Hi,
I have a setup where two Domain's exist. 1 domain is in a DMZ and the other
on an internal network. Both running Window 2003 R2. They have an external
NTLM trust setup between them, from DMZ to Internal.
Linux clients in the DMZ are joined to the DMZ AD. I'm trying to get the
Linux clients
That did not work. But on the bright side, it looks like it is doing that only
for one user and only via smb.
Other services which use the same winbind authentication seem to work fine for
that user such ftp and afp. I am going to recreate the user and see if it
resolves the issue.
Thanks
Even stranger.
This happens only when the user is a member of the domain admins group. When I
removed the user from Domain Admins , the uid is correct.
On Aug 13, 2013, at 9:06 AM, Pramod Venugopal pra...@dvnull.org wrote:
That did not work. But on the bright side, it looks like it is doing
From a google search it looks like that is how it was intended.
http://thr3ads.net/samba/2013/03/2189446-Samba4-File-ownership-for-Domain-Admins-members
Thanks for your help.
- Pramod
On Aug 13, 2013, at 9:18 AM, Pramod Venugopal pra...@dvnull.org wrote:
Even stranger.
This happens only
Hello everyone,
I am running Samba 4.0.8 on Arch Linux (installed from the Arch Repo)
I have winbind authentication configured and working. I am able to login via
ssh, and at the machine console with my samba credentials. I also have a
Windows 8 client and an OS X client which is able to
On 12/08/13 13:04, Pramod Venugopal wrote:
Hello everyone,
I am running Samba 4.0.8 on Arch Linux (installed from the Arch Repo)
I have winbind authentication configured and working. I am able to login via
ssh, and at the machine console with my samba credentials. I also have a
Windows 8
hi:
I setup samba4 DC server with windows client and 6 linux
workstations.windows client works fine, but linux samba client is strange.
I have one user, which belongs to 21 AD groups. but groups my-user only
return some of them. at one workstation, it may return all the 21 groups,
but others
Greetings fellow Samba enthusiasts!
I am having an issue after upgrading to the latest version of wheezy
from my former squeeze on my testing node.
I am unable to login anymore as my AD user erin. i can do the following
commands successfully but not getent passwd erin or logging in to the
Typo?
idmap config THRACE : backed = rid
should be
idmap config THRACE : backend = rid
I also suggest that you remove these lines
password server = livia bkdc
Socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
ldap ssl = no
Rowland
On 24
hijacked the winbind threat.. but..
Really,.
If you want my opinion and you probably don't, people need to stop
thinking NT server if they connect to a samba4 AD server and start
thinking AD server, they are totally different.
. Novell NDS is much better the MS its (nds
On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote:
hijacked the winbind threat.. but..
Don't feel threatened. There _are_ alternatives.
I do like samba, but wiki/howtos are lots to improve.
To be fair, it's not just Samba. It's most open source stuff. There are
too many hobbyists
From: steve
On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote:
I do like samba, but wiki/howtos are lots to improve.
To be fair, it's not just Samba. It's most open source stuff.
There are
too many hobbyists and armchair users. As joe public, what we
should be
doing is
On Wed, 2013-07-24 at 01:26 -0700, Paul D. DeRocco wrote:
From: steve
On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote:
I do like samba, but wiki/howtos are lots to improve.
To be fair, it's not just Samba. It's most open source stuff.
There are
too many hobbyists
to make a new big howto for samba.
Louis
-Oorspronkelijk bericht-
Van: st...@steve-ss.com [mailto:samba-boun...@lists.samba.org]
Namens steve
Verzonden: woensdag 24 juli 2013 11:08
Aan: samba@lists.samba.org
Onderwerp: Re: [Samba] RE Samba (winbind) troubles
On Wed, 2013-07-24 at 01:26
On Wed, 2013-07-24 at 00:49 +0200, steve wrote:
[SNIP]
For the record, sssd pulls all it's info from AD.
I never said otherwise.
A user does not need a gidNumber, it is drawn from the
primaryGroupID.For Linux clients it is vital that whatever the
primaryGroupID is contains the gidNumber
On 24 July 2013 11:59, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Hum, according to Rowland it uses the gidNumber in the users DN, though
his posted proof was flawed and it could have been coming from the
gidNumber of the users primary group just as Winbind does. I have
browsed the source
On Wed, 2013-07-24 at 11:59 +0100, Jonathan Buzzard wrote:
On Wed, 2013-07-24 at 00:49 +0200, steve wrote:
[SNIP]
For the record, sssd pulls all it's info from AD.
