On 14/10/13 13:29, X-Dimension wrote:
Am 14.10.2013 06:43, schrieb Andrew Bartlett:
On Sun, 2013-10-13 at 14:29 +0100, Rowland Penny wrote:
Just how closely did you follow the webpage you posted in your OP? , it
seems to be using the standard samba4 packages from Ubuntu, which if I
remember
On 13/10/13 14:01, X-Dimension wrote:
After some minutes the problem exists again! :(
I' can't login anymore as an domain user and i can't join other
clients to the
Samba4 domain.
After restart the Server it looks like it works again, but some
minutes later
i ran into the same problems.
concerned about turning this off
because many people in our organization uses scripts to perform copies
from one system to one or more shares.
oplocks = No
level2 oplocks = No
regards,
j
On Thu, Oct 10, 2013 at 12:11 PM, Rowland Penny
rowlandpe...@googlemail.com mailto:rowlandpe
On 11/10/13 11:39, Winfried wrote:
Started over by removing the Windows host from the equation, and connecting
to Samba from within the server.
===
# cat smb.conf
[global]
workgroup = WORKGROUP
security = SHARE
[Plans]
path = /plans
read only = Yes
guest ok = Yes
On 11/10/13 13:10, Winfried wrote:
Doesn't work on my host.
On my samba 3.6.3 server
# cat /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
encrypt passwords = yes
log level = 2
guest account = nobody
security = user
map to guest = Bad User
[test]
path = /tmp
browsable = yes
read only = yes
On 11/10/13 13:58, Winfried wrote:
Changing to log level = 3 shows this:
...
Transaction 3 of length 132 (0 toread)
[2013/10/11 14:35:26.670629, 3] smbd/process.c:1467(switch_message)
switch message SMBtrans (pid 3767) conn 0xb7c0cf78
[2013/10/11 14:35:26.672412, 3]
On 11/10/13 13:58, Winfried wrote:
Changing to log level = 3 shows this:
...
Transaction 3 of length 132 (0 toread)
[2013/10/11 14:35:26.670629, 3] smbd/process.c:1467(switch_message)
switch message SMBtrans (pid 3767) conn 0xb7c0cf78
[2013/10/11 14:35:26.672412, 3]
On 11/10/13 15:05, Winfried wrote:
After editing smb.conf, I always run /etc/rc.d/rc.samba restart.
The host isn't running a firewall, and the error message mentions /tmp
instead of /plans, so chmod 777 /plans did nothing: chdir (/tmp)
failed, reason: Permission denied
I don't know if it means
On 11/10/13 16:36, Jacó Ramos wrote:
With SAMBA_INTERNAL works properly!
Grato.
Jacó Ramos
2013/10/11 Jacó Ramos j4c0r4...@gmail.com
Hi Greg
My passwords are correct and account i am using to join with is valid, and
works properly!
Grato
Jacó Ramos
2013/10/11 Gregory Sloop
On 11/10/13 19:06, Lee Allen wrote:
Steve thank you for pointing that out.
I made those changes and it does not effect the results.
'getent group UID' works
'getent group groupname' does not work, for the same group
On Fri, Oct 11, 2013 at 12:25 PM, steve st...@steve-ss.com wrote:
Quite a
On 09/10/13 18:04, Jerome Yanga wrote:
Has anyone seen this situation?
My Windows 2008 Standard SP2 x86_64 cannot access my samba share using
\\hostname but connects properly when connecting to it by
\\host_ip_address.
regards,
j
This sounds like a DNS problem, can you ping hostname from the
On 10/10/13 15:02, Jerome Yanga wrote:
Stephane,
NetBIOS is set to Default.
