Thanks steve. Odd thing was, I actually had those in there, but they were
before the domain specific lines. I added them after and it works
beautifully!
On Tue, Aug 20, 2013 at 4:42 PM, steve st...@steve-ss.com wrote:
On Tue, 2013-08-20 at 16:31 -0500, Jason Michaelson wrote:
idmap cache
List, I've seen this problem in the list archives before, but the only
problems I can easily find are using Samba 4 as the DC. In my case, I'm
trying to add a Debian Wheezy member server (running the 4.0.9 packages
from enterprise samba) into an existing AD domain where the DC's are
running
On Tue, 2013-08-20 at 16:31 -0500, Jason Michaelson wrote:
idmap cache time = 1800
idmap config FOUR-HORSEMEN:backend = ad
idmap config FOUR-HORSEMEN:schema_mode = rfc2307
idmap config FOUR-HORSEMEN:default = yes
idmap config FOUR-HORSEMEN:range = 1-2
idmap config
I've been using samba for several years now and so my configuration
hasnt changed much in that time. We've setup a samba pdc+ldap backend
and previously using smbldap-tools. I haven't had to add a new machine
in a long while until recently a new user said they couldn't remote
desktop to a windows
Hi
Am 16.12.2012 23:06, schrieb Andrew Bartlett:
On Sun, 2012-12-16 at 16:51 -0500, Thomas Simmons wrote:
Hello Andrew,
If functionality is not there, I certainly understand and can work
around it. I just want to make sure I am not misunderstanding
something.
When you say I should set
On Sun, 2012-12-23 at 14:40 +0100, Dr. Hansjörg Maurer wrote:
Hi
Am 16.12.2012 23:06, schrieb Andrew Bartlett:
On Sun, 2012-12-16 at 16:51 -0500, Thomas Simmons wrote:
Hello Andrew,
If functionality is not there, I certainly understand and can work
around it. I just want to make
Hi Andrew
Please file a bug, so it isn't lost over the Christmas season, but
clearly I need to change the code not to rely on posixAccount and
posixGroup. The steps you performed are reasonable, and while we can
improve our tool to add that objectClass, if AD isn't adding it using
the standard
Hello,
I was able to get back to the original (incorrect 4294967295) uids/gids
on the 4.0 member with 'net cache flush'. I remove the 4.0 member from the
domain, compiled 3.6.10 and re-joined. Unfortunately, that doesn't work
either. I have no idea what to do at this point.
3.6.10 output
At least in the case of 3.6, it seems this is my problem:
Error loading module '/usr/local/samba/lib/idmap/ad.so':
/usr/local/samba/lib/idmap/ad.so: cannot open shared object file: No such
file or directory
Indeed, it does not exist:
[root@ALW2 ~]# find /usr/local/samba/|grep ad.so
I got 3.6.10 working!
I had to recompile with:
--with-shared-modules=idmap_ad
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
After recompiling --with-shared-modules=idmap_ad, my S4 member also works.
It made no difference on the DC.
On Mon, Dec 17, 2012 at 11:19 AM, Thomas Simmons twsn...@gmail.com wrote:
I got 3.6.10 working!
I had to recompile with:
--with-shared-modules=idmap_ad
--
To unsubscribe from this
From: Thomas Simmons twsn...@gmail.com
Date: Sat, 15 Dec 2012 22:11:00 -0500
After provisioning a domain (with rfc2307 attributes), what are the next
steps to enable S4 winbind to use these attributes?
As far as I know, winbind on S4 DC cannot use this attribute. This setting
affects only S4
Hello Takahashi,
I am using ADUC to manage UNIX attributes and have created the attributes
for each test user.
Just to make sure I understand you correctly; you're saying there is no way
to have S4 winbind use rfc2307 attributes for *nix authentication on a DC,
but it will work on a member
On Sun, 2012-12-16 at 12:23 -0500, Thomas Simmons wrote:
Hello Takahashi,
I am using ADUC to manage UNIX attributes and have created the attributes
for each test user.
Just to make sure I understand you correctly; you're saying there is no way
to have S4 winbind use rfc2307 attributes for
Hello Andrew,
If functionality is not there, I certainly understand and can work around
it. I just want to make sure I am not misunderstanding something.