I never said otherwise.
A user does not need a gidNumber, it is drawn from the
primaryGroupID.For Linux clients it
On Wed, 2013-07-24 at 14:09 +0200, steve wrote:
[SNIP]
Hum, according to Rowland it uses the gidNumber in the users DN,
He was correct. I was wrong in assuming that you needed no gidNumber in
the user DN. It is indeed the gidNumber that is used for rfc2307,
exactly as openLDAP.
Thank you
Hello everyone,
I recent upgraded to wheezy debian and the syntax of the smb.conf
changed when i moved up versions. It took about a week but i think i am
almost there. I got my systems to join the WIn2008 domain and can
authenticate and login on linux now with my AD users.
Now I just need to
Hai,
I'm having exactly the same problem with winbind as Matthew Daubenspeck.
also on ubuntu 12.04 with sernet packages. ( used sernet-samba-winbind 4.0.7 )
I remove the complete config atm but am at the point reinstalling now.
I'll wait with that until you put you howto on.
i cant loose
On Tue, 2013-07-23 at 09:40 +0200, L.P.H. van Belle wrote:
Hai,
I'm having exactly the same problem with winbind as Matthew Daubenspeck.
also on ubuntu 12.04 with sernet packages. ( used sernet-samba-winbind 4.0.7 )
I remove the complete config atm but am at the point reinstalling now
On Tue, 2013-07-23 at 10:15 +0200, steve wrote:
[SNIP]
+1
sssd just works: there is plain English documentation available and you
get rfc2307 out of the box. The same day;)
otoh, if you must stick with winbind there are reports of success here.
Just one more thought to bugzilla it.
On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote:
It's probably still not working for him because he needs to clear the
now poluted cache/database that winbind has created from previous
attempts. Using net cache flush might work. Personally I would stop
samba delete the tdb files
On Tue, 2013-07-23 at 11:25 +0200, steve wrote:
On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote:
It's probably still not working for him because he needs to clear the
now poluted cache/database that winbind has created from previous
attempts. Using net cache flush might work.
On 23 July 2013 10:05, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
This is where Matthew went wrong, it's right there in the man page
(unlike three years ago). There are also a large smattering of posts
from myself on this list over the last two years on how important it is
not to have
On Tue, 2013-07-23 at 11:06 +0100, Rowland Penny wrote:
[SNIP]
OK, I see where you are coming from, but until testparm starts saying
'this will not work because' people will keep on having problems with
winbind, also why do you need to set up the ranges anyway.
testparm does not guarantee
On 23 July 2013 11:40, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
On Tue, 2013-07-23 at 11:06 +0100, Rowland Penny wrote:
[SNIP]
OK, I see where you are coming from, but until testparm starts saying
'this will not work because' people will keep on having problems with
winbind,
On Tue, 2013-07-23 at 11:55 +0100, Rowland Penny wrote:
[SNIP]
I thought that testparm did exactly that, it tested all the parameters
in smb.conf, so if the ranges overlap, it should report the error.
You thought wrong then. It tests to see if they are valid so 1000-akjf
is
On Tue, 2013-07-23 at 11:25 +0200, steve wrote:
On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote:
It's probably still not working for him because he needs to clear the
now poluted cache/database that winbind has created from previous
attempts. Using net cache flush might work.
OK, the documentation is better but people still get it wrong probably
because it is more complex than it needs to be, I personally find it easier
to set sssd up, but that is just me.
Why use a word like orthogonal?, just who knows what orthogonal means, I
have only being speaking english for 56
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber: 20513
getent passwd testuser
testuser:*:3001106:20513:testuser:/home/DOMAIN/testuser:/bin/bash
Rowland
On 23 July 2013 13:54,
On Tue, 2013-07-23 at 14:20 +0100, Rowland Penny wrote:
OK, the documentation is better but people still get it wrong probably
because it is more complex than it needs to be, I personally find it
easier to set sssd up, but that is just me.
Why use a word like orthogonal?, just who knows
On Tue, 2013-07-23 at 14:39 +0100, Rowland Penny wrote:
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber: 20513
getent passwd testuser
On 23 July 2013 14:53, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Orthogonal is a single word, is precise and describes what is required
exactly. It has been in my vocabulary for approaching 30 years. None
overlapping range is three words and more characters as well. I was not
aware that
On 23 July 2013 15:04, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Not what I said. The primaryGroupID is an identifier for a group in AD,
bit like a SID is (I don't get that either). So primaryGroupID 513 might
refer to a group called sambausers, which has a it's own set of
RFC2307bis
Hallo, Jonathan,
Du meintest am 23.07.13:
Why use a word like orthogonal?