Rowland,
The DNS works on the Windows 2008 server. I can ping the hostname of
my RHEL machine from the windows server.
regards,
j
On Thu, Oct 10, 2013 at 2:40 AM, Rowland Penny
rowlandpe...@googlemail.com
'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
oplocks = No
level2 oplocks = No
[nfs_share1]
path = /net/server1/nfs_share1
read only = No
regards,
j
On Thu, Oct 10, 2013 at 7:14 AM, Rowland Penny
rowlandpe...@googlemail.com mailto:rowlandpe...@googlemail.com
, Oct 10, 2013 at 8:03 AM, Jerome Yanga jerome.ya...@gmail.com
mailto:jerome.ya...@gmail.com wrote:
Rowland,
I shall try this and will let you know the outcome.
regards,
j
On Thu, Oct 10, 2013 at 7:46 AM, Rowland Penny
rowlandpe...@googlemail.com mailto:rowlandpe
On 08/10/13 12:09, Winfried wrote:
By editing log level to 2, log.smbd nows says Authentication for user
[fred] - FAILED with error NT_STATUS_NO_SUCH_USER.
I read that Samba is able to share files with anonymous users, where all
users will be treated as nobody: If this indeed possible, what do
On 09/10/13 15:15, Winfried wrote:
Thanks for the help.
One thing that isn't clear from what I read on the Net, is whether it is
required to create a user in Samba or if an entry in /etc/passwd is enough
to grant access: Several documents use the nobody account which is already
part of
On 09/10/13 16:20, Winfried wrote:
Thanks for the tip.
However, I read that /etc/passwd only contains hashes and not the actual
passwords, which is why Samba requires adding users to its own database.
Could you share your smb.conf so I see what it looks like when only relying
on entries from
On 09/10/13 20:15, Scott Goodwin wrote:
Thanks for the advice Steve. I had actually tried this before, and it did
work temporarily, but after a few hours, the updates starting failing again.
This is so weird! Why is this happening? I have nothing but respect for
the samba team and all their
| Seattle, WA 98104
phone: 1.800.918.1670 | direct: 206.456.9180
fax: 206.623.3491 | cell: 206.355.7767
On Wed, Oct 9, 2013 at 1:36 PM, Rowland Penny
rowlandpe...@googlemail.com mailto:rowlandpe...@googlemail.com wrote:
On 09/10/13 20:15, Scott Goodwin wrote:
Thanks
On 07/10/13 16:08, Winfried wrote:
Hello
I've googled and experimented for the past few hours but am still stuck
trying to simply share a temporary directory in read-only with anyone on the
LAN.
Here's the smb.conf I'm using:
==
/etc/samba# cat smb.conf
[global]
On 01/10/13 11:07, Jonathan Buzzard wrote:
A. On Sat, 2013-09-28 at 15:49 +0100, Rowland Penny wrote:
[SNIP]
If you do a google search for 'uidNumber' for instance, you will find
this webpage:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms680511%28v=vs.85%29.aspx
On 01/10/13 12:34, Jonathan Buzzard wrote:
On Tue, 2013-10-01 at 11:27 +0100, Rowland Penny wrote:
[SNIP]
Wrong, the first windows server that had 'uidNumber' as standard was
2003R2 .
That is what I said. However there where lots of 2003 and even 2000
servers that had uidNumbers
On 01/10/13 12:57, Jonathan Buzzard wrote:
On Tue, 2013-10-01 at 12:44 +0100, Rowland Penny wrote:
[SNIP]
Here we go again, your logic is flawed, just because you personally know
of lots of windows 2003 2000 servers that have 'uidNumbers' does not
mean Samba 4 is level 2003.
No my logic
Hi,
I am trying to get vfs_recycle working on Samba 4, I compiled Samba 4
myself, so the man page for vfs_recycle is in:
/usr/local/samba/share/man/man8/vfs_recycle.8
I have the recycle bin working on a share, the problem I have is with
lists, for instance, how to list which files to exclude.
On 30/09/13 21:45, Neurodesarrollo wrote:
El 26/09/13 16:09, Neurodesarrollo escribió:
Hi List, I'm new in the list and with Samba4
I was installed, samba4 ver. 4.0.9 in a server with openSUSE 12.3, 32 bits.
