pam_winbind you
might also need to add the line
password server = FQDN of domain
into smb.conf to get this to work
Regards Howard.
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square
make the call.
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
United Kingdom, EC1V 0HL
Email:
[EMAIL PROTECTED
-g users
; add group script = /usr/sbin/groupadd %g
Thnaks for your help
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
Howard Wilkinson
Steve Rippl wrote:
Thanks David, yes I have tried all these and nothing seems to be
working!
Here's where I'm at... libnss-ldap is working with my AD server, with
just 'files ldap' in nsswitch.conf a getent passwd returns local users
and users from AD, but they seem to be treated as local, ie
Steve Rippl wrote:
On Wed, 2008-07-23 at 10:22 -0700, Howard Wilkinson wrote:
[snip]
Have you put POSIX attributes onto the users in the active directory?
idmap backend = ad:ldap://domain.fqdn
winbind nss info = rfc2307
Should work. You also need
use kerberos
Alex,
a combination of pam_krb5, and nss_ldap with samba providing the
kerberos registration of the computer will work in this situation.
I did a similar set up using the Vintella/Quest product VAS for a large
corporate a couple of years ago and have replicated the functionality
since using
Check that the backslashes are not being interpolated by the shell you may want
to try.
net ads join United States\\Tredyffrin\\Resource\\Servers -U trimblrd
Howard.
Coherent Technology Limited, 23 Northampton Square, Finsbury, London EC1V 0HL,
United Kingdom
Telephone: +44 20 76907075
information that might help diagnose.
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
London, United Kingdom, EC1V 0HL
Email:
[EMAIL
No I already had this turned on!
Gautier, B (Bob) wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
] On Behalf Of Howard Wilkinson
Sent: 18 July 2006 11:50
To: samba@lists.samba.org
Subject: [Samba] Problem with 3.0.23 upgrade from 3.0.22
may be broken in 3.0.23?
Howard Wilkinson wrote:
No I already had this turned on!
Gautier, B (Bob) wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
] On Behalf Of Howard Wilkinson
Sent: 18 July 2006 11:50
To: samba@lists.samba.org
Subject
is not
being universally applied to groups in 3.0.23. As soon as I changed
my valid users = +group statements to the format = +domain\group,
then this problem was fixed for us. Maybe it will do the trick for
you...
Cheers,
-D
At 07:41 AM 7/18/2006, Howard Wilkinson wrote:
I have managed
,
perhaps I do need to rejoin the domain.
Thank you for the reply,
Dale
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
London, United Kingdom, EC1V 0HL
.
wbinfo -u does not show the computer object and it does not get listed
in the getent passwd output.
However, this works under 3.0.21c with the RFC2307 patches I supplied -
so something has been broken? ANy body got any ideas where I start looking?
I use nss_ldap not nss_winbind.
--
Howard
Ephi,
Can you please supply the smb.conf and krb5.conf from both machines,
this looks like a Unix end (i.e. client of AD) problem at first glance.
Also, if you have an LDAP browser see what has been set on the computer
accounts objects in the AD, rather than the sanitised version you see
through
14 matches
Mail list logo
