Comments below
On Tue, 2002-12-10 at 09:17, Gabriel Matthews wrote:
>
> This last reply has helped me figure out quite a few things, but I'm still
> getting stuck on the 'adding server to domain' part. Here is what I am
> seeing.
>
> [root@yavin gabriel]# smbpasswd -j CT01 -r ANAKIN -U gabriel
Hello all,
I currently have the following setup working nicely:
A Samba PDC, with LDAP-SAM, syncs passwords between LDAP and Samba (and
/etc/shadow when appropriate) correctly - either when changing them
through Samba (samba has PAM support enabled and working) or through
normal Unix mechanisms (
Here are my configs for RedHat 7.2.
I also have them for Mandrake 8.2.
If you want, read them and we can later discuss portions you don't
understand. There's a bunch of howto's out there on doing this.
Look for:
Samba+LDAP-Howto:
(Samba docs)
Winbind-Howto:
(Samba docs)
LDAP-Auth-How
I meditated long and hard on how to do this separation on 2.2.7a, even
going so far as to code most of the patch, but ran into the stone wall
that the search for the computer account is ALWAYS done as a search for
a user account (just with a "different" name - meaning the trailing $),
so I'd have t
On Sun, 2003-01-19 at 02:35, Jim C wrote:
> > What's actually needed is full separation of the search for users and
> > computers, and that's not worth it (IMHO) in 2.2.7a if 3.0alpha has it
> > already (I believe it does). I'd rather contribute to 3.0alpha and help
> > get it out the door quicker
Hi all,
I read a few posts a while back from people who were trying to get this
done.
Has anyone succeeded in doing a transparent (or an
as-close-to-as-possible) migration of an NT4 PDC to a Samba PDC?
I know it entails stuff like snatching the passwords with pwdump or the
like, and importing th
I seem to recall the existence of a utility to convert (dump?) TDB files
into text format so one could peruse the contents. I also seem to
recall that one could do the reverse - build a TDB from a text file.
Is this true? Does this utility exist? Would I have to hack my own out
of the TDB code
Hello all!
It's been asked several times whether Samba can act as an
ActiveDirectory server, and the answer has always been a categorical NO.
However, I don't recall seeing any thread dealing with the question of
whether such functionality COULD be developed.
Obviously, it WOULD be *possible* to
signature.asc
Description: OpenPGP digital signature
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
before they're gone, etc). Still,
since a stable version addressed the immediate need, I'll wait until
3.0.23 is released before upgrading yet again.
Thanks for the help tho! :)
Gerald (Jerry) Carter wrote:
On Sun, 28 May 2006, Diego Rivera wrote:
>I'll try. However, I'
signature.asc
Description: OpenPGP digital signature
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Hello all. Sorry for the re-post, I MUST remember to turn off HTML text
and GPG signing...
First off, I'm using Samba 3.0.22 and can't risk to use Samba 3.0.23rc1
because I have no "valid" test environment for it.
My problem is this: I'm using pam_winbind to authenticate users against
Acti
ord changing
on expiry (through pam), within the next couple of days.
I also came up with a backported patch from Samba 3.0.22 to Samba 3.0.20
allowing for the automatic password change on expiry. I'll post that as
well for interested parties.
Cheers
Diego
Diego Rivera wrote:
Hel
Hello all!
I've been successful at adding ADS authentication to my Samba servers on
all fronts, and also get kerberos authentication working. I've managed
to overcome some limitations (like, for instance, automatic password
changes on password expiration), but am facing one last hurdle before
Hello all!
Is it possible, using winbind (wbinfo, nss_winbind, etc) to enumare the
members of an ADS group, with something other than the "id" command for
each user, or "getent group"? The "id" works but then I'd have to
enumerate ALL users and build the meber list from there (too slow),
whe
whether a user
is a member of a group? Or just that the ACL's may forbid the
enumeration of group members for particular groups?