Previously I had samba3.6.x installed in my server, the users could
access to
On 28/09/13 01:06, m...@electronico.nc wrote:
Without the rfc2307 domain provision, will I have to add manually
uidNumber and guiNumber each time a new user is created from Windows
Management Console ?
Even with RFC2307 domain provision, you will have to add the uidNumber
gidNumber
On 28/09/13 14:29, steve wrote:
On Sat, 2013-09-28 at 09:11 +0100, Rowland Penny wrote:
Just a thought, Because all the RFC2307 attributes are already in Samba4
AD, does this mean that we are actually running at domain level 2003 R2
? and if so, shouldn't the documentation etc show this.
Hi
On 28/09/13 15:28, Cheng-Yang Tan wrote:
Hi guys,
This seems to be a well-known problem with mount.cifs on Ubuntu 12.04.
Unfortunately, although I have applied the suggestions I found with google, I
can't seem to be able to get mount.cifs to work with kerberos. I am trying to
use kerberos to
On 28/09/13 16:11, Marc Muehlfeld wrote:
Hello,
Am 28.09.2013 10:11, schrieb Rowland Penny:
Without the rfc2307 domain provision, will I have to add manually
uidNumber and guiNumber each time a new user is created from Windows
Management Console ?
Even with RFC2307 domain provision, you
On 25/09/13 12:37, Axel wrote:
Anyone?
This is from log-level 10:
code
root@samba-dc1:/# samba-tool domain join intranet.DOMAIN.de DC
-Uintranet/admin --realm=intranet.DOMAIN.de
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
On 25/09/13 13:18, Axel wrote:
Of course,
Rowland Penny schrieb:
On 25/09/13 12:37, Axel wrote:
Anyone? Join failed - cleaning up
checking sAMAccountName
ERROR(ldb): uncaught exception - LDAP error 50
LDAP_INSUFFICIENT_ACCESS_RIGHTS - 0522: SecErr: DSID-031A0F44,
problem 4003
/SYSVOL -c 'prompt;recurse;mget
intranet.domain.de'
That's all...
Rowland Penny schrieb:
On 25/09/13 13:18, Axel wrote:
Of course,
Rowland Penny schrieb:
On 25/09/13 12:37, Axel wrote:
Anyone? Join failed - cleaning up
checking sAMAccountName
ERROR(ldb): uncaught exception - LDAP error 50
On 25/09/13 15:36, Axel wrote:
Rowland Penny schrieb:
On 25/09/13 14:43, Axel wrote:
Yes, this works all the time:
root@samba-dc1:~# kinit admin
ad...@intranet.domain.de's Password:
root@samba-dc1:~# klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: ad...@intranet.domain.de
On 25/09/13 16:57, Axel wrote:
Rowland Penny schrieb:
On 25/09/13 15:36, Axel wrote:
Rowland Penny schrieb:
On 25/09/13 14:43, Axel wrote:
Yes, this works all the time:
root@samba-dc1:~# kinit admin
ad...@intranet.domain.de's Password:
root@samba-dc1:~# klist
Credentials cache: FILE:/tmp
On 22/09/13 20:09, steve wrote:
On Sun, 2013-09-22 at 13:36 +0100, Rowland Penny wrote:
On 22/09/13 13:04, steve wrote:
Hi
How do I ldbedit this dn?
CN=*,OU=auto.users,ou=automount,DC=bar,DC=foo
It's the * that I can't get.
Cheers,
Steve
Hi Steve, how about 'ldbedit -e nano --url=ldap
On 22/09/13 13:04, steve wrote:
Hi
How do I ldbedit this dn?
CN=*,OU=auto.users,ou=automount,DC=bar,DC=foo
It's the * that I can't get.
