Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-22 Thread Luca Olivetti
Al 20/06/13 17:12, En/na Gaiseric Vandal ha escrit: > If you want to centralize the samba accounts I think the proper way > would be to use member servers. Just yesterday I had the same problem with a member server (running samba 3.6.15), pointing to the ldap server on the domain controller (3.5

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-21 Thread Philipp Lies
von Andrew Bartlett Gesendet: Freitag, 21. Juni 2013 09:58 An: Philipp Lies Cc: samba@lists.samba.org Betreff: Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch On Thu, 2013-06-20 at 10:26 +0200, Philipp Lies wrote: Hi, I'm trying to get my new samba server r

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-21 Thread Daniel Müller
--- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Andrew Bartlett Gesendet: Freitag, 21. Juni 2013 09:58 An: Philipp Lies Cc: samba@lists.samba.org Betreff: Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-21 Thread Andrew Bartlett
On Thu, 2013-06-20 at 10:26 +0200, Philipp Lies wrote: > Hi, > > I'm trying to get my new samba server running for a few days now and I > start losing my mind over not figuring out what I'm doing wrong. Here's > my setup: > > OpenLDAP 2.4.21 server with ~15 groups and >100 users, all having a uni

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-20 Thread Gaiseric Vandal
OK. I understand (at least a little better.) So the correct behaviour would be for the standalone workgroup machines to say "I don't know who DOMAIN/user1 is, so I will map to local user1." The standalone servers should be using LDAP for unix accounts put I don't think you really should

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-20 Thread Ricky Nance
You might look into net getlocalsid, net getdomainsid, net setlocalsid and net setdomainsid commands, you may be able to set the samba servers the same as your ldap sid... just a though. Remember, messing around with SID's can cause major issues, so export all sids to file and be ready set them bac

Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-20 Thread Gaiseric Vandal
If I follow correctly the LDAP server is NOT in the domain? The Samba accounts should be using the SID of the Samba PDC not the SID of the LDAP server. This of course means that a Samba member server can't use the same LDAP back end (at least for Samba authentication.) Long and short

[Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary group SID mismatch

2013-06-20 Thread Philipp Lies
Hi, I'm trying to get my new samba server running for a few days now and I start losing my mind over not figuring out what I'm doing wrong. Here's my setup: OpenLDAP 2.4.21 server with ~15 groups and >100 users, all having a unix and a samba NT password stored in the LDAP as well as a User SID an

Re: [Samba] Samba + LDAP: Issue adding machine.

2013-06-14 Thread Gaiseric Vandal
I would compare the LDAP attributes between a problem machine and a working machine.Each machine has to have a unique unix account name and SID. Normally you don't need to precreate the samba acct with "smbpasswd -a -m" or pdbedit. However it may help with the diagnostics to see what

Re: [Samba] Samba + LDAP: Issue adding machine.

2013-06-10 Thread Gaiseric Vandal
I found that Samba 3.5.x has trouble creating the LDAP attributes correctly on new machine accounts . I think Samba 3.4.x was OK. Rejoining a machine to a domain was usually OK. You need may need to do a mix of account creation with smbpasswd and LDAP modification with the LDAP editor.

[Samba] Samba + LDAP: Issue adding machine.

2013-06-10 Thread Luis H. Forchesatto
Greetings. I've run into a trouble when trying to add a new Win7 machine on a domain. The domain is controlled by a server running Samba + LDAP (samba compiled with ldap support), on a Debian 5 OS at the local network. I've added the machine name to the LDAP three through phpldapadmin using the o

Re: [Samba] Samba, LDAP and replica

2013-01-30 Thread Laurent CARON
On 26/12/2012 22:33, Andrew Bartlett wrote: On Wed, 2012-12-26 at 08:36 -0200, TI wrote: Hi Guys, I have six Linux Servers running Samba 3 as PDC of our domain, in different locations. They are integrated through LDAP (which is configured to replicate over our VPN) and all responds to the same

Re: [Samba] Samba, LDAP and replica

2012-12-26 Thread Andrew Bartlett
On Wed, 2012-12-26 at 08:36 -0200, TI wrote: > Hi Guys, > > I have six Linux Servers running Samba 3 as PDC of our domain, in > different locations. They are integrated through LDAP (which is > configured to replicate over our VPN) and all responds to the same > domain. So, wherever the user is, h