Thanks
Diego
Volker Lendecke wrote:
On Mon, Jun 12, 2006 at 08:19:48AM -0600, Diego Rivera wrote:
members of an ADS group, with something other than
Hello all
I've been doing some TCP dumps of Samba among other things, to try to
fish out a slight communications glitch that I suspect has to do with a
bad IP stack on an older machine, and I'm wondering if any of you could
help make my life a bit easier:
When doing the dump, I used the '-C' fla
Hello all!!
Something strange is happening recently with pam_smbpass.so.
I get the errors:
passwd: PAM unable to dlopen(pam_smbpass.so)
passwd: PAM [dlerror: pam_smbpass.so: undefined symbol: ldap_value_free]
passwd: PAM adding faulty module: pam_smbpass.so
And the passwd command returns "Modu
Hi all!
A while ago I caught a discussion re Samba and LDAP SAM backend, with
OpenLDAP and nss_ldap.
It seems that the reason the smbd process keeps crashing (and thus
losing connections) has something to do with the fact that the LDAP
standard allows connections to be unilaterally closed by the
I saw the header for libsmbclient.so, and it looks pretty basic - file
access, print job access, share access, but no password modification.
Is there a chance this will be modularized into the library in the
future?
i.e.: add this call to the library:
int smbc_change_passwd( char* un, char* wg,
pertaining to PAM operation. If you're going to be messing with stuff
like this, you should read as much of both docs as you can - I did and
it paid off in the end!
Best
Diego Rivera
Nomadic Solutions
"Taking Linux to the Next Level"
Cell: (506) 393-0772
E-mail: [EMAIL PRO
You can achieve this using LDAP as a samba and unix password backend.
I've done this and it works quite nicely
Best
Diego
On Wed, 2002-10-30 at 11:46, Gurnish Anand wrote:
> Hello,
> How can I make two linux servers sync passwords. Is it something I do
> with Samba?? I want both the unix acc
Hi all!
I've had a lot of success setting up Samba PDC's using the LDAP-SAM
backend, and got password sync working between Unix (LDAP) passwords and
Samba passwords.
I can also have other Linux boxes use Winbind to auth vrs. the PDC and
thus achieve the same password sync functionality (i.e., Sam
Hey all!
I was fiddling with some LDAP stuff for fun's sake, and I ran into this
strange situation. The situation occurred with both my stock Samba and
my modifications applied.
I had a Win2000 Advanced Server machine already joined into the domain
and working perfectly with PDC logons through t
Hi all.
I have recently installed a Samba-2.2.7 as a PDC with LDAP backend. All
works "as expected", with three exceptions:
1) Sometimes, the Win98/ME clients drop connections to the server
(persistent mapped shares cease to work). This happens when the
computer has been left idle for a few min
Hi all,
I've run into what I believe to be a funky bug in Samba 2.2.7. Here's
the scenario description (all Linux, all Samba 2.2.7, all same versions
of LDAP software, etc.):
Environment:
1 Samba PDC w/LDAP backend
2 Samba Clients joined to the PDC w/valid mach. accounts, etc.
Clients
should find two files whose names are kinda-self explanatory: one for RH
7.2, one for Mandrake 8.2.
These files contain all the configs I use to achieve password sync. An
explanatory document is there as well (README), so give that a read as
well.
Best
Diego
On Wed, 2002-11-27 at 13:31, Diego Riv
er of NT4
> file servers to a LINUX platform, but need to keep security arrangements,
> particularly file ACLs unchanged, but cannot wait until the production
> release of Samba V3.
--
Diego Rivera <[EMAIL PROTECTED]>
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Hello all,
I have news on the AD front.
It seems M$ is going to open-source it's AD implementation. It also
seems M$ is going to start development on the Samba code to help bring
it up to speed to its codebase, and unify them both in the end.
--
Diego Rivera <[EMAIL PROTECTED]>
Beat me to it!!! ;)
On Tue, 2003-04-01 at 19:14, [EMAIL PROTECTED] wrote:
> April Fools' day ;-)
>
> > -Original Message-
> > From: John H Terpstra [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, April 01, 2003 5:14 PM
> > To: Diego Rivera
> > Cc:
30 matches
Mail list logo