Cheers,
Steve
Hi Steve, how about 'ldbedit -e nano --url=ldap://server.bar.foo
--kerberos=yes --krb5-ccache=/tmp/krb5cc_0 CN=*' and then search in the
On 12/09/13 15:16, Noël Köthe wrote:
Hello,
running on Debian jessie 64bit samba 4.0.8 and bind 9.9 but with the
description from https://wiki.samba.org/index.php/Dns-backend_bind I run
into the following problem:
# named -u bind -g 21 |tee named.log
12-Sep-2013 15:43:07.287 starting BIND
variable! http://technet.microsoft.com/en-us/library/cc961740.aspx
Samba 4 it's not compatible with OpenLdap ldif files. Maybe I'm wrong
and someone can open my mind...
Thanks!
On 6 September 2013 14:24, Rowland Penny rowlandpe...@googlemail.com
mailto:rowlandpe...@googlemail.com wrote
2013 12:03, Rowland Penny rowlandpe...@googlemail.com
mailto:rowlandpe...@googlemail.com wrote:
On 09/09/13 10:12, Victor Adsuar Abaldea wrote:
Hi Penny,
Thank you for response, but I'm not able to import Alterisk ldif
into SAMBA 4. I split the files in asterisk_attr.ldif
STRUCTURALMUST ( AstAccountName ) )]
at line 792
No valid msg from entry
[objectClass (AsteriskMailboxNAME 'AsteriskMailbox'DESC 'Asterisk
Mailbox Information'SUP top STRUCTURALMUST ( AstVoicemailMailbox ) )]
at line 799
Converted 76 records with 4 failures
On 9 September 2013 13:28, Rowland Penny
On 06/09/13 11:04, Victor Adsuar Abaldea wrote:
Hi,
I am turning crazy. I try to integrate Asterisk 11.5.1 into Samba4 LDAP,
but when I import the ldif file from contrib directory I get this error.
ldbmodify -H /usr/local/samba/private/sam.ldb asterisk.ldif
--option=dsdb:schema update
On 30/08/13 23:14, Luca Olivetti wrote:
Al 30/08/13 23:44, En/na steve ha escrit:
Interesting point; you've now sampled winbind, nslcd and sssd to the
same end. Have you made a decision as to which you'll be going with?
Well, the real deployment will take some time (measured in months rather
On 29/08/13 23:34, Luca Olivetti wrote:
Al 29/08/13 21:54, En/na Rowland Penny ha escrit:
Yes, I was trying sssd, but I forgot that I switched back nsswitch.conf
to ldap, so I thought your suggestion was working while it actually
wasn't (same error with Administrator as with HP$).
Bye
Hi, I
On 30/08/13 17:15, steve wrote:
On Fri, 2013-08-30 at 16:05 +0100, Rowland Penny wrote:
On 30/08/13 15:48, Luca Olivetti wrote:
Al 30/08/13 11:41, En/na Rowland Penny ha escrit:
OK, try this sssd.conf that I have altered for your setup, it is based
on the sssd.conf on the machine that I am
On 30/08/13 21:10, Luca Olivetti wrote:
Al 30/08/13 21:53, En/na Luca Olivetti ha escrit:
Al 30/08/13 21:49, En/na steve ha escrit:
On Fri, 2013-08-30 at 20:45 +0200, Luca Olivetti wrote:
Casi, casi...
Bueno. Algo es algo, pero todavía nos falta los atributos procedentes de
AD.