When you say I should set idmap_ldb:use rfc2307=yes in smb.conf on the
DC, do you mean that by doing so I can use winbind (and the rfc2307
On Sun, 2012-12-16 at 16:51 -0500, Thomas Simmons wrote:
Hello Andrew,
If functionality is not there, I certainly understand and can work
around it. I just want to make sure I am not misunderstanding
something.
When you say I should set idmap_ldb:use rfc2307=yes in smb.conf on
the
I am using 'template homedir' and 'template shell' for these attributes,
which I'm fine with. It's the uidNumber and gidNumber that
I'm primarily concerned with. My global section:
[global]
workgroup = TESTDOM
realm = internal.testdom.com
netbios name = ADC1
server
acl:search = false is commented out there, but the behavior is the same
either way.
On Sun, Dec 16, 2012 at 5:30 PM, Thomas Simmons twsn...@gmail.com wrote:
I am using 'template homedir' and 'template shell' for these attributes,
which I'm fine with. It's the uidNumber and gidNumber that
I'm
I am seeing similar behavior on an S4 member server. In this case, every
uid and gid is reported as 4294967295. As best I can tell, my smb.conf is
ok.
[root@ALW2 etc]# wbinfo -u
administrator
tuser1
tuser2
tuser3
krbtgt
guest
[root@ALW2 etc]# wbinfo -i tuser1
tuser1:*:4294967295:4294967295:Test
Hello,
After provisioning a domain (with rfc2307 attributes), what are the next
steps to enable S4 winbind to use these attributes?
I have one server configured to get user info from AD via LDAP, and with
the proper mappings, getent passwd reports the uid, gid, shell, etc that I
have specified
Hi,
We recently updated our domain to 2008R2 servers from 2000.
I know the services for unix changed from the proprietary setup in 2000
to rfc2307 compliant around 2003 R2
I've updated samba to 3.5.4 (apparently most earlier versions don't play
well with the changes in AD), and gotten
I was finally able to resolve these error messages. I was missing the
winbind settings in /etc/nsswitch.conf:
passwd: compat winbind
group: compat winbind
This is in addition to the settings that I had made to /etc/samba/smb.conf:
idmap backend = tdb
idmap alloc
Greg wrote:
[2009/12/08 16:41:48, 0] winbindd/idmap_tdb.c:341(idmap_tdb_alloc_init)
idmap will be unable to map foreign SIDs: NT_STATUS_UNSUCCESSFUL
Test a users SID to UID mapping:
# /apps/samba/bin/wbinfo -n SOMEUSER
S-1-5-21-3147950943-2271782263-395470419-4610 User (1)
#
Test a users SID to UID mapping:
# /apps/samba/bin/wbinfo -n SOMEUSER
S-1-5-21-3147950943-2271782263-395470419-4610 User (1)
# /apps/samba/bin/wbinfo -S S-1-5-21-3147950943-2271782263-395470419-4610
46318
That works fine. I'm using a local user name, it resolved the NT style SID
which could then
Hi Greg,
Greg wrote:
Hmmm. Well, I don't have any of the idmap settings in smb.conf so it would
be whatever is default. I am using winbind just for the name resolution
functionality. But is this a misconfiguration? What other settings are
critical?
Follow the winbind section:
http
I updated my smb.conf to include the following parameters:
[global]
idmap backend = tdb
idmap alloc backend = tdb
idmap uid = 1-11000
idmap gid = 1-11000
winbind enum users = yes
winbind enum groups = yes
This seems to have fixed some of the errors, but I still get the
I get these same sort of errors repeated in my log files. They are present
when I start samba and everything seems to work fine. However, after some
long period of time, I won't be able to connect to the samba shares from a
client. If I restart samba (/etc/init.d/samba restart), these errors are
...@sheridanc.on.ca]
Sent: Saturday, December 05, 2009 1:17 AM
To: isk...@gmail.com
Cc: samba@lists.samba.org
Subject: Re: [Samba] Samba 3.4.2 Winbind problem IDMAP GID range full
Greg wrote:
I get these same sort of errors repeated in my log files. They are present
when I start samba and everything
Greg wrote:
I get these same sort of errors repeated in my log files. They are present
when I start samba and everything seems to work fine. However, after some
long period of time, I won't be able to connect to the samba shares from a
client. If I restart samba (/etc/init.d/samba restart),
I get these same sort of errors repeated in my log files. They are present
when I start samba and everything seems to work fine. However, after some
long period of time, I won't be able to connect to the samba shares from a
client. If I restart samba (/etc/init.d/samba restart), these errors are
Hello,
I have AIX 5.2.0.0 , this server have installed ( Samba 3.0.23d +
winbind ), user of domain NT working OK. this user are authenticated
OK
( see smb.conf ).
