James Tran wrote:
Hi i've got a situation where i need to add samba support to every
acccount in my ldap database.
I already have an ldap database populated with a couple hundred users
and need to be able to use the same password they use for their login as
for their samba accounts.
Is there
Rogers, Paul wrote:
Mogens
Thanks for the answer. The problem that I have is with the Samba
servers which have static IP's and so need some way of registering with
the DNS server. As I say the Windows servers seem to do it
automatically but I need a method for the Linux servers to do it.
mallapadi niranjan wrote:
Hi paul
Thanks for Guiding me .
I am creating a PDC and 2 BDC's with samba3 with LDAP,
sorry if this is silly question, since i am new, guide me
1) what all default ACL's need to be written in slapd.conf
apart from users changing passwords . with respect
Senthil wrote:
in our lab we have a kerberos + ldap server to authenticate the gnu/linux
users and we have configured samba to work as a PDC authenticating the
windows users.
samba stores the password in encrypted format in /etc/samba/smbpasswd.
The problem is when the password is
mallapadi niranjan wrote:
[snip]
#access to dn.base=dc=msdpl,dc=com
access to attrs=sambaLMPassword,sambaNTPassword
by dn=uid=.*,ou=People,dc=msdpl,dc=com write
by dn=uid=.*,ou=Domain Admins,dc=msdpl,dc=com read
by * none
access to attr=userPassword
by
mallapadi niranjan wrote:
Dec 20 10:52:43 testsystem slapd[3549]: conn=6 op=6 SEARCH RESULT tag=101
err=0 nentries=0 text=
#
There is no administrator account..., you can map administrator to root
or create the
mallapadi niranjan wrote:
Hi
Thanks for Replying me . In the ACL below
#
#access to dn.base=dc=msdpl,dc=com
access to attrs=sambaLMPassword,sambaNTP
assword
by dn=uid=.*,ou=People,dc=msdpl,dc=com write
by
mallapadi niranjan wrote:
Hi all
I have samb3 with LDAP , My query is
1. My clients are windows 2000 professional, and the clients are not able to
join the domain
but if add the computer name in /etc/passwd
ie computername$:x:110:200::/bin/false:/dev/null
and then do smbpasswd -a -m
Michel Bouchet wrote:
Does anyone know how to solve it ?
hide unreadable = yes or other hide* parameters (man smb.conf)
cheers
Paul
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Tony Austin wrote:
Is this what it should be? Seems likely to me.
Nope, a unix account consists of posixAccount OC from nis.schema, a
samba accounts needs an ADDITIONAL sambaSamAccount OC from samba.schema.
For groups its posixGroup and sambaGroupMapping.
cheers
Paul
--
To unsubscribe from
Mont Rothstein wrote:
I am hoping someone can tell me if I am trying something that can't be done.
Well, if I understood you corretly I'll say yes ;)
Don't make it harder than it is, there are only three parties involved
1) Windows (the client)
2) Samba (app server)
3) LDAP (authentication
Mont Rothstein wrote:
Do you agree that pGina should not be necessary?
Yes.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Miguel Lopez wrote:
access to *
by self write
by dn=cn=Administrador,dc=NT,dc=DPT,dc=ES write
by * read
access to attr=sambaLMPassword,sambaNTPassword
by dn=cn=Administrador,dc=BECARIOS,dc=DPT,dc=ES write
by * none
access to attr=userpassword
by self write
by * read
You need to
Simon Faulkner wrote:
net groupmap list ntgroup=Domain Admins
Domain Admins (S-1-5-21-1065375514-2370838480-4047619883-512) - -1
Does this mean I have no group for Domain Admins?
yes
Do I need to map them to root?
depends, AFAIK the root group is not special wrt samba, but it usually
Simon Faulkner wrote:
I have my Samba PDC running :-)
How do I administer groups from the samba box?
usrmgr.exe runs on the workstation but won't let me see groups
have you setup groupmapping?
--
To unsubscribe from this list go to the following URL and read the
instructions:
Jukka Hienola wrote:
Nov 4 17:37:39 slave smbd[18093]: fetch_ldap_pw: neither ldap secret
retrieved!
Nov 4 17:37:39 slave smbd[18093]: [2005/11/04 17:37:39, 0]
lib/smbldap.c:smbldap_connect_system(813)
Nov 4 17:37:39 slave smbd[18093]: ldap_connect_system: Failed to
retrieve password
Chema wrote:
I see on log.nmbd:
[2005/10/25 10:42:15, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
add_domain_logon_names:
Attempting to become logon server for workgroup CORENA on subnet
UNICAST_SUBNET
[2005/10/25 10:42:15, 0]
[EMAIL PROTECTED] wrote:
Either I do not understand how Samba impliments LDAP or there is something
wrong with my setup. My LDAP implimentation is as follows. The main LDAP
suffix is dc=motogroup,dc=com and there are OU's of people and group under
there.
Now, Samba is able to connect to
adrian sender wrote:
I am running redhat 9 on a test server, just for more experience really;
I am using redhat 9 because of a scsi raid driver needed, please do not
ask about this.