Orthogonal is a single word, is precise and describes what is
required exactly.
Sorry - that depends.
I know this word as a synonym of rectangular, and I mostly know it in
a geometrical environment.
90 degrees =
On Tue, 2013-07-23 at 14:53 +0100, Jonathan Buzzard wrote:
What gets me is people claiming that half a dozen lines of configuration
in smb.conf is more complicated than 30+ lines of configuration in an
entirely separate configuration file in addition to several lines in
smb.conf. It might
On Tue, 2013-07-23 at 15:23 +0100, Rowland Penny wrote:
On 23 July 2013 15:04, Jonathan Buzzard jonat...@buzzard.me.uk
wrote:
Not what I said. The primaryGroupID is an identifier for a
group in AD,
bit like a SID is (I don't get that either). So primaryGroupID
On Tue, 2013-07-23 at 15:04 +0100, Jonathan Buzzard wrote:
On Tue, 2013-07-23 at 14:39 +0100, Rowland Penny wrote:
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber:
On Tue, 2013-07-23 at 16:44 +0100, Jonathan Buzzard wrote:
On Tue, 2013-07-23 at 15:23 +0100, Rowland Penny wrote:
If you want my opinion and you probably don't, people need to stop
thinking NT server if they connect to a samba4 AD server and start
thinking AD server, they are
On 23 July 2013 16:44, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
You don't seem to have taken on board that primaryGroupID is a numerical
identifier for an actual group. Now why Microsoft didn't use the group's
SID I have not the faintest idea.
I suppose that you have noticed that the
On 23/07/13 17:10, Rowland Penny wrote:
[SNIP]
But if the group identified by primaryGroupID 513 has gidNumber 20513
(which would be in my opinion best practice) without looking in the
source code of sssd you don't know whether sssd took the gidNumber of
the user or took the
On Tue, 2013-07-23 at 23:21 +0100, Jonathan Buzzard wrote:
On 23/07/13 17:10, Rowland Penny wrote:
[SNIP]
But if the group identified by primaryGroupID 513 has gidNumber 20513
(which would be in my opinion best practice) without looking in the
source code of sssd you
I've rolled 2 virtual servers running Ubuntu 12.04 LTS and have
installed the SerNet packages. SRV1 has the AD setup and SRV2 is a
member server. I've followed the wiki for both servers to the letter,
and winbind still refuses to grab info on the member server.
I rolled the provision with
Have you tried 'getent passwd username'
Rowland
On 22 July 2013 19:56, Matthew Daubenspeck m...@oddprocess.org wrote:
I've rolled 2 virtual servers running Ubuntu 12.04 LTS and have
installed the SerNet packages. SRV1 has the AD setup and SRV2 is a
member server. I've followed the wiki
On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote:
Have you tried 'getent passwd username'
Rowland
root@srv2:~# getent passwd Administrator
root@srv2:~# getent passwd user1
root@srv2:~# getent passwd user2
root@srv2:~# getent passwd user3
No results. They are all there
/etc/nsswitch.conf setup correctly?
On 22 July 2013 20:52, Matthew Daubenspeck m...@oddprocess.org wrote:
On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote:
Have you tried 'getent passwd username'
Rowland
root@srv2:~# getent passwd Administrator
root@srv2:~# getent
On Mon, 2013-07-22 at 15:52 -0400, Matthew Daubenspeck wrote:
On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote:
Have you tried 'getent passwd username'
Rowland
root@srv2:~# getent passwd Administrator
root@srv2:~# getent passwd user1
root@srv2:~# getent passwd user2
On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote:
Can you post smb.conf on SRV2?
Steve
Certainly:
[global]
workgroup = NWLTECH
security = ADS
realm = NWLTECH.ORG
encrypt passwords = yes
idmap config *:backend = tdb
idmap config *:range = 70001-8
idmap config
On Mon, Jul 22, 2013 at 08:59:47PM +0100, Rowland Penny wrote:
/etc/nsswitch.conf setup correctly?
passwd: compat winbind
group: compat winbind
shadow: compat
snipped
--
To unsubscribe from this list go to the following URL and read the
instructions:
OK, that seems like it should work, I had the winbind ad backend working,
but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
idmap config *:backend = tdb
idmap config *:range = 1100-2000
idmap config DOMAIN:backend = ad
idmap config
On Mon, 2013-07-22 at 16:46 -0400, Matthew Daubenspeck wrote:
On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote:
Can you post smb.conf on SRV2?
