Al 27/08/13 01:52, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 01:19, schrieb Luca Olivetti:
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
Yep, I only had to comment the map group uniqueMember member line,
though (migrated) groups show the members fine.
Al 27/08/13 01:46, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 01:13, schrieb Luca Olivetti:
In ADUC on Win7 the tab should be there (on XP you need to install
something additionally if I remember right).
Ah, OK, I'm on XP and I installed the tools here:
Am 27.08.2013 10:38, schrieb Luca Olivetti:
http://support.microsoft.com/kb/921913/en
Thank you, I was missing idmu.exe
Now I can see the unix tab, but, whenever I click accept, it tells me
Unable to modify the object property values. Check your credentials.
There could be a network problem.
Al 27/08/13 10:45, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 10:38, schrieb Luca Olivetti:
http://support.microsoft.com/kb/921913/en
Thank you, I was missing idmu.exe
Now I can see the unix tab, but, whenever I click accept, it tells me
Unable to modify the object property values.
Hi Luca,
If you provisioned your domain with --use-rfc2307, then in Win7 ADUC you
can see the posixAccount (UNIX Attributes) of the users.
2013/8/27 Luca Olivetti l...@wetron.es
Al 27/08/13 10:45, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 10:38, schrieb Luca Olivetti:
Al 27/08/13 16:56, En/na Bruno Vane ha escrit:
Hi Luca,
If you provisioned your domain with --use-rfc2307, then in Win7 ADUC
you can see the posixAccount (UNIX Attributes) of the users.
I did a classicupgrade, not a provisioning, and I can see the unix
attributes of the migrated users, the
Hello Bruno,
Am 25.08.2013 22:26, schrieb Bruno Vane:
Yes I read these sections, but I want something different. Users will
join on AD domain (Samba 4) and will connect to an entry SSH server,
and from this server they can access other SSH servers on the network.
All SSH servers are configured
Thank you Marc,
I will try this configuration. For this to work I need openLDAP proxy?
2013/8/26 Marc Muehlfeld sa...@marc-muehlfeld.de
Hello Bruno,
Am 25.08.2013 22:26, schrieb Bruno Vane:
Yes I read these sections, but I want something different. Users will
join on AD domain (Samba 4)
Am 26.08.2013 14:10, schrieb Bruno Vane:
I will try this configuration. For this to work I need openLDAP proxy?
No. You can access AD via LDAP direclty.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marc, sorry to bother you with this, but I can not access a SSH server
using these settings.
Could you take a look if you have time to find out if my settings are wrong?
When I do a ssh -l nslcd-connect (or any other user) to the server, i got
this in /var/log/auth.log:
Aug 26 11:09:14 ldap
Am 26.08.2013 16:11, schrieb Bruno Vane:
Marc, sorry to bother you with this, but I can not access a SSH server
using these settings.
Could you take a look if you have time to find out if my settings are wrong?
When I do a ssh -l nslcd-connect (or any other user) to the server, i
got this in
On Mon, 2013-08-26 at 19:09 +0200, Marc Muehlfeld wrote:
passwd: files ldap
shadow: files ldap
group: files ldap
@marc
Just curious, but why are you trying to pull shadow from the directory?
--
To unsubscribe from this list go to the following URL and read the
Am 26.08.2013 19:19, schrieb steve:
On Mon, 2013-08-26 at 19:09 +0200, Marc Muehlfeld wrote:
passwd: files ldap
shadow: files ldap
group: files ldap
@marc
Just curious, but why are you trying to pull shadow from the directory?
You are right. This is not
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap (since they have the posix attributes), new
Am 26.08.2013 20:12, schrieb Luca Olivetti:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap (since they have the posix attributes), new users/groups
Marc, it seems that the problem was actually that the posix information
were blank and I could not edit them. Made domain provision again with the
option --use RFC2307. After creating the user in AD (via RSAT in Win7) I
need to manually enable NIS domain info for that user. After this, I got to
If you are using winbind, you can use template home directory = and
template shell = in your smb.conf (man smb.conf for a more accurate
description)..
Ricky
On Mon, Aug 26, 2013 at 2:58 PM, Bruno Vane bro...@gmail.com wrote:
Marc, it seems that the problem was actually that the posix
Hi Ricky,
I'm not using winbind.
To auto create home dir I added:
session required pam_mkhomedir.so skel=/etc/skel umask=0022
in /etc/pam.d/common-session file.
I'm using Marc instructions to log in via SSH whithout join the machine in
the domain. Can I also use winbind with this
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from
Hi Steve,
I'm adding users through ADUC, in Remote Server Administration Tool.