You are not using by any chance an adaptec rebranded marvell chip?
smbldap-userdel username also hangs.
We need
adrian sender wrote:
ERROR1:
[EMAIL PROTECTED] sbin]# service ldap restart
Stopping slapd:[FAILED]
Starting slapd: Unrecognized database type (bdb)
So that speaks for itself does it? Your slapd is lacking bdb support,
you'll have to bite the bullet
Ranjeet Kumar - RD wrote:
Hi,
I am new to the mailing list, if any thing is wrong please excuse me in
advance.
We are running Linux-2.4.20 on the MIPS32 architecture. We have USB2.0 host
and various network interfaces on the board and we want to support USB
Network-Storage and USB
Gerd-Christian Michalke wrote:
[snipp]
Sometimes, the OpenLDAP gets corrupted, no ideas why. It's a bad thing.
Randomly?
What would you suggest in order to be reliable ? Reliability is more
important
than speed for us.
Do you have a DB_CONFIG file with proper settings for your bdb
Derek Harkness wrote:
I don't want my unix users seeing all the windows workstations.
Unfortunately, there seems no way to prevent this. Samba makes no
difference looking up users and computers. They are both looked up in
the passwd NSS table. One could argue, a computer account should
belong to
Kristof Bruyninckx wrote:
[snipp]
But I have one more question, I configured a LDAP client, and on this
machine I can see all the normal NIS users, but I don't see any windows
users. This might sound stupid but this was what how I expected it to
work. Sometimes it takes a while for the brain
Kristof Bruyninckx wrote:
snipp
Sep 29 10:59:52 linux14 slapd: == ldbm_back_bind: dn:
cn=Manager,dc=thales,dc=be
Sep 29 10:59:52 linux14 slapd: send_ldap_result: err=49 matched= text=
Sep 29 10:59:52 linux14 slapd: daemon: select: listen=7 active_threads=0
tvp=NULL
Sep 29 10:59:52 linux14
Kristof Bruyninckx wrote:
But still there are some new problems that popped up. wbinfo -u ,wbinfo
-g and wbinfo -t still work.
Also getent passwd works, and shows me all the windows accounts, but it
is very slow, when starting this command the LDAP starts pumping a lot
of messages into
Jeremy Allison wrote:
Ah, no - smbd is still calling the system getpwnam and others
so I think you're still going to need ldap in nsswitch.conf.
I'd say the manpage (smb.conf) is a bit misleading then:
[...] If these assumptions are met,ldapsam:trusted=yes can be activated
and Samba can
Kristof Bruyninckx wrote:
Entry in the /etc/samba/smb.conf
snip
ldap ssl = no
ldap admin dn = uid=samba,ou=Idmap,dc=thales,dc=be
ldap idmap suffix = ou=idmap
ldap suffix = dc=thales,dc=be
idmap backend = ldap:ldap://127.0.0.1
snip
Also fixed the
Luis Henrique de Faria Guimarães wrote:
[2005/09/26 17:11:53, 3]
smbd/posix_acls.c:convert_canon_ace_to_posix_perms(2581)
convert_canon_ace_to_posix_perms: Too many ACE entries for file teste.txt
to convert to posix perms.
I wonder why convert_canon_ace_to_posix_perms is called with an
Kristof Bruyninckx wrote:
# Use the OpenLDAP password change
# extended operation to update the password.
pam_password md5
If you want it to do what the comment suggest this should read:
pam_password exop
dn: cn=Manager,dc=thales,dc=be
objectClass: organizationalRole
cn: Manager
Kristof Bruyninckx wrote:
Hi, I removed the entry for cn=manager,dc=thales,dc=be and checked
with ldapmodigy if I could change the existing NIS users, which seems to
still work.
Now I added a user called Admin , output from slapcat :
no, you have not. You authenticate with a DN and a
Ric Tibbetts wrote:
dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata
uid: 1040
username: u123456
snip
with u123456 being my *nix login.
To me, this looks very wrong (not to mention that there's no dc=).
It looks wrong and the author surely has had no clue what cn means etc.