[global]
workgroup = Mydomain
server string = My server samba
security = DOMAIN
auth methods = guest
, this server have installed ( Samba 3.0.23d +
winbind ), user of domain NT working OK. this user are authenticated
OK
( see smb.conf ).
[global]
workgroup = Mydomain
server string = My server samba
security = DOMAIN
auth methods = guest, winbind, sam
map
installed ( Samba 3.0.23d +
winbind ), user of domain NT working OK. this user are authenticated
OK
( see smb.conf ).
[global]
workgroup = Mydomain
server string = My server samba
security = DOMAIN
auth methods = guest, winbind, sam
map to guest = Bad User
passdb backend
That is correct. Some more information so that I might receive some help
with this.
I can perform the following commands without problem:
wbinfo -t
wbinfo -m
wbinfo -g
wbinfo -u
wbinfo --krb5auth=user%password
I am not able to do the following:
getent group
getent passwd
net use x:
Do you not get any result for a 'getent passwd', and yes for 'wbinfo -u' ?
I think I had the same problem before, I'll try to remember it.
David Molina
On Tue, May 27, 2008 at 3:25 PM, Jason Gerfen [EMAIL PROTECTED]
wrote:
I can enumerate users and groups from the domain but I cannot
On Fri, 2007-08-10 at 09:40 -0700, Stang, Sharol wrote:
[users]
comment = user's home directory
path = /mnt/cluster/home/users
force group = Domain Admins
So if you force _everybody_ to be Domain Admins why do you expect them
not to be able to access
for
the home directory. I am using samba 3.0.23 with Winbind and LDAP idmap
backend. This server is still in testing to replace a RH9 samba server.
Below I have listed the ID of three users. One is Domain Admin the
others are normal users. The logs show the users initially logging
06:29:17 -0500
Von: Gerald Jerry Carter - [EMAIL PROTECTED] [EMAIL PROTECTED]
An: [EMAIL PROTECTED]
CC: samba@lists.samba.org
Betreff: Re: [Samba] Samba with Winbind and PAM (trusted: samba.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
sry after reboot
getent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
sry after reboot
getent passwd works
but login doesn't
i get an Authentication failed error
I don't remember you mentioning any changes to /etc/pam.{d/*,conf}.
cheers, jerry
I wanna use Samba with Winbind and PAM to log into an Debian over Windows 2003
Server AD
wbinfo -u works perfektly
but getent passwd only lists the local passwd
my samba.conf
realm = **.***.COM
workgroup = **
security = ADS
idmap uid = 1-2
idmap gid = 1-2
template shell
On Wed, Jul 25, 2007 at 12:32:07PM +0200, [EMAIL PROTECTED] wrote:
winbind enum users = no
You explicitly denied to list users with getent passwd.
Volker
pgpF3sWPXgtWN.pgp
Description: PGP signature
--
To unsubscribe from this list go to the following URL and read the
instructions:
winbind enum users = yes
doesn't work either
Original-Nachricht
Datum: Wed, 25 Jul 2007 13:46:15 +0200
Von: Volker Lendecke - [EMAIL PROTECTED] [EMAIL PROTECTED]
An: [EMAIL PROTECTED]
CC: samba@lists.samba.org
Betreff: Re: [Samba] Samba with Winbind and PAM (samba: message 4
sry after reboot
getent passwd works
but login doesn't
i get an Authentication failed error
Original-Nachricht
Datum: Wed, 25 Jul 2007 14:08:29 +0200
Von: [EMAIL PROTECTED] [EMAIL PROTECTED]
An: samba@lists.samba.org
Betreff: Re: [Samba] Samba with Winbind and PAM (samba
Hello all,
I have compiled the latest samba release (3.0.249 on a RedHat AS 4.0
platform with the following options :
./configure #8722;#8722;with#8722;smbwrapper
#8722;#8722;with#8722;dce#8722;dfs #8722;#8722;with#8722;smbmount
#8722;#8722;with#8722;pam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/12/2006 06:50 PM, Matt Herzog escreveu:
I have the winbind login working on FC5 but now logins to local accounts
cannot authenticate.