[Samba] Samba, LDAP and replica

2012-12-26 Thread TI
Hi Guys, I have six Linux Servers running Samba 3 as PDC of our domain, in different locations. They are integrated through LDAP (which is configured to replicate over our VPN) and all responds to the same domain. So, wherever the user is, he will log in the same domain name. Now I'am plannin

[Samba] samba + ldap malfunction

2012-10-29 Thread Petre Bandac
hello, everybody after migrating the cfg file from samba version 3.2.5 to 3.5.6 mounting the share and browsing its directories takes a very long time (at least for the root folder and for the first time, after that it kind of stabilizes and works ok, file transfer speed is as it should be, though

Re: [Samba] Samba/LDAP appliance recommendation

2012-09-20 Thread Andrew Bartlett
On Mon, 2012-09-17 at 04:35 +0800, Jeffrey Chan wrote: > Hi all, > > What's a good Samba+LDAP appliance these days for a small business? > Currently I used a stock Ubuntu server and did all Samda/LDAP configuration > manually. I'm looking for something that can allow my regular staff to use > as w

Re: [Samba] Samba/LDAP appliance recommendation

2012-09-20 Thread Thomas Mueller
Am Mon, 17 Sep 2012 04:35:39 +0800 schrieb Jeffrey Chan: > Hi all, > > What's a good Samba+LDAP appliance these days for a small business? not using it myself: http://www.univention.de/ http://www.zentyal.org/ - Thomas -- To unsubscribe from this list go to the following URL and read the in

[Samba] Samba/LDAP appliance recommendation

2012-09-19 Thread Jeffrey Chan
Hi all, What's a good Samba+LDAP appliance these days for a small business? Currently I used a stock Ubuntu server and did all Samda/LDAP configuration manually. I'm looking for something that can allow my regular staff to use as well. 1. I tried most of the popular NAS distros, like FreeNAS, NAS

Re: [Samba] Samba+LDAP: Minimal permissions for sambaLMPassword/sambaNTPassword attributes?

2012-07-31 Thread Dave Ewart
On Tuesday, 31.07.2012 at 12:11 +0200, Arokux B. wrote: > what are the minimum permissions for the attributes > sambaLMPassword/sambaNTPassword for the the LDAP administrator account > so that Samba is just enabled to use it for authentication with > ldapsam backend. > > It seems like auth is not

[Samba] Samba+LDAP: Minimal permissions for sambaLMPassword/sambaNTPassword attributes?

2012-07-31 Thread Arokux B.
Hi, what are the minimum permissions for the attributes sambaLMPassword/sambaNTPassword for the the LDAP administrator account so that Samba is just enabled to use it for authentication with ldapsam backend. It seems like auth is not enough, is this true?! Thanks, Arokux -- To unsubscribe from

[Samba] [SaMBa/LDAP] Password Policy

2012-06-20 Thread Cédric Carlen
Hello everyone, I rewrite a topic because I need your help, Does someone has installed an password policy between LDAP and SaMBa ? Mine does'nt work :/, samba don't find the policy. But in the log i found : ldapsam_get_account_policy_from_ldap I've already put the overlay in slapd.conf. Tha

Re: [Samba] Samba / LDAP : map uid to another field ?

2012-05-25 Thread Sylvain
I found « username map [script] » directive in smb.conf man page. I've tested P1234=jdoe and it's works. Next is to make a one line script to make this dynamic ^^ Another solution was to make a proxy LDAP instead of a replica. Thanks for the help ! If anyone have another idea, i'm open :) 2012/5/

Re: [Samba] Samba / LDAP : map uid to another field ?

2012-05-24 Thread Sylvain
Unfortunaly, I cannot do this since the two attributes are different meaning and are used in another applications so maybe with a local LDAP replica and use of your tricks will works. I will try if there are no "Samba" solutions. Thanks :) 2012/5/24 > > I am not sure if you can act on the samba

Re: [Samba] Samba / LDAP : map uid to another field ?

2012-05-24 Thread miguelmedalha
I am not sure if you can act on the samba side. Maybe you should think the other way around. You can map one attribute to another inside the LDAP server. You would use the "map attribute" directive to map "eduPersonPrincipalName" to "uid". Both logins would then authenticate against "ui

[Samba] Samba / LDAP : map uid to another field ?