Steve
Certainly:
[global]
workgroup = NWLTECH
security = ADS
realm = NWLTECH.ORG
encrypt passwords = yes
idmap
On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote:
OK, that seems like it should work, I had the winbind ad backend
working, but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
idmap config *:backend = tdb
idmap config
On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote:
On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote:
OK, that seems like it should work, I had the winbind ad backend
working, but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
On Mon, Jul 22, 2013 at 11:19:26PM +0200, steve wrote:
Similar to what I had when I used winbind, except the * range was lower
than the range we wanted. Try something like 3000-3500 and 3501-4
perhaps?
Like this?
idmap config *:backend = tdb
idmap config *:range = 3000-3500
idmap
If you want my opinion, this is just another example of why not to use
winbind, if you can wait until tomorrow , I will send you an howto on sssd
on Ubuntu 12.04
Rowland
On Jul 22, 2013 10:36 PM, steve st...@steve-ss.com wrote:
On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote:
On
On Mon, Jul 22, 2013 at 11:36:26PM +0200, steve wrote:
Amazing;)
Amazing all right. I have a headache :)
You'd lose control over uidNumber, gidNumber and you wouldn't be able to
specify your own home directories and login shells. It's also a
nightmare if you add a second DC.
So if I plan on
On Mon, Jul 22, 2013 at 10:45:28PM +0100, Rowland Penny wrote:
If you want my opinion, this is just another example of why not to use
winbind, if you can wait until tomorrow , I will send you an howto on sssd
on Ubuntu 12.04
Something like this?
Hi!
The command samba-tool testparm -v returns template homedir =
/home/%WORKGROUP%/%ACCOUNTNAME%.
Is there other variables that can be used?
It is possible to add one or more uPNSuffixes to Samba 4 AD DC to alter the
userPrincipalName. Both on the domain level
Hi Everyone,
Not sure if this is the correct place to be asking this but here goes:
We currently are using Samba 3.5.x and Winbind to do ID mapping for our
Active Directory environment. We are currently experiencing an issue where
new users/computers/groups created in the domain, occasionally
Hi Expert ,
I need to integrate HPUX (B.11.31 U ia64 ) machine with windows AD server
using winbind .Please provide the document for the same .
Regards,
Jagan M
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Hello everybody
I have a technical question about winbind authentication on Windows AD with a
Kerberos Cross Realm authentication.
The client use samba-winbind
samba-common.i686 1:3.5.15-74.fc15.1 @Fedora 15 - i386 - Updates
samba-winbind.i686 1:3.5.15-74.fc15.1 @Fedora 15 - i386 - Updates
I setup winbind as an authentication method on my Ubuntu server and the only
issue I have is when I change a user's group in Active Director it doesn't
update after a relogin. It shows up with a wbinfo -G but when I use the groups
command or try to operate as a member. The only groups I am in
On Wed, May 29, 2013 at 04:17:33PM +, Michael Schmitz wrote:
I setup winbind as an authentication method on my Ubuntu
server and the only issue I have is when I change a user's
group in Active Director it doesn't update after a
relogin. It shows up with a wbinfo -G but when I use the
It is not even installed. So no, im still lost
--Mike
-Original Message-
From: Volker Lendecke [mailto:volker.lende...@sernet.de]
Sent: Wednesday, May 29, 2013 2:42 PM
To: Michael Schmitz
Cc: samba@lists.samba.org
Subject: Re: [Samba] Winbind does not update groups
On Wed, May 29
Hi there,
Since samba 3.0 I've been using Samba PDC and BDCs backed by OpenLDAP,
and I configure my member servers (all running Linux) to use nss and pam
to get user information directly from LDAP. I took this way because I
had previous experience using LDAP for e-mail and web apps. But it
I've got no answers, but I realised that I had a picked up a rather poor
title, so here's a better one, combined with a more concise summary of
my earlier babbling...