My config files are here:
http://www.pigeonnier.org/nsswitch.conf
http://www.pigeonnier.org/pam.d/
On Fri, Sep 15, 2006 at 11:42:12AM -0300, Felipe Augusto van de Wiel wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/12/2006 06:50 PM, Matt Herzog escreveu:
I have the winbind login working on FC5 but now logins to local accounts
cannot authenticate.
My config files are
I have the winbind login working on FC5 but now logins to local accounts
cannot authenticate.
My config files are here:
http://www.pigeonnier.org/nsswitch.conf
http://www.pigeonnier.org/pam.d/
http://www.pigeonnier.org/krb.conf
Again, if I try to ssh in as a user that exists only as a local
Hello list,
I encountered a problem in Samba 3.0.23 regarding the winbind use default
domain = yes behaviour.
It only works for the users an NOT anymore for the Group. So this make
getent group to show NETBIOSDOMAINNAME/group which course mail squid
configuration to fail. My squid
,
I encountered a problem in Samba 3.0.23 regarding the winbind use default
domain = yes behaviour.
It only works for the users an NOT anymore for the Group. So this make
getent group to show NETBIOSDOMAINNAME/group which course mail squid
configuration to fail. My squid configuration allowed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greg Lehmann wrote:
On Thu, 2006-03-16 at 20:35 -0500, Danilo Almeida wrote:
On Thu, 2006-03-16 at 14:09 +1000, Greg Lehmann wrote:
Hi All,
Now that Microsoft have included the schema extensions (RFC 2307) for
Unix in Active Directory with SP2
On Thu, 2006-03-16 at 14:09 +1000, Greg Lehmann wrote:
Hi All,
Now that Microsoft have included the schema extensions (RFC 2307) for
Unix in Active Directory with SP2 for Windows Server 2003, there is some
potential for both the samba 4 server side and client side (winbind) to
use these
On Thu, 2006-03-16 at 14:09 +1000, Greg Lehmann wrote:
Hi All,
Now that Microsoft have included the schema extensions (RFC 2307) for
Unix in Active Directory with SP2 for Windows Server 2003, there is
some potential for both the samba 4 server side and client side
(winbind) to use these
On Thu, 2006-03-16 at 20:35 -0500, Danilo Almeida wrote:
On Thu, 2006-03-16 at 14:09 +1000, Greg Lehmann wrote:
Hi All,
Now that Microsoft have included the schema extensions (RFC 2307) for
Unix in Active Directory with SP2 for Windows Server 2003, there is
some potential for both the
Hi All,
Now that Microsoft have included the schema extensions (RFC 2307) for
Unix in Active Directory with SP2 for Windows Server 2003, there is some
potential for both the samba 4 server side and client side (winbind) to
use these extra features to store and access a UID, GID, shell,
It has crashed for me again -- this time unrelated to winbindd_cache.tdb
processing as it seems, since it happened at runtime (during getent
group somegroup, IIRC):
[2006/02/24 14:10:39, 0] lib/util_sock.c:write_data(559)
write_data: write failure. Error = Connection reset by peer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Limoncelli wrote:
It has crashed for me again -- this time unrelated to winbindd_cache.tdb
processing as it seems, since it happened at runtime (during getent
group somegroup, IIRC):
I'm pretty sure this is now fixed in 3.0.21c which has
On Fri, Feb 24, 2006 at 04:38:49PM +0100, Thomas Limoncelli wrote:
It has crashed for me again -- this time unrelated to winbindd_cache.tdb
processing as it seems, since it happened at runtime (during getent
group somegroup, IIRC):
[2006/02/24 14:10:39, 0] lib/util_sock.c:write_data(559)
Gerald (Jerry) Carter wrote:
Lars Müller wrote:
On Wed, Feb 22, 2006 at 11:50:36AM +0100, Thomas Limoncelli wrote:
Is there anything else I can do to help tracking this down?