2012-05-24 Thread Sylvain
Hi ! I have an OpenLDAP where users DN are in the form « uid=P1234,ou=people,dc=example,dc=com » and where the login is in the « eduPersonPrincipalName » attribute (ex : jdoe). I have configured my system (Debian Squeeze) to authenticate against LDAP (libpam-ldapd + libnss-ldapd with a mapping uid

Re: [Samba] Samba LDAP Failover

2012-04-02 Thread Stephan
Am 02.04.2012 07:43, schrieb Massimiliano Perantoni: Hi, the distribution is a Debian 6 but I compiled samba myself against a self compiled openldap 2.4.26. Actually the only difference is the openldap client libraries version, I do use 2.3 instead of 2.4, but using getent, as I stated before

Re: [Samba] Samba LDAP Failover

2012-04-01 Thread Massimiliano Perantoni
Hi, > the distribution is a Debian 6 but I compiled samba myself against a self > compiled openldap 2.4.26. Actually the only difference is the openldap client libraries version, I do use 2.3 instead of 2.4, but using getent, as I stated before, works... If I do getent passwd I get, with the fai

Re: [Samba] Samba LDAP Failover

2012-04-01 Thread Stephan
Hey, the distribution is a Debian 6 but I compiled samba myself against a self compiled openldap 2.4.26. The passdb backend line doesn't look different than yours (except the server names of course ;-)). You are not running nscd by chance ? If so does getent passwd work with a simulated ldap1

Re: [Samba] Samba LDAP Failover

2012-04-01 Thread Massimiliano Perantoni
Hi, could you send me the setup? Which lines did you add? Whici distro do you run? Thanks! Il 31 marzo 2012 22:11, Stephan ha scritto: > Am 31.03.2012 20:56, schrieb Steve Thompson: > >> On Sat, 31 Mar 2012, Massimiliano Perantoni wrote: >> >>> Well, did not try, but guess it happens the same. >

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Stephan
Am 31.03.2012 20:56, schrieb Steve Thompson: On Sat, 31 Mar 2012, Massimiliano Perantoni wrote: Well, did not try, but guess it happens the same. Just for completeness, which version of samba did you use for ldap failover? I was using 3.0.33 at the time, on CentOS 5 x86_64. Not sure which rev

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Steve Thompson
On Sat, 31 Mar 2012, Massimiliano Perantoni wrote: Well, did not try, but guess it happens the same. Just for completeness, which version of samba did you use for ldap failover? I was using 3.0.33 at the time, on CentOS 5 x86_64. Not sure which revision of CentOS; it was a while ago. Steve

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Massimiliano Perantoni
Well, did not try, but guess it happens the same. Just for completeness, which version of samba did you use for ldap failover? Il 31 marzo 2012 19:04, Steve Thompson ha scritto: > On Sat, 31 Mar 2012, Massimiliano Perantoni wrote: > >> I'm exactly using that, without luck... > > > Not sure what t

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Steve Thompson
On Sat, 31 Mar 2012, Massimiliano Perantoni wrote: I'm exactly using that, without luck... Not sure what to tell you; I have used multiple LDAP servers in the past with success, although these days I use a single virtual LDAP server which load balances across a set of backend servers. What h

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Massimiliano Perantoni
I'm exactly using that, without luck... -- Massimiliano Perantoni site: http://www.perantoni.net Il 31 marzo 2012 15:35, Steve Thompson ha scritto: > On Sat, 31 Mar 2012, Gaiseric Vandal wrote: > >> I don't think Samba (depending on the version) supports multiple ldap >> backends.    You should

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Steve Thompson
On Sat, 31 Mar 2012, Gaiseric Vandal wrote: I don't think Samba (depending on the version) supports multiple ldap backends.You should have samba_server_1 using ldap_server_1 and samba_server_2 using ldap_server_2. Samba most certainly does support multiple LDAP backends. There's even an e

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Massimiliano Perantoni
alf Of Massimiliano Perantoni > Sent: Saturday, March 31, 2012 6:12 AM > To: samba@lists.samba.org > Subject: [Samba] Samba LDAP Failover > > Hi, > I have a quite "simple" setup for a particular customer that loves > redundancy and failover. > PDC + BDC with LDA

Re: [Samba] Samba LDAP Failover

2012-03-31 Thread Gaiseric Vandal
lf Of Massimiliano Perantoni Sent: Saturday, March 31, 2012 6:12 AM To: samba@lists.samba.org Subject: [Samba] Samba LDAP Failover Hi, I have a quite "simple" setup for a particular customer that loves redundancy and failover. PDC + BDC with LDAP Passwords on two 389-ds in multimaster node + sever