Ric Tibbetts wrote:
This is from the error log:
attempting to make a user_info for u212442 (212442)
making strings for u212442's user_info struct
making blobs for u212442's user_info struct
made an encrypted user_info for u212442 (212442)
check_ntlm_password: mapped user is: [EMAIL
public class [EMAIL PROTECTED] implements IAbwesenheit {
public [EMAIL PROTECTED](){
return;
}
}
scnr
Paul
Disclaimer: I don't know java
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Luis Henrique de Faria Guimarães wrote:
I believe that you it did not understand my explanation. I have a Linux
server executing samba intergrated
with a server windows 2003 (PDC). Linux is using the users of windows 2003
saw winbind. But, the permissions
for these of archive do not
Arup Biswas wrote:
I am wondering if there is any documentation that describes the role TLS
plays in LDAP security in Samba 3.x. I would like to understand what is the
relationship of TLS with other LDAP security mechanisms like Kerberos via
SASL and if TLS provides any added security. Is it
Luis Henrique de Faria Guimarães wrote:
I believe that you it did not understand my explanation. I have a Linux
server executing samba intergrated
with a server windows 2003 (PDC). Linux is using the users of windows 2003
saw winbind. But, the permissions
for these of archive do not
Sérgio A P Ferreira wrote:
Hi list,
Sep 21 14:59:15 zeus slapd[2123]: conn=18 op=2 SRCH
base=dc=cultura,dc=gov,dc=br scope=2 deref=0
filter=((uid=testuser)(objectClass=sambaSamAccount))
Sep 21 14:59:15 zeus slapd[2123]: conn=18 op=2 SRCH attr=uid uidNumber
gidNumber homeDirectory
MARTIN Pierre wrote:
Hey people,
i just had a compilation error! I'm pretty happy because it means that i
am doing something wrong. It seems that the compiler doesn't find
mysql.h include header file. The point is that i have all these includes
files in this folder:
Luis Henrique de Faria Guimarães wrote:
With this configuration the users of the PDC (windows 2003) are
authenticantion way telnet
without problem. However, the ACL do not function. They see the exit with
command getfacl teste.txt:
[EMAIL PROTECTED] teste]# getfacl teste.txt
# file:
Chris wrote:
Is it just the systems I've. examined? Am I looking for too much? Or
does testparm need to pay more attention?
AFAIK testparm just checks parameters, not values.
cheers
Paul
--
To unsubscribe from this list go to the following URL and read the
instructions:
David Mataró Ciller wrote:
Hi all,
I have joined samba server (3.0.14a-2) to an ADS. I can copy, move and
remove files from any windows workstation and also I can set ACLs. I
need migrate files from 4 w2k servers to samba server and preserve
ACL's. One server are into ADS domain, but the
Steven Truong wrote:
ldapsearch -x -b dc=sample,dc=com (ObjectClass=*)
# extended LDIF
#
# LDAPv3
# base dc=sample,dc=com with scope sub
# filter: (objectClass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
Felipe wrote:
unfortunately, this is the problem.. when I change the domain name and
I need to do that some times... but even when I change the domain name
and the SID is changed too, I can't replace its new SID performing net
setlocalsid command with the SID that I was using before.
What I
Molot wrote:
I have problem (as you noticed ;] ). I have to make unified
authorisation system for large, unsecure network connected to a two
Polish skelete networks. As you see I need to do it right to avoid big
problems.
Not sure if I understood your problem but my first thought was about
Ryan Braun wrote:
Jun 17 15:51:49 ywgldap0 slapd[16885]: conn=102 op=0 BIND dn= method=128
Jun 17 15:51:49 ywgldap0 slapd[16885]: conn=102 op=0 RESULT tag=97 err=0 text=
Jun 17 15:51:49 ywgldap0 slapd[16885]: conn=102 op=1 SRCH
base=ou=Users,dc=xxx,dc=xx,dc=xx,dc=xx scope=2 deref=0
Adam Engel wrote:
1) Some users have accounts on 1 or more of our fileservers, as well as
an account with our LDAP server, same username but passwords aren't
synched. If I have the server join the domain, what consequences or
problems will I have with the user accounts. Obviously the
[EMAIL PROTECTED] wrote:
Hi all,
I have a Samba 3.0.13 with ACL support running under SuSE and acting as a
PDC for the hole organization.
Among some shares, there's one that has about ten subdirectories.
Everybody can access this share and restrictions are applied over those
subdirs.
The
Andreas wrote:
Hello!
Server Starting is ok: no errormessage:
/usr/lib/openldap/slapd restart
check with pidof, a startscript succeeding is not a good sign of success.
But Testing, not:
amd:~ # telnet localhost 389
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection
Andreas Bauer wrote:
Paul kölle schrieb:
How did you start the daemon? You'll have two smbd executables if you
I take the daemon of the new one, samba 3.0.14a...:
/usr/local/samba/bin/smbd start
/usr/local/samba/bin/nmbd start
funny, I always thought they were binaries, not initscripts
Andreas Bauer wrote:
Hello!
I have an old Samba Version(3.0.7..) in /etc/samba/ and an new one (3.0.14a)
compiled in /usr/local/samba/
If I start only the Dämon from the new one, the testparm -V shows always the
old versionnumber(3.0.7..). I think, only the old one is activ.
How did
Greg Andrews wrote:
The school has the ability to obtain a microsoft solution at no cost (
except for the new hardware required, which is the reason for this email
in the first place ).
So a different solution would only make sense if it doesn't need new
hardware...
Advice and opinions are sought
Marcelo M. Lopes wrote:
Hi,
I've got this cenario in my Suse 9.2 box:
samba-3.0.7-5
openldap2-2.2.15-5
smbldap-tools-0.8.4-1
So when I try to logon with a defaul user (winnt) I receive C001
error
code (unsuficient auth). Here the logs for this request:
-- snip --
Marcelo,
At a
Mark Roach wrote:
I have already wrapped some of the kadmin library for use from python,
I'm not quite sure how to accomplish this piece of it, but it might be
worth the effort...
I'd be very interested in that pyhon stuff. Do you consider sharing the
code?
thanks
Paul
--
To unsubscribe from
54 matches
Mail list logo