Run the upcoming 3.0.21c release as soon as it is out.
[...]
For what it's worth, the SAMBA_3_0_RELEASE is ready for
On Sat, Feb 25, 2006 at 12:35:07AM +0100, Thomas Limoncelli wrote:
Gerald (Jerry) Carter wrote:
Lars Müller wrote:
On Wed, Feb 22, 2006 at 11:50:36AM +0100, Thomas Limoncelli wrote:
Is there anything else I can do to help tracking this down?
Run the upcoming 3.0.21c release as soon as it is
Jeremy Allison wrote:
On Sat, Feb 25, 2006 at 12:35:07AM +0100, Thomas Limoncelli wrote:
FWIW, 3.0.21c (binary RPMs for SuSE 9.3 Pro) still crashes upon startup
when processing the very same winbindd_cache.tdb file. Jerry should have
the file.
I though you'd sent it to Jerry already. It
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Limoncelli wrote:
Gerald (Jerry) Carter wrote:
I still have the original (problematic) tdb file around, so I could
easily verify if winbindd still crashes upon *reading* this file. Would
you be interested?
No. That's ok. I have a tool
Jeremy Allison wrote:
On Wed, Feb 22, 2006 at 01:07:32AM +0100, Thomas Limoncelli wrote:
I'm using Samba 3.0.21b on SuSE 9.3 Pro (x86) with the binary RPMs from
samba.org/suse.com (3.0.21b-1.1.2-SUSE-SL9.3) on a Domain Member Server in ADS
mode with winbind against W2K3 SP1 AD servers and
Thomas Limoncelli wrote:
Unfortunately the backtrace doesn't look too meaningful (like in the
original level 10 debug) although I've installed the samba-debuginfo
package.
myserver# gdb winbindd 24887
[...]
(gdb) bt
#0 0xe410 in ?? ()
strace reveals that winbind segfaults when reading
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 22 Feb 2006, Thomas Limoncelli wrote:
At least, erasing winbindd_cache.tdb with tdbtool fixes the crashes for the
moment.
Sounds like and assert() firing in the caching code caused by
a failure to open the winbindd_cache.tdb file. I doubt
Gerald (Jerry) Carter wrote:
At least, erasing winbindd_cache.tdb with tdbtool fixes the crashes for the
moment.
Sounds like and assert() firing in the caching code caused by
a failure to open the winbindd_cache.tdb file. I doubt there's
anything else for you to do right now.
But since
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Limoncelli wrote:
Gerald (Jerry) Carter wrote:
At least, erasing winbindd_cache.tdb with tdbtool fixes the crashes
for the
moment.
Sounds like and assert() firing in the caching code caused by
a failure to open the winbindd_cache.tdb
On Wed, Feb 22, 2006 at 11:50:36AM +0100, Thomas Limoncelli wrote:
[snip]
Is there anything else I can do to help tracking this down?
Run the upcoming 3.0.21c release as soon as it is out.
Shall I file a bugzilla entry and assign to the SuSE package maintainer?
Please as soon as you have the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lars Müller wrote:
On Wed, Feb 22, 2006 at 11:50:36AM +0100, Thomas Limoncelli wrote:
[snip]
Is there anything else I can do to help tracking this down?
Run the upcoming 3.0.21c release as soon as it is out.
Shall I file a bugzilla entry and
Gerald (Jerry) Carter wrote:
But since winbindd from 3.0.21b was the only process ever maintaining
this file, wouldn't this still make it a significant bug worth looking
into?
Yes. But the only real solution is to have winbindd remove
the corrupted file automatically and reopen it. It's a
Gerald (Jerry) Carter wrote:
Lars Müller wrote:
On Wed, Feb 22, 2006 at 11:50:36AM +0100, Thomas Limoncelli wrote:
Shall I file a bugzilla entry and assign to the SuSE package maintainer?