[Samba] Samba LDAP Failover

2012-03-31 Thread Massimiliano Perantoni
Hi, I have a quite "simple" setup for a particular customer that loves redundancy and failover. PDC + BDC with LDAP Passwords on two 389-ds in multimaster node + several samba member servers Actually pointing singularly on both the systems everything works great. As soon as I modify my passdb back

Re: [Samba] samba+ldap

2012-03-21 Thread Miguel Medalha
I'm trying to combine samba + ldap, I was successful in another attempt what motivated me to create one. deb package that would make the whole process, I installed this package, the ldap dit was created successfully but when I try to insert a Windows machine in the Domain I get the message that

[Samba] samba+ldap

2012-03-21 Thread Leonam Silva
I'm trying to combine samba + ldap, I was successful in another attempt what motivated me to create one. deb package that would make the whole process, I installed this package, the ldap dit was created successfully but when I try to insert a Windows machine in the Domain I get the message that the

Re: [Samba] samba ldap domain member server with cifs and nfs

2012-02-27 Thread TAKAHASHI Motonobu
From: Guilhem Souque Date: Mon, 27 Feb 2012 12:01:50 +0100 > I try to configure a domain member server on an other debian squeeze > that will serve as cifs and nfs server. (snip) > The unix uids provided by winbind are not the same than those used by > the system (libnsss-ldap) > winbind don

Re: [Samba] samba ldap domain member server with cifs and nfs

2012-02-27 Thread steve
On 27/02/12 12:01, Guilhem Souque wrote: t's seems that in samba 3.0.24 (debian etch) the uid in the idmap OU was the same that those in the USERS OU because i have some entry that are correct and i had domain member server in this samba version. Is there a way to synchronize unix uids with idm

[Samba] samba ldap domain member server with cifs and nfs

2012-02-27 Thread Guilhem Souque
Hi samba lists, we have a samba-ldap domain running on a debian squeeze (samba 3.5.6)server (pdc and bdc). I try to configure a domain member server on an other debian squeeze that will serve as cifs and nfs server. My Debian server member use winbind (on ldap) for mapping the users windows si

[Samba] samba ldap domain member server with cifs and nfs

2012-02-27 Thread Guilhem Souque
Hi samba lists, we have a samba-ldap domain running on a debian squeeze (samba 3.5.6)server (pdc and bdc). I try to configure a domain member server on an other debian squeeze that will serve as cifs and nfs server. My Debian server member use winbind (on ldap) for mapping the users windows si

Re: [Samba] Samba LDAP passthrough authentication to another openLDAP

2012-02-16 Thread Adam Tauno Williams
On Thu, 2012-02-16 at 21:10 +0800, Fajar Priyanto wrote: > Hi all, > I have a setup like this. Pls let me know if it's possible or not. > SAMBA + Local LDAP ---> SASLAUTHD --> Global LDAP No. Samba uses the sambaNTPassword attribute in it's LDAP schema which is a crypt of the password. You may

[Samba] Samba LDAP passthrough authentication to another openLDAP

2012-02-16 Thread Fajar Priyanto
Hi all, I have a setup like this. Pls let me know if it's possible or not. SAMBA + Local LDAP ---> SASLAUTHD --> Global LDAP Desc: I'd like to do Samba authentication to LDAP, passthrough to another LDAP using SASL. The current situation is: SSH authentication from LDAP user to that Samba box wor

Re: [Samba] Samba, ldap, password complexity, cracklib - questions

2012-02-02 Thread Giles Coochey
On 2012-02-02 15:08, Adam Tauno Williams wrote: check password script = /usr/local/sbin/crackcheck -c -s Not sure where I got crackcheck from; it is a compiled binary. I think you got it from the samba tar ball: https://lists.samba.org/archive/samba/2011-September/164089.html -- Message s

Re: [Samba] Samba, ldap, password complexity, cracklib - questions

2012-02-02 Thread Adam Tauno Williams
On Thu, 2012-02-02 at 15:00 +0100, Götz Reinicke wrote: > --ms020400080806080209020400 > Content-Type: text/plain; charset=ISO-8859-15 > Content-Transfer-Encoding: quoted-printable > > Hallo, > > we run a Redhat samba 3.5.4 PDC with openldap 2.4 as > user/passwordbackend. The ldap als