Are there any smb.conf settings that control (Samba 3) Winbind's DC
failover timeout when security = ADS? I do realise that there
[2013/05/13 07:08:58.730027, 3]
winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[ 2367]: request location of privileged pipe
[2013/05/13 07:08:58.730252, 3]
winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam nathan_adm
[2013/05/13 07:09:04.052509, 3]
[2013/05/13 07:08:58.730027, 3]
winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[ 2367]: request location of privileged pipe
[2013/05/13 07:08:58.730252, 3]
winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam nathan_adm
[2013/05/13 07:09:04.052509, 3]
Im not sure why this keeps getting scrubbed :(
Smb.conf http://pastebin.com/8hbKm1cm
Krb5.conf http://pastebin.com/kJvPFR05
Commands output: http://pastebin.com/XfVMNUeD
From: Nathan Frankish
Sent: Monday, 13 May 2013 7:12 AM
To: samba@lists.samba.orgmailto:samba@lists.samba.org
Subject: winbind
Filed as bug 9847:
Customer, in the 3.6.x series, has run 3.6.10 through 3.6.13
successfully. After upgrading to 3.6.14 Winbind crashes and their data
is no longer accessible. Reverting to 3.6.13 brings back stability.
[2013/05/01 23:15:16.303789, 0]
Hi,
I have a problem with winbind, could anyone help me?
Version:
root@leela:~# samba -V
Version 4.0.5
root@leela:~# uname -a
Linux leela 3.2.0-40-generic #64-Ubuntu SMP Mon Mar 25 21:22:10 UTC 2013 x86_64
x86_64 x86_64 GNU/Linux
- First everything went fine:
root@leela:~# getent passwd
Hello,
I'm doing RD on using Winbind to authenticate Active Directory users (W2K3S
R2) on RHEL 6 servers. I have a working implementation of this using idmap_rid
as the backend. I followed 'configuration 1' in the following guide:
Jacob Seeley wrote:
Hello,
My question revolves around 'User Private Groups'. I noticed my AD users
UID's do not have matching GID's. I came across the following:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html#id2596644
This seems to indicate I cannot
On 15/04/13 22:12, Luc Lalonde wrote:
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use default domain = Yes
I want to get a username that does not contain the domain (GIGL). Instead
here's what I get:
[root@roquefort ~]# getent passwd |
Hello Geza,
Here's my 'smb.conf':
[global]
workgroup = FOO
realm = foo.example.com
netbios name = ROQUEFORT
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc,
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use default domain = Yes
I want to get a username that does not contain the domain (GIGL). Instead
here's what I get:
[root@roquefort ~]# getent passwd | grep GIGL
To: Luc Lalonde luc.lalo...@polymtl.ca
Cc: samba@lists.samba.org
Sent: Tuesday, April 16, 2013 8:27:30 AM GMT -05:00 US/Canada Eastern
Subject: RE: [Samba] Winbind strip domain from username?
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use
: samba@lists.samba.org
Sent: Tuesday, April 16, 2013 8:54:06 AM
Subject: [Samba] winbind use default domain = Yes (not working in 4.0.5)
Hello folks,
Well it seems that I'm not the only one having this problem:
https://bugzilla.samba.org/show_bug.cgi?id=9780
I am able to bypass the problem
Hi,
I have a problem with winbind, could anyone help me?
Version:
root@leela:~# samba -V
Version 4.0.5
root@leela:~# uname -a
Linux leela 3.2.0-40-generic #64-Ubuntu SMP Mon Mar 25 21:22:10 UTC 2013 x86_64
x86_64 x86_64 GNU/Linux
- First everything went fine:
root@leela:~# getent passwd
I also have this problem, using a very recent version from git. (see also:
http://www.mail-archive.com/samba@lists.samba.org/msg124657.html )
Periodically, winbind seems to simply crash, and getent passwd other ops
(e.g. htop) stall.
I'd also be happy to provide any debugging information
:48
An: tn
Cc: samba@lists.samba.org
Betreff: Re: [Samba] winbind problem
I also have this problem, using a very recent version from git. (see also:
http://www.mail-archive.com/samba@lists.samba.org/msg124657.html
http://www.mail-archive.com/samba@lists.samba.org/msg124657.html
Hello,
I am trying to connect samba to our NEW DCs running win2012 AD. Now I
can join samba using net join and winbind lists users and groups but
USER AUTH fails at by using smbclient and wbinfo -a. Error that I get is
ACCESS DENIED. Now I'm guessing that something must be blocked on
Windows
2013-04-16 12:33 keltezéssel, Luc Lalonde írta:
Hello Geza,
Here's my 'smb.conf':
[global]
workgroup = FOO
realm = foo.example.com
netbios name = ROQUEFORT
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap,
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use default domain = Yes
I want to get a username that does not contain the domain (GIGL). Instead
here's what I get:
[root@roquefort ~]# getent passwd | grep GIGL
2013-04-15 23:12 keltezéssel, Luc Lalonde írta:
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use default domain = Yes
I want to get a username that does not contain the domain (GIGL). Instead
here's what I get:
[root@roquefort ~]# getent
I am trying to figure out why winbind is using 100% CPU on my file server.