Please as soon as you have the same problem again. See the details for
bug reporting at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Limoncelli wrote:
I agree that this'd be a useful generic change to limit the
*consequences* of any tdb cache file corruption (which winbindd should
still avoid to contribute to in the first place, of course).
Are you saying that we'll
Gerald (Jerry) Carter wrote:
I still have the original (problematic) tdb file around, so I could
easily verify if winbindd still crashes upon *reading* this file. Would
you be interested?
No. That's ok. I have a tool to corrupt tdbs for tests like this.
:-)
But then, given that tdbtool
I'm using Samba 3.0.21b on SuSE 9.3 Pro (x86) with the binary RPMs from
samba.org/suse.com (3.0.21b-1.1.2-SUSE-SL9.3) on a Domain Member Server in ADS
mode with winbind against W2K3 SP1 AD servers and idmap uids/gids stored in a
central OpenLDAP directory.
Unfortunately, winbind gives me a
On Wed, Feb 22, 2006 at 01:07:32AM +0100, Thomas Limoncelli wrote:
I'm using Samba 3.0.21b on SuSE 9.3 Pro (x86) with the binary RPMs from
samba.org/suse.com (3.0.21b-1.1.2-SUSE-SL9.3) on a Domain Member Server in
ADS mode with winbind against W2K3 SP1 AD servers and idmap uids/gids stored
Hello,
I'm trying to use ntlm_auth and winbindd to authenticate users against
a Windows 2003 AD server. Despite having disable netbios yes, winbindd
insists on doing one NetBIOS exchange on UDP port 138 on startup. If I
block this port wbinfo -t, wbinfo -a username, and ntlm_auth request
fail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christoph Badura wrote:
Hello,
I'm trying to use ntlm_auth and winbindd to authenticate users against
a Windows 2003 AD server. Despite having disable netbios yes, winbindd
insists on doing one NetBIOS exchange on UDP port 138 on startup. If I
Hello,
Last week I downloaded and installed the 3.0.20a-23 release on Redhat ES 4
x86_64bit and noticed that I am getting the Winbind Dead but subsys locked
status on winbind service. The service seems to start corectly but
immediately get Winbind Dead but subsys locked status message.
I had
:59 AM
To: samba@lists.samba.org
Subject: [Samba] Samba 3.0.20a Winbind Dead but subsys locked
Hello,
Last week I downloaded and installed the 3.0.20a-23 release on Redhat ES
4 x86_64bit and noticed that I am getting the Winbind Dead but subsys
locked
status on winbind service. The service seems
try setting 'passwd: files winbind' just for kicks. getent works
fine for me.
tried that, no luck, unfortunately.
On Mon, 1 Aug 2005, Ryan Beckett wrote:
I ran into this one as well. I had to set security = ADS and create an
authorized user for winbind to use.
# wbinfo -set-auth-user
In my smb.conf I had:
winbind trusted domains only = yes
Which worked with samba-3.0.9 to strip off the leading domain name for
getent passwd so single UNIX and Windows sign on would work. I then told
myself to RTM and:
This now works with 3.0.20rc1:
winbind use default domain = yes
Many thanks
Hi,
I've joined a Suse 9.1 Pro linux computer to a Windows 2003 SP1 ADS using:
# kinit [EMAIL PROTECTED]
# net ads join
The computer account is created on the DC and wbinfo (-t -u -g) all
work. Then I try getent passwd or getent group and nothing.
This is with:
#grep winbind
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Rose wrote:
| Hi,
|
| I've joined a Suse 9.1 Pro linux computer to a Windows 2003 SP1 ADS using:
| # kinit [EMAIL PROTECTED]
| # net ads join
|
| The computer account is created on the DC and wbinfo (-t -u -g) all
| work. Then I try getent
I ran into this one as well. I had to set security = ADS and create an
authorized user for winbind to use.
# wbinfo -set-auth-user
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
hi,
i'm having big problems on integrating my samba-server to use the AD for
authentication.
I am running a Debian Linux (Sarge) box with Samba 3.0.14a and want to
share some folders. Winbind is not running yet.