[Samba] Samba, ldap, password complexity, cracklib - questions

2012-02-02 Thread Götz Reinicke
Hallo, we run a Redhat samba 3.5.4 PDC with openldap 2.4 as user/passwordbackend. The ldap also contains the posix information for the users to login to some web/mail/etc. servers. I'm faced with the task to implement a 'both worlds' compatible paswword sync process regarding complexity etc. For

[Samba] Samba LDAP kerberos tickets problem

2011-11-16 Thread DAVID ZHOU
Hi, I am using Samba to join AD.But have a problem with version 3.4.7 which not meet in version 3.2.5. Here is my steps: in version 3.2.5 1. set smb.conf and krb5.conf the realm to test.com; in smb.conf set use kerberos keytab = true 2. net ads join -U Administrator%Password createupn=t...@te

Re: [Samba] Samba/LDAP/Win7 Domain Admins could not log in

2011-09-15 Thread Miguel Medalha
The Samba wiki page related to the use of Windows 7 with Samba contains the following statements: « There are currently two registry settings required to be added on the Windows 7 client prior to joining a Samba Domain. These are: HKLM\System\CCS\Services\LanmanWorkstation\Parameters

[Samba] Samba/LDAP/Win7 Domain Admins could not log in

2011-09-15 Thread Denis Witt
Hi, I'm running Samba 3.5.6 with OpenLDAP 2.4.23 (from Debian Squeeze) as PDC. Everything is working fine (Joining Domains, Log on Users) but I'm not able to Log in as Domain Admin. If I try to, the message "Unable to log on „The User Profile Service service failed the logon. User profile can

[Samba] Samba - Ldap & InetOrgPerson

2011-08-21 Thread Keith
I don't know if I should post this here or in the samba bugzilla but here goes... I am trying to get samba-ldap (editposix) to use the Inetorgperson schema so that I can setup a samba domain using our existing ldap directory. Our websites users are held in a LDAP directory that has user info

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-05 Thread J. Echter
Am 04.08.2011 12:09, schrieb J. Echter: Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu: From: "J. Echter" Date: Tue, 02 Aug 2011 14:12:05 +0200 I thought im done setting domain to WORKGROUP, as its set in smbldap.conf. I don't get why smbldap tools thinks im on a domain called BDC. Would i

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-04 Thread J. Echter
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu: From: "J. Echter" Date: Tue, 02 Aug 2011 14:12:05 +0200 I thought im done setting domain to WORKGROUP, as its set in smbldap.conf. I don't get why smbldap tools thinks im on a domain called BDC. Would it help if i post some output from pdbedit

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-03 Thread J. Echter
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu: net rpc getsid hi, yes i did this step and just repeated it to be sure. sudo net rpc getsid bdc: [sudo] password for bdc: Storing SID S-1-5-21-3842863818-2180709222-141296495 for Domain WORKGROUP in secrets.tdb pdc: sudo smbldap-useradd -a t

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-03 Thread TAKAHASHI Motonobu
From: "J. Echter" Date: Tue, 02 Aug 2011 14:12:05 +0200 > I thought im done setting domain to WORKGROUP, as its set in smbldap.conf. > > I don't get why smbldap tools thinks im on a domain called BDC. > > Would it help if i post some output from pdbedit or stuff like that? I > really don't get

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-03 Thread J. Echter
Am 02.08.2011 14:54, schrieb J. Echter: Am 02.08.2011 14:40, schrieb Julien Celle: Le 02/08/2011 14:22, J. Echter a écrit : Am 02.08.2011 14:06, schrieb Julien Celle: pdbedit output indicates that the profile is stored on '\\pdc...' and that the user is defined on the domain 'BDC'. oh i forgo

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread J. Echter
Am 02.08.2011 14:40, schrieb Julien Celle: Le 02/08/2011 14:22, J. Echter a écrit : Am 02.08.2011 14:06, schrieb Julien Celle: pdbedit output indicates that the profile is stored on '\\pdc...' and that the user is defined on the domain 'BDC'. oh i forgot, profiles are on \\pdc. cheers. Hi,

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread Julien Celle
Le 02/08/2011 14:22, J. Echter a écrit : Am 02.08.2011 14:06, schrieb Julien Celle: pdbedit output indicates that the profile is stored on '\\pdc...' and that the user is defined on the domain 'BDC'. oh i forgot, profiles are on \\pdc. cheers. Hi, There may be a problem trying to access your

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread J. Echter
Am 02.08.2011 14:06, schrieb Julien Celle: pdbedit output indicates that the profile is stored on '\\pdc...' and that the user is defined on the domain 'BDC'. oh i forgot, profiles are on \\pdc. cheers. -- To unsubscribe from this list go to the following URL and read the instructions: https:/