Saludos,
Ya,
On 30/08/13 21:28, Luca Olivetti wrote:
Al 30/08/13 22:18, En/na Rowland Penny ha escrit:
The reason why I suggested that you try another distro is that, as far
as I can see, nobody else uses Mageia on this list, at least nobody came
forward offering help. If you had tried another distro like
On 30/08/13 19:14, steve wrote:
On Fri, 2013-08-30 at 18:58 +0100, Rowland Penny wrote:
On 30/08/13 18:21, Luca Olivetti wrote:
Al 30/08/13 18:54, En/na steve ha escrit:
Bueno, a ver:
We can say for certain that /etc/krb5.keytab contains the key for
nslcd-connect
make sure you have
On 30/08/13 15:48, Luca Olivetti wrote:
Al 30/08/13 11:41, En/na Rowland Penny ha escrit:
OK, try this sssd.conf that I have altered for your setup, it is based
on the sssd.conf on the machine that I am typing this on and it works,
you just need the krb5.keytab that I told you how to create
On 30/08/13 18:21, Luca Olivetti wrote:
Al 30/08/13 18:54, En/na steve ha escrit:
Bueno, a ver:
We can say for certain that /etc/krb5.keytab contains the key for
nslcd-connect
make sure you have:
ldap_sasl_mech = gssapi
ldap_sasl_authid = nslcd-conn...@wetron.es
ldap_krb5_keytab =
On 30/08/13 17:26, Luca Olivetti wrote:
Al 30/08/13 17:05, En/na Rowland Penny ha escrit:
Correct, though I do not understand why you are using the full path to
samba-tool
Because it's not in PATH
Then you need to alter your PATH environmental variable, I do this on
Ubuntu:
echo PATH=/usr
On 29/08/13 19:17, Luca Olivetti wrote:
Al 29/08/13 12:06, En/na steve ha escrit:
We have sssd covered here:
http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html
Well, that's doesn't seem to be complete (at least to a kerberos newbie
like me).
For example, it's missing the
On 29/08/13 20:17, Luca Olivetti wrote:
Al 29/08/13 21:15, En/na Luca Olivetti ha escrit:
Al 29/08/13 21:02, En/na Rowland Penny ha escrit:
Hi, that should be 'samba-tool domain exportkeytab /etc/krb5.keytab -U
Administrator'
Thank you, that worked *but* we're back to square one: migrated
On 29/08/13 20:41, Luca Olivetti wrote:
Al 29/08/13 21:20, En/na Rowland Penny ha escrit:
On 29/08/13 20:17, Luca Olivetti wrote:
Al 29/08/13 21:15, En/na Luca Olivetti ha escrit:
Al 29/08/13 21:02, En/na Rowland Penny ha escrit:
Hi, that should be 'samba-tool domain exportkeytab /etc/krb5
On 27/08/13 23:06, Luca Olivetti wrote:
Al 27/08/13 23:02, En/na Rowland Penny ha escrit:
If nslcd needs the posix objectclasses, then that is their bug, windows
does not use them so Samba 4 doesn't either.
I wouldn't be so sure, since many (all?) of the attributes specified by
rfc2307
On 27/08/13 19:56, Luca Olivetti wrote:
Al 27/08/13 20:46, En/na steve ha escrit:
On Tue, 2013-08-27 at 20:11 +0200, Marc Muehlfeld wrote:
Do posixAccount/posixGroup
objectClasses have to be there normally?
No. With the AD schema, you can use all of rfc2307 without the need for
the
On 25/08/13 08:56, steve wrote:
On Sat, 2013-08-24 at 23:02 +, dahopk...@comcast.net wrote:
Notice that the group id and uid are both different. Why?
How did you provision the second DC? Are they replicating OK? When they
are, both DC's need:
idmap_ldb use:rfc2307 = Yes
in the [global]
On 25/08/13 15:06, dahopk...@comcast.net wrote:
Steve and Rowland,
Thanks! I checked smb.conf on both servers and they are identical except for
the netbios name. I still get different uid/gid numbers between the servers
with wbinfo, even for accounts such as mine (dhopkins) that have been
On 25/08/13 15:36, dahopk...@comcast.net wrote:
Hi, could you please post the smb.conf from both the RHEL5.9 Ubuntu
12.04 fileservers
I made minimal changes to either of these. Just noticed that on the
RHEL5.9/Samba3 fileserver that I don't have idmap_ldp:use rfc2307 =
yes, but that
On 25/08/13 16:16, dahopk...@comcast.net wrote:
Hello, I am not surprised that you are getting different uids
gids, you do not seem to have anything in smb.conf to pull the
uidNumber gidNumber from the AD server, unless you are using sssd.