Thank you.
2013/8/26 steve st...@steve-ss.com
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the
On Mon, 2013-08-26 at 18:02 -0300, Bruno Vane wrote:
Hi Steve,
I'm adding users through ADUC, in Remote Server Administration Tool.
new users/groups added
via samba-tool or windows didn't appear.
Ah, I see. It's just that your message said samba-tool (as
Am 26.08.2013 21:58, schrieb Bruno Vane:
Now i have to research how to auto-create the home dir and
change the shell to /bin/bash.
For the home auto creation, PAM maybe could help you (pam_mkhomedir).
But this won't help you, if use ssh with keyfiles, because someone have
to place the public
Al 26/08/13 20:28, En/na Marc Muehlfeld ha escrit:
Am 26.08.2013 20:12, schrieb Luca Olivetti:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it only showed accounts migrated from samba
3+ldap
Hello Luca,
Am 27.08.2013 00:11, schrieb Luca Olivetti:
The problem is, how do I get the posix information into samba4? With
samba 3 I could manage users and groups with ldap account manager and
they got both samba and posix attributes.
I have a windows workstation at work. There I use ADUC.
Al 26/08/13 22:54, En/na steve ha escrit:
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when you type
# getent passwd
I tried it on a test VM, but it
On Tue, 2013-08-27 at 00:28 +0200, Luca Olivetti wrote:
Al 26/08/13 22:54, En/na steve ha escrit:
On Mon, 2013-08-26 at 20:12 +0200, Luca Olivetti wrote:
Al 26/08/13 19:09, En/na Marc Muehlfeld ha escrit:
- Now you should be able to see all accounts (the local and domain
accounts), when
Al 27/08/13 00:24, En/na Marc Muehlfeld ha escrit:
I have a windows workstation at work. There I use ADUC. Everything I
need to administrate users/groups, etc. And if you delegate permissions
Am 27.08.2013 00:28, schrieb Luca Olivetti:
I tried ADUC (again, in a test VM joined to the domain), which could be
suitable, but I couldn't see any unix tab (and if I have to manually
assign uids/gids there it's not an option).
In ADUC on Win7 the tab should be there (on XP you need to
Am 27.08.2013 00:56, schrieb Luca Olivetti:
..when I tried to add a user via ADUC I couldn't see it with nslcd.
Maybe I didn't really use ADUC? (dsa.msc)
Do the users have posix attributes (uid, shell, etc.)?
I published my nslcd HowTo some hours ago. Have a look on it. Maybe you
missed
Al 27/08/13 01:03, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 00:28, schrieb Luca Olivetti:
I tried ADUC (again, in a test VM joined to the domain), which could be
suitable, but I couldn't see any unix tab (and if I have to manually
assign uids/gids there it's not an option).
In ADUC
Al 27/08/13 01:11, En/na Marc Muehlfeld ha escrit:
Am 27.08.2013 00:56, schrieb Luca Olivetti:
..when I tried to add a user via ADUC I couldn't see it with nslcd.
Maybe I didn't really use ADUC? (dsa.msc)
Do the users have posix attributes (uid, shell, etc.)?
Users migrated from samba 3,
Am 27.08.2013 01:13, schrieb Luca Olivetti:
In ADUC on Win7 the tab should be there (on XP you need to install
something additionally if I remember right).
Ah, OK, I'm on XP and I installed the tools here:
https://wiki.samba.org/index.php/Samba_AD_management_from_windows#Windows_XP_Pro
No
Am 27.08.2013 01:19, schrieb Luca Olivetti:
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
Yep, I only had to comment the map group uniqueMember member line,
though (migrated) groups show the members fine.
What didn't work when you have this line in?
I have
Hi,
I have some Ubuntu LTS servers running openssh server authenticating to
external openldap. I installed a new Ubuntu LTS server with Samba4 to
create a domain and is working very well. I managed to make a pfsense
firewall authenticate users in this Samba4 ldap. How to make openssh in
Ubuntu
Hello Bruno,
Am 25.08.2013 09:27, schrieb Bruno Vane:
I have some Ubuntu LTS servers running openssh server authenticating to
external openldap. I installed a new Ubuntu LTS server with Samba4 to
create a domain and is working very well. I managed to make a pfsense
firewall authenticate users
Hello Marc,
Yes I read these sections, but I want something different. Users will join
on AD domain (Samba 4) and will connect to an entry SSH server, and from
this server they can access other SSH servers on the network. All SSH
servers are configured with /etc/hosts.allow to allow SSH
36 matches
Mail list logo