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread J. Echter
Am 02.08.2011 14:06, schrieb Julien Celle: First of all, there is a problem between your samba conf and the output of pdbedit : your server netbios name is defined in your smb.conf as 'BDC' and your workgroup/domain as 'workgroup' whereas the pdbedit output indicates that the profile is stored

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread Julien Celle
First of all, there is a problem between your samba conf and the output of pdbedit : your server netbios name is defined in your smb.conf as 'BDC' and your workgroup/domain as 'workgroup' whereas the pdbedit output indicates that the profile is stored on '\\pdc...' and that the user is defined

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-08-02 Thread J. Echter
Am 25.07.2011 14:38, schrieb J. Echter: Am 22.07.2011 17:48, schrieb TAKAHASHI Motonobu: From: "J. Echter" Date: Thu, 21 Jul 2011 08:51:25 +0200 Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: hi, tried all your hints. still now profiles found... H... My testing environment is availabl

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-25 Thread J. Echter
Am 22.07.2011 17:48, schrieb TAKAHASHI Motonobu: > From: "J. Echter" > Date: Thu, 21 Jul 2011 08:51:25 +0200 > >> Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: >> hi, >> >> tried all your hints. still now profiles found... > > H... > > My testing environment is available at > > ftp:/

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-22 Thread TAKAHASHI Motonobu
From: "J. Echter" Date: Thu, 21 Jul 2011 08:51:25 +0200 > Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: > hi, > > tried all your hints. still now profiles found... H... My testing environment is available at ftp://ftp.ring.gr.jp/pub/net/samba-jp/vmware_player_images/sambapdc-squeeze

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-21 Thread J. Echter
Am 21.07.2011 11:33, schrieb L.P.H. van Belle: Hai, a working profile share.. [profiles] path = /bacula/samba/profile comment = Profiel enviroment. read only = no create mask = 0600 directory mask = 0700 browseable = Yes guest ok = Y

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-21 Thread L . P . H . van Belle
7-20 18:21 >Aan: samba@lists.samba.org >Onderwerp: Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles > >Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: >> >>> [profile] >>> path = /bacula/samba/profile >> This path has valid permission? > >d

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-20 Thread J. Echter
Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: From: "J. Echter" Date: Wed, 20 Jul 2011 17:58:34 +0200 i've finally have my LDAP backend working for authentication for my DC. Logon scripts are executed, user is authenticated, but my roaming profiles are not found. here is what i have in my

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-20 Thread J. Echter
Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu: [profile] path = /bacula/samba/profile This path has valid permission? drwxrwxrwt 21 root root 4096 Jul 7 09:48 profile And actually "pdbedit -v a-user" shows valid profile path? pdbedit -v klaudia Full Name:klaudia

Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-20 Thread TAKAHASHI Motonobu
From: "J. Echter" Date: Wed, 20 Jul 2011 17:58:34 +0200 > i've finally have my LDAP backend working for authentication for my DC. > > Logon scripts are executed, user is authenticated, but my roaming > profiles are not found. > > here is what i have in my config files: (snip) > hide file

[Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles

2011-07-20 Thread J. Echter
Hi, i've finally have my LDAP backend working for authentication for my DC. Logon scripts are executed, user is authenticated, but my roaming profiles are not found. here is what i have in my config files: smb.conf [global] printing = bsd netbios name = PDC server string = PDC (%h)

Re: [Samba] Samba, LDAP, Windows XP - force passwordchange on first login

2011-02-02 Thread Daniel Müller
: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Götz Reinicke - IT-Koordinator Gesendet: Dienstag, 1. Februar 2011 15:53 An: samba@lists.samba.org Betreff: [Samba] Samba, LDAP, Windows XP - force passwordchange on first login Hello, I was looking for the right

[Samba] Samba, LDAP, Windows XP - force passwordchange on first login

2011-02-01 Thread Götz Reinicke - IT-Koordinator
Hello, I was looking for the right ldap attribute and setting to force users to change there password when they log in for the first time. Can somewone point me to the syntax or doc I did not found yet? samba 3.5.4 and openldap-2.4.19 Thanks and regards, -- Götz Reinicke IT-Koordinator Tel.