I am using Samba version 4.0.4. Everything is fine for a few minutes when I
start winbind, however after a while it begins using 100% CPU. I haven't
been able to narrow down what triggers this CPU usage spike, but I did
On Wed, Apr 10, 2013 at 06:46:48PM -0400, Dylan Klomparens wrote:
I am trying to figure out why winbind is using 100% CPU on my file server.
I am using Samba version 4.0.4. Everything is fine for a few minutes when I
start winbind, however after a while it begins using 100% CPU. I haven't
been
Did you ever get a resolution to your issue with UIDs not matching?
I have the same problem and I cannot for the life of me get my UIDs to
come from Active Directory.
If you did solve it with using the
idmap config DOMAIN : backend = ad
would you be so kind as to share? I am only able to get
Hi, I been having issue with my samba/winbind, since I update from samba
3.5 to 3.6. below is the error I am getting from my log file and the samba
config file. I am running Red Hat 6.4.
nmbd[2188]: [2013/03/10 13:25:14.327717, 0]
nmbd/nmbd_namequery.c:108(query_name_response)
Mar 10 13:25:14
| grep jvanthienen
HOME+jvanthienen
root@openindiana-san:/# getent passwd | grep jvanthienen
HOME+jvanthienen:*:11016:11006:Joeri
Vanthienen:/home/HOME/jvanthienen:/bin/false
Problem is that I can't authenticate now. It seems that samba/winbind
can't find the user.
Still some problem
Hello,
We are using Samba (3.5.6~dfsg-3squeeze8) with Winbind to join a
Debian server to our domain for the purpose of AD authentication in
Freeradius (using NTLM_AUTH). We actually have two of them for two
distinct domains.
One of them is behaving well. The other one stops authenticating
Hello,
Could you please give me some precision about the current state of the winbind
support on a member server. I have tried to list what I understand about it.
(I suppose that the libnss_winbind symlink are correct in /lib and/or lib64)
* samba4 join as member
join: samba-tool domain join
On Thursday, February 21, 2013 04:03:53 PM Ali Bendriss wrote:
Hello,
Could you please give me some precision about the current state of the
winbind support on a member server. I have tried to list what I understand
about it. (I suppose that the libnss_winbind symlink are correct in /lib
Hello,
We are using Samba (3.5.6~dfsg-3squeeze8) with Winbind to join a
Debian server to our domain for the purpose of AD authentication in
Freeradius (using NTLM_AUTH). It is setup to the point where we
joined it to the domain and wbinfo -a NETWORK\\user and ntlm_auth
--user --domain are
Really sorry to re-post but it looks like my thread has been buried and had
no responses.
I am using samba3.6 winbind to connect a RHEL5.8 linux box to a new Windows
Server 2012 Active Directory which has Unix Identity Mapping installed. So
I have all the
uidNumber/gidNumber stuff in the windows
Hello Clodonil,
I just got to this point in my testing. Be sure you link the files to
/lib64 if you are running a 64 bit version of CentOS. I was having the same
problem and realized the files needed to go in /lib64.
--
To unsubscribe from this list go to the following URL and read the
Hello Thomas,
That was it. I made a link in / lib64 and resolved.
Clodonil
2012/12/13 Thomas Simmons twsn...@gmail.com
I just got to this point in my testing. Be sure you link the files to
/lib64 if you are running a 64 bit version of CentOS. I was having the same
problem and realized the
Peace,
To answer my own question/post, I seem to have found the culprit. It
looks like it is indeed something very simple, and I could even blame it
on the AD ( more or less)...
:o)
The userAccountControl attribute is a structure that contains flags
pertaining to the user account: (See
Hello,
I just wanted to answer my question in case anybody has the same problem
and is looking for an answer...
On Sun, 02 Dec 2012 22:46, I wrote:
I have a problem with samba / winbind PAM authentication. Domain
controller is samba4, machines users log on to via PAM are samba 3.6
(all
1 - 100 of 2426 matches
Mail list logo