sfu.
Looking in
Hello,
I have several servers running winbind v3.0.22 with 'idmap backend = ad'
and 'winbind nss info = sfu' with no noticable problems except
that /var/log/samba/log.winbindd-idmap repeatedly has lines the read
like this:
[2007/04/30 11:20:19, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(329)
It looks to me like the 'winbind nss info' parameter is designed to be a
space-separated list of values. I say this because:
1) i gave it two values, separated by spaces, and testparm(1) did not
complain;
2) the man page
( http://www.die.net/doc/linux/man/man5/smb.conf.5.html ) gives an
example
On Mon, 2007-04-23 at 14:17 +, CG wrote:
I'm trying to use winbindd to enumerate and link AD users to their
pre-
existing UNIX accounts. Right now, winbindd creates new users for
UNIX based
on windows username and groups.
You seem to have 2 separate criteria:
What I can't figure out
On Tue, 2007-04-24 at 13:45 -0400, Jean-Sebastien Pilon wrote:
This is kind of a side question,
Have you missed anything in using MS Services for Unix over some
opensource solution ?
possibly. I used mssfu soley in order to extend the msad schema to
include attributes that unix accounts
On Mon, 2007-04-23 at 14:17 +, CG wrote:
I'm trying to use winbindd to enumerate and link AD users to their pre-
existing UNIX accounts. Right now, winbindd creates new users for UNIX
based
on windows username and groups.
You seem to have 2 separate criteria:
What I can't figure out
* Eric Knudstrup [EMAIL PROTECTED] [070307 20:16]:
Now I'm trying to make it so the Samba accounts can be used for user
logins as well. Unfortunately I'm having a bit of trouble with winbind.
Whenever I try to do a getent passwd eknuds, it find the entry in the
ldap sam, but the winbind log
* Toby Bluhm [EMAIL PROTECTED] [070216 07:23]:
Brijesh Shukla wrote:
Hi Samba/Active directory List
Can any one please let me know, how can i authenticate a user on Samba
Machine via Active Directory.
Let me describe my question in more detail.
I have Active directory as a domain controller
this problem might be more to do with apache than winbind, but I'll
start here anyway...
Problem: can't get apache httpauth to work with nested groups, though
ssh auth (also using pam) to same box does
Config:
software: apache
I'm using winbind v3.0.22 on Debian Linux as a source for nss info.
I have a group that was once known by winbind, but is no more:
-- beging shell except --
# ls -ld ./
drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15:41 ./
#
-- endshell except --
It must have been
* Jonathan C. Detert [EMAIL PROTECTED] [060810 09:09]:
I'm using winbind v3.0.22 on Debian Linux as a source for nss info.
I have a group that was once known by winbind, but is no more:
-- beging shell except --
# ls -ld ./
drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15
The setting is Debian with winbind v3.0.22. The pertinent bit of
winbind configuration is as follows:
winbind nss info = sfu
idmap backend = ad
winbind enum groups = yes
winbind cache time = 1800
The problem is that once in a while, typically when either:
* James Zuelow [EMAIL PROTECTED] [060718 11:22]:
winbind enum groups = yes
Does anyone know why this is happening, and what I could do
to remove or
minimize the initial large delay?
I see a similar behavior with the Debian 3.0.14a and 3.0.22 packages.
My guess is
* Jonathan C. Detert [EMAIL PROTECTED] [060427 12:40]:
one problem ...
* Jonathan C. Detert [EMAIL PROTECTED] [060427 12:11]:
* Guenther Deschner [EMAIL PROTECTED] [060427 11:56]:
On Thu, Apr 27, 2006 at 11:21:45AM -0500, Jonathan C. Detert wrote:
with samba 3.0.22, I'm trying
suggestion for minor improvement of the smb.conf manpage in the context
of the 'idmap backend' parameter. At least as of v3.0.22 the manpage says:
Finally, using the idmap_ad module, the UID and GID can directly be
retrieved from an Active Directory LDAP Server that supports
of the opening paragraph. I.e. I suspect
that the current code requires you to specify the idmap uid/gid ranges
no matter what your idmap backend is.
In any case, thank you for the wonderful software we have in samba.
Sincerely,
Jon Detert
* Jonathan C. Detert [EMAIL PROTECTED] [060427 12:11
with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind for authentication as well as for the source of nss info.
When winbind is configured to use its own local id maps, everything
works fine.
But when i configure winbind to use 'ad' as the source of nss info,
* Jonathan C. Detert [EMAIL PROTECTED] [060427 11:39]:
with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind for authentication as well as for the source of nss info.
When winbind is configured to use its own local id maps, everything
works fine
* Guenther Deschner [EMAIL PROTECTED] [060427 11:56]:
On Thu, Apr 27, 2006 at 11:21:45AM -0500, Jonathan C. Detert wrote:
with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind for authentication as well as for the source of nss info.
When winbind
one problem ...
* Jonathan C. Detert [EMAIL PROTECTED] [060427 12:11]:
* Guenther Deschner [EMAIL PROTECTED] [060427 11:56]:
On Thu, Apr 27, 2006 at 11:21:45AM -0500, Jonathan C. Detert wrote:
with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind
* detertj detertj [060208 14:45]:
Hello,
I followed the steps at
http://www.enterprisenetworkingplanet.com/netos/article.php/3487081
for adding a v3.0.21a samba and winbindd server to a MsAD domain and
configuring nsswitch.conf to find passwd and group info from winbind.
This seems to
When winbind is configured without the 'winbind nss info =' statement
(i.e. such that winbind maintains its own local map of SIDs - UID/GIDs),
the following works fine:
# cd ~detertj
# getent passwd detertj
detertj:x:10008:1:detertj:/home/MSOE/detertj:/bin/bash
but
Hello,
I followed the steps at
http://www.enterprisenetworkingplanet.com/netos/article.php/3487081
for adding a v3.0.21a samba and winbindd server to a MsAD domain and
configuring nsswitch.conf to find passwd and group info from winbind.
This seems to have worked out fine, except that I can't
I am currently using Mssfu, nss_ldap, and pam_ldap to enable my linux boxes
to auth against MsA.D. and get all their user info from MsA.D.
I recently discovered that winbind can accomplish the same without
Mssfu, as long as I'm content to be limitted by the winbind config
directives 'template
new installation of samba v3.0.21 on debian. Joined the samba box to an
ActiveDirectory domain.
Can enumerate users/groups with wbinfo run locally on the samba box.
Can connect remotely to samba box via smbclient Version 3.0.10-Ubuntu linux.
Can create new files via 'put' cmd within smbclient.
I've got samba v3.0.21 on server 'RELIANT' with security=ADS
I want MsWin XP clients, that have logged into Microsoft AD domain
'MYDOMAIN' to be able to map a drive to 'RELIANT', and to do so without
having to authenticate again. I haven't been able to do so. Here's
what happens:
the
26 matches
Mail list logo