Re: [Samba] Samba+LDAP+Password

2011-01-31 Thread Daniel Müller
Rodolfo Barbosa Gesendet: Montag, 31. Januar 2011 12:27 An: samba@lists.samba.org Betreff: [Samba] Samba+LDAP+Password Hi, We have a Debian Lenny running Samba 3.5.5 with OpenLDAP and Winbind. The users can change their password via windows clientes but after the password expires thei can't

[Samba] Samba+LDAP+Password

2011-01-31 Thread Rodolfo Barbosa
Hi, We have a Debian Lenny running Samba 3.5.5 with OpenLDAP and Winbind. The users can change their password via windows clientes but after the password expires thei can't set a new password. To unlock the user account I have to set a new password via smblda-passwd script. I have the following p

[Samba] samba+ldap setup, users info in two OU

2010-10-19 Thread vishesh kumar
Dear friends My domain users in two diffrent OU, one OU is TEMP_USERS and other OU is PEOPLE. What i should mention in smb.conf ? If i mention ldap user suffix = ou=PEOPLE, then users of ou TEMP_USERS is not able to authenticate. Please guide me. Thanks -- http://linuxinterviews.blogspo

Re: [Samba] Samba LDAP ignores group information

2010-07-27 Thread Gaiseric Vandal
On 07/27/2010 03:38 PM, Daniel Deptuła wrote: W dniu 2010-07-27 20:05, alexan...@nautae.eti.br pisze: Hi. Excuse my English. I've installed Samba+OpenLDAP as a PDC. Everything works fine but Samba ignores completely group information. Linux is ok. Any clue? I'm going crazy here! Here's

Re: [Samba] Samba LDAP ignores group information

2010-07-27 Thread Daniel Deptuła
W dniu 2010-07-27 20:05, alexan...@nautae.eti.br pisze: Hi. Excuse my English. I've installed Samba+OpenLDAP as a PDC. Everything works fine but Samba ignores completely group information. Linux is ok. Any clue? I'm going crazy here! Here's the sittuation: user: fish1 home dir: /home/reaml

Re: [Samba] Samba LDAP ignores group information

2010-07-27 Thread Ssureshot
alexan...@nautae.eti.br wrote: Hi. Excuse my English. I've installed Samba+OpenLDAP as a PDC. Everything works fine but Samba ignores completely group information. Linux is ok. Any clue? I'm going crazy here! Here's the sittuation: user: fish1 home dir: /home/reaml/swim/fish1 primary group

[Samba] Samba LDAP ignores group information

2010-07-27 Thread alexander
Hi. Excuse my English. I've installed Samba+OpenLDAP as a PDC. Everything works fine but Samba ignores completely group information. Linux is ok. Any clue? I'm going crazy here! Here's the sittuation: user: fish1 home dir: /home/reaml/swim/fish1 primary group: swimmers other groups: smokers

[Samba] Samba / LDAP passwords

2010-07-26 Thread Ssureshot
Hello, Ubuntu 9.10 Server / Samba 3.4 with an ldap backend I'm looking for some explanation on how a few options work together to make passwords work properly. I have some accounts that have the sambaAcctFlag [UX] and that should set it so their passwords don't expire correct? This doesn't seem

[Samba] Samba-LDAP Password Expiration Reminder Script

2010-07-16 Thread Bill Baird
I am currently running Samba (3.0.33) on CentOS 5 with an OpenLDAP back-end. I would like to be able to have a script run that would look at the sambaPwdLastSet attribute, compare it to the current time and then if needed...email the user a reminder to change their password. I have never written an

[Samba] Samba, ldap and machine accounts

2010-07-15 Thread Götz Reinicke - IT-Koordinator
Hi, some time a go I started to try a migration form our "old" samba PDC with smbpasswd user backend to a new ldap based. I got to the point, that users can login to shares and now I'd liked to set up the server as an PDC with ldap and machine accounts too. The smbldap-toosl are installed and co

Re: [Samba] Samba/LDAP and home dir creation

2010-06-15 Thread Andrew Masterson
Subject: [Samba] Samba/LDAP and home dir creation Hi, all. I'm working on a project to create a Samba PDC with LDAP authentication. I've been pretty successful in getting everything to work. However, I've run into a small snag: The PDC is built on an OpenSuse 11.2 box. Most

Re: [Samba] Samba/LDAP and home dir creation

2010-06-09 Thread Dimitri Yioulos
On Wednesday 09 June 2010 4:47:31 pm you wrote: > Hi Dimitri, > > You probably want to enable the PAM module > responsible for this. Back up and edit your > /etc/pam.d/system-auth and add the following > line: > > session required pam_oddjob_mkhomedir.so > skel=/etc/skel/ umask=0022 > > Note: Messi