Now with valid users I want to restrict the access to an specific
user. That user
/local/kerberos5 --with-pam
Within a minute of starting samba + winbind I get a core dump in the
samba log directory. Prior to building 3.0.20pre1 I had this machine
working as an Active Directory member server under samba 3.0.14a (well,
except that AD users could not log into the host
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert M. Martel wrote:
Greetings,
I'm downloading a gdb package for Solaris right now so I don't have any
information from the core file yet.
Below is he rather short life story of my winbindd processes.
...
[2005/06/27 08:51:58, 5]
Hmm, the problem is that my winbind ain't working on the same PDC
server. it failt to authenticate users..
(think it's something with the secered key? although that might be
strange, coz the PDC server is doing it's job fine..)
and makeing the server join it's one domain, against it self ??
(net
Hmm, sorry tryed it, read the info. but pam_smbpass is only if you
use the samba (textfile) passwd backend.
so it's no good, if you have a mysql or other passdb backend.!
but i found a solution, without using winbind!
pam_smb_auth.so !! that did the trick..
only i downloaded the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Collen wrote:
| Hmm, sorry tryed it, read the info. but pam_smbpass is only if you
| use the samba (textfile) passwd backend.
| so it's no good, if you have a mysql or other passdb backend.!
| but i found a solution, without using winbind!
|
|
Erghmm.. i have a question...
i got a samba 3.0.11 service running as pdc.
now i need to run winbind aswell on the same server.!
i'm gonna use winbind to auth users with true a pam-module for an ftp
service, also on the same server..
just wanna know if that is possible, or does it get screwed up
Hmm strainge problem occured..
i fired up winbind, and adjusted the pam files and all.
but now i get plain-text authentication for user DOCENT returned
NT_STATUS_ACCESS_DENIED (PAM: 4) and ofcoz' the login is denied !!
what worries me is that, i'd got an imap http server running (on an
other
the list mentions, that winbind should not run on a DC at all...why
don't you use pam_ldap/pam_smbpass module?
greez
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution
Deutscher Platz 6
D-04103 Leipzig
Germany
--
To unsubscribe from this list go to
Hmm, does pam_smbpass only uses the smbpasswd text file, or does it uses
the configed passwd backend (mysql)
i just need a good way to authenticate ftp users against the samba users
DB..
i don't use the passwd and shadow files for passwords to keep them out
of other services on the server..
hello
I am using samba 3.0.9 with winbind. When I joined to NT domain evething works
good but in log.winbindd is user 'root' does not exist. This log grow fast:(
What is wrong??
nsswitch.conf
---
passwd: files winbind
group: files winbind
shadow: files
--
best regards
HALEMB
[EMAIL
Hi
I'm trying to set up samba 3.0.9 as domain member server.
When I try to join NT4 domain using net rpc join it added an account
in NT4 domain but in lowercase !! I have to delete it on nt4 and add it
again using uppercase letters - then it works. Why?? In smb.conf I have
netbios name written
Dear community,
I'am using samba as print server for w2k clients on a debian system:
samba 3.0.7-2
winbind3.0.7-2
cupsys 1.1.20final+rc
It is possible on the w2k-machines to install printer drivers from samba and to
print via samba to the cups server. Within the cups
Hi all,
We are trying to add SuSe 9.1 file server to Windows Domain. Here is
our configuration.
Windows 2000 Active Directory
SuSe 9.1 with Samba 3.0.8
When I try to add Linux file server to windows domain using net
command, net command dies with segment fault message.
Noticed this in /var/log/samba while I was applying 'getent
groups|grep groupname '
[2004/11/09 10:29:04, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282)
No rid for Performance Monitor Users !?
[2004/11/09 10:29:04, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282)
No rid for Terminal Server
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
sharif islam wrote:
| Noticed this in /var/log/samba while I was applying 'getent
| groups|grep groupname '
| [2004/11/09 10:29:04, 1] nsswitch/winbindd_ads.c:enum_dom_groups(282)
| No rid for Performance Monitor Users !?
| [2004/11/09 10:29:04, 1]
Hi,
I have samba PDC, joined XP Professional to domain, but, winbind seems to cache wrong
username/password pair and I can't delete it.
I look to squid log files, and see that traffic is authorized to different user that I
use to log on domain.
How can I clear that winbind cache? Can I manage
1 - 100 of 138 matches
Mail list logo