You can either use Steve's original nlscd setup,
On 25/08/13 16:52, dahopk...@comcast.net wrote:
Hi, Where does Windows 2008R2 fit into this setup, is it in the same
domain? is it the primary AD server?
It is a member server in the same domain on which we ran ADUC. It was
a member of the prior samba3/LDAP authentication system. I can now
On 22/08/13 03:17, Andres Tarallo wrote:
Hi,
A few days ago, we did a SAMBA 4 installation, intended to work as a DC. We
followed the Samba AD DC Howto.
We runed samba-tool, with parameters:
domain provision --use-rfc2307 --interactive. We put as REALM COMPANY
and as domain COMPANY.LOCAL.
Typo?
idmap config THRACE : backed = rid
should be
idmap config THRACE : backend = rid
I also suggest that you remove these lines
password server = livia bkdc
Socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
ldap ssl = no
Rowland
On 24
On 24 July 2013 11:59, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Hum, according to Rowland it uses the gidNumber in the users DN, though
his posted proof was flawed and it could have been coming from the
gidNumber of the users primary group just as Winbind does. I have
browsed the source
On 23 July 2013 10:05, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
This is where Matthew went wrong, it's right there in the man page
(unlike three years ago). There are also a large smattering of posts
from myself on this list over the last two years on how important it is
not to have
On 23 July 2013 11:40, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
On Tue, 2013-07-23 at 11:06 +0100, Rowland Penny wrote:
[SNIP]
OK, I see where you are coming from, but until testparm starts saying
'this will not work because' people will keep on having problems with
winbind
with cross-realm Kerberos trusts
Your turn ;-)
Rowland
On 23 July 2013 13:48, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
On Tue, 2013-07-23 at 11:55 +0100, Rowland Penny wrote:
[SNIP]
I thought that testparm did exactly that, it tested all the parameters
in smb.conf, so
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber: 20513
getent passwd testuser
testuser:*:3001106:20513:testuser:/home/DOMAIN/testuser:/bin/bash
Rowland
On 23 July 2013 13:54,
On 23 July 2013 14:53, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Orthogonal is a single word, is precise and describes what is required
exactly. It has been in my vocabulary for approaching 30 years. None
overlapping range is three words and more characters as well. I was not
aware that
On 23 July 2013 15:04, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
Not what I said. The primaryGroupID is an identifier for a group in AD,
bit like a SID is (I don't get that either). So primaryGroupID 513 might
refer to a group called sambausers, which has a it's own set of
RFC2307bis
On 23 July 2013 16:44, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
You don't seem to have taken on board that primaryGroupID is a numerical
identifier for an actual group. Now why Microsoft didn't use the group's
SID I have not the faintest idea.
I suppose that you have noticed that the
Have you tried 'getent passwd username'
Rowland
On 22 July 2013 19:56, Matthew Daubenspeck m...@oddprocess.org wrote:
I've rolled 2 virtual servers running Ubuntu 12.04 LTS and have
installed the SerNet packages. SRV1 has the AD setup and SRV2 is a
member server. I've followed the wiki
/etc/nsswitch.conf setup correctly?
On 22 July 2013 20:52, Matthew Daubenspeck m...@oddprocess.org wrote:
On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote:
Have you tried 'getent passwd username'
Rowland
root@srv2:~# getent passwd Administrator
root@srv2:~# getent
OK, that seems like it should work, I had the winbind ad backend working,
but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
idmap config *:backend = tdb
idmap config *:range = 1100-2000
idmap config DOMAIN:backend = ad
idmap config
:
On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote:
OK, that seems like it should work, I had the winbind ad backend
working, but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
idmap config *:backend = tdb
idmap
Hi, Have you given your users groups a uidNumber and/or gidNumber on the
server?
Rowland
On 16 July 2013 16:03, Matthew Daubenspeck m...@oddprocess.org wrote:
On Mon, Jul 15, 2013 at 09:19:48PM +0200, Marc Muehlfeld wrote:
If you have multiple DCs, then the domain group/user/etc. stuff is
17:04, Matthew Daubenspeck m...@oddprocess.org wrote:
On Tue, Jul 16, 2013 at 04:42:48PM +0100, Rowland Penny wrote:
Hi, Have you given your users groups a uidNumber and/or gidNumber on
the server?
Rowland
Is that something that has to be done with ADUC? I have added all the
test
2013 21:30, Marc Muehlfeld sa...@marc-muehlfeld.de wrote:
Hello Rowland,
I haven't used sssd yet. But it's on my schedule for learning and Wiki
HowTo. Your config well be a good start for that.
Am 24.06.2013 19:47, schrieb Rowland Penny:
...
Thats it, no special user, no passwords
, 2013 3:39 PM
*To:* samba@lists.samba.org
*Cc:* Rowland Penny; Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE
*Subject:* Re: [Samba] samba4 missing group membership with getent group**
**
** **
On Friday, June 21, 2013 10:12:26 AM Rowland Penny wrote:
Hi, well yet another reason to use sssd
id_provider = ad
auth_provider = ad
access_provider = ad
chpass_provider = ad
Rowland
On 24 June 2013 17:21, Marc Muehlfeld sa...@marc-muehlfeld.de wrote:
Hello Rowland,
Am 24.06.2013 12:26, schrieb Rowland Penny:
As far as I can see, the only way to get getent on the S4 server to show
Hi, well yet another reason to use sssd instead of winbind. When I turned
on winbind in /etc/nsswitch.conf on my test S4 server, I get:
id user
uid=3001106(HOME\user) gid=20513(HOME\Domain Users)
groups=20513(HOME\Domain Users),21110(HOME\linuxusers)
getent group linuxusers
The problem is that you are mixing up how samba 4 works with how samba 3
works, samba 4 winbind does not work the same as the samba 3 winbind.
What you need to do is give your linux users a uidNumber and groups like
Domain Users a gidNumber, how you do this is up to you, it can be done from
for the OP to reprovision again and start with a blank
slate and this time do some searching on 'how do I connect a linux client
to a windows server'
Rowland
On 19 June 2013 10:54, steve st...@steve-ss.com wrote:
On Wed, 2013-06-19 at 10:34 +0100, Rowland Penny wrote:
The problem is that you
Have you created the reverse zone? Samba, for some reason, does not
automatically create it. If I run your command, I get:
IPs: ['192.168.0.2']
Calling nsupdate for A domain.lan 192.168.0.2
Outgoing update query:
;; -HEADER- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ:
is
'adserver.domain.lan'
samba-tool dns add 192.168.0.10 0.168.192.in-addr.arpa 10 PTR
adserver.domain.lan -U administra...@domain.lan
Rowland
On 11 June 2013 11:35, NOC n...@nieuwland.nl wrote:
On 06/11/2013 12:15 PM, Rowland Penny wrote:
Have you created the reverse zone? Samba, for some
Hi, I gave up on winbind, it is just too complicated and most, if not all,
of the webpages I found via google are incomplete or just down right wrong.
Why not try sssd, it just works, all you need to do is add uidNumbers to
your users, set up sssd and away you go, have a look here:
Yes, he could do that, providing his users never go anywhere near any files
or directories stored on a samba4 server, if they do, they will suddenly
find that have a different id on the server, I have been there and it is
just a mess, it took me a bit to realise why users did not own the files
sure that they do not overlap etc.
I know what I think is easier, and it isn't winbind
On 5 June 2013 14:23, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
On Wed, 2013-06-05 at 13:30 +0100, Rowland Penny wrote:
Hi, I gave up on winbind, it is just too complicated and most, if not
all
(linuxusers)
As far as I can see, the only difference when you use winbind on the server
is you cannot turn of the displaying the domain name otherwise the outputs
are identical.
On 5 June 2013 16:22, Jonathan Buzzard jonat...@buzzard.me.uk wrote:
On Wed, 2013-06-05 at 15:42 +0100, Rowland
wrote:
On Wed, 2013-06-05 at 16:22 +0100, Jonathan Buzzard wrote:
On Wed, 2013-06-05 at 15:42 +0100, Rowland Penny wrote:
I never said that I couldn't get it to work, I just said that it is
just too complicated. Yes I can read and there was no need to get
personal
You said you
Hi, I think that you misunderstood what Andrew was trying to tell you, my
/etc/krb5.conf on a linux client is this:
[logging]
default = FILE:/var/log/krb5libs.log
[libdefaults]
default_realm = MYDOMAIN.LAN
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
MUA's message quoting mechanism makes it
hard to bottom post as I am normally used to doing.)
--
Eric Robinson
From: Robinson, Eric
Sent: Monday, May 27, 2013 11:39 AM
To: 'Rowland Penny'
Cc: 'Marc Muehlfeld'; 'samba@lists.samba.org'
Subject: RE: [Samba
Hi, you probably haven't setup NSS etc so that your fileserver knows about
your AD users.
Have a read here:
https://wiki.samba.org/index.php/Samba_%26_Active_Directory
Then once you have understood what needs to be done, go here:
Hi, I think your problem may be that you are are trying to run the
standalone winbind daemon at the same time as the samba deamon, you cannot
do this, the samba daemon has its own built in winbind.
Could you please confirm how you provisioned samba4, post a sanitized
version of your smb.conf and
Hi, Remove all of this:
# security = ads
password server = 192.168.25.133
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind use default domain = yes
Then remove this line:
valid users =
On 17/05/13 15:05, Tony Nelson wrote:
I tried again today with 4.0.4 and got the same error.
Any idea on what I might do to proceed?
Thanks in advance.
Tony
-Original Message-
I compiled samba-4.0.5 from source on Ubuntu 12.04 and was following the
instructions here:
On 11/05/13 09:54, steve wrote:
Hi
I know that this has been addressed before but I couldn't find a
solution. Summary: when attempting to write a dns record using
nsupdate, nothing gets written to the zone due to the error:
; TSIG error with server: tsig verify failure
Everything is working.
On 03/05/13 22:33, Ricky Nance wrote:
I'd like to get a dev's input as to why this is now required, I have no
problem adding it to the wiki as long as they expect it and it wasn't just
something that crept in. If Jeremy or Andrew (or any other dev that sees
this) would confirm this I will add
On 25/04/13 14:11, Jaymzwise Jaymzwise wrote:
Hi,
I eventually managed to install and join a Samba4 server as a member in an
AD environment but I have a problem with the id command.
wbinfo commands work but when I launch id command with a domain user I get
user unknown.
Here is my smb.conf
On 15/04/13 22:12, Luc Lalonde wrote:
Hello Folks,
This directive works with Samba3 but does not seem to work with Samba-4.0.5:
winbind use default domain = Yes
I want to get a username that does not contain the domain (GIGL). Instead
here's what I get:
[root@roquefort ~]# getent passwd |
On 14/04/13 07:30, Andrew Bartlett wrote:
On Sun, 2013-04-14 at 02:08 +0200, François Lafont wrote:
Hi,
I used Samba 4.0.5 in Wheezy. Here is that I have done:
But there is something curious with the /usr/local/samba/var/locks/sysvol/
directory:
1 - 100 of 200 matches
Mail list logo