Re: [Samba] Samba/LDAP and home dir creation

2010-06-09 Thread Diego Lima
Hi Dimitri, You probably want to enable the PAM module responsible for this. Back up and edit your /etc/pam.d/system-auth and add the following line: session required pam_oddjob_mkhomedir.so skel=/etc/skel/ umask=0022 Note: Messing with your pam config may lock you out of the system, so be caref

[Samba] Samba/LDAP and home dir creation

2010-06-09 Thread Dimitri Yioulos
Hi, all. I'm working on a project to create a Samba PDC with LDAP authentication. I've been pretty successful in getting everything to work. However, I've run into a small snag: The PDC is built on an OpenSuse 11.2 box. Most of the member servers are also OpenSuse 11.2 boxes. However, a

[Samba] Samba/LDAP Win 7 unable to access shares

2010-05-25 Thread William Hamilton
Windows 7 can connect to the domain as a member (using wiki.samba Win 7 details) but cannot see any shared resources or connect to the machine at all. Logs show tings start ok but fall apart pretty quickly. Anyone else having issues with Win7 and Samba? On this network, XP, Vista and Mac all sw

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-19 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You are missing something, which I just realized reading this: a couple of emails that went back and forth off-list. Oops. I think the following is essentially accurate: someone will surely correct me if it's not. At the moment, this is the only s

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-18 Thread zoolook
2010/5/18 Alex McKenzie : > r...@sl1:/etc/samba# testparm > Server role: ROLE_DOMAIN_PDC > [global] >        workgroup = CHEMBMB >        domain logons = Yes >        preferred master = Yes >        domain master = Yes > This is a standalone server providing file sharing, but not acting as a >

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-18 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This fixed it! For the record, since I suspect this all gets archived and is searchable: here's the output of testparm. r...@sl1:/etc/samba# testparm Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[i

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-18 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I do have smbldap tools installed and, as far as I can tell, set up. net join CHEMBMB -U Administrator returns "cannot join as standalone machine". The LDAP structure may be the issue... I don't think computer accounts were ever set up on the current

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-18 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 t...@tms3.com wrote: > SNIP >>> SID for domain SL1 is: S-1-5-21-1557386430-3227286864-500253393 >>> SID for domain CHEMBMB is: S-1-5-21-4167008922-1292391803-4044586981 >>> >>> 7) Users have both user and group SIDs in the form >>> "S-1-5-21-41670089

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-17 Thread tms3
SNIP SID for domain SL1 is: S-1-5-21-1557386430-3227286864-500253393 SID for domain CHEMBMB is: S-1-5-21-4167008922-1292391803-4044586981 7) Users have both user and group SIDs in the form "S-1-5-21-4167008922-1292391803-4044586981-[unique number]", which is generated according to the rules t

Re: [Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-17 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So no one has any guesses on this? I've found nothing new, so any help at all would be appreciated... - -Alex Alex McKenzie wrote: > Greetings, > > While I've seen this referred to a lot of places, I haven't yet found > a posted solution that wor

[Samba] Samba/LDAP share issue -- user with invalid SID

2010-05-06 Thread Alex McKenzie
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, While I've seen this referred to a lot of places, I haven't yet found a posted solution that works for me. Testing has been done from a Mac running OSX 10.5.8 Here's what I have so far: if anyone can give me a next step to test, I'd app

Re: [Samba] samba, ldap, kerberos

2010-02-17 Thread Pramathesh Ambasta
samba-requ...@lists.samba.org wrote: Subject: Re: [Samba] samba, ldap, kerberos From: Natxo Asenjo Date: Mon, 15 Feb 2010 09:42:18 +0100 To: Samba Mail List To: Samba Mail List On Mon, Feb 15, 2010 at 7:27 AM

Re: [Samba] samba, ldap, kerberos

2010-02-15 Thread Natxo Asenjo
On Mon, Feb 15, 2010 at 7:27 AM, Pramathesh Ambasta wrote: > Though I am not new to samba, I am new to this so will really appreciate > guidance. If I want to implement a single sign on scheme using openldap and > kerberos on a linux server, how can samba be integrated into this scheme? As > far a

[Samba] samba, ldap, kerberos

2010-02-14 Thread Pramathesh Ambasta
Though I am not new to samba, I am new to this so will really appreciate guidance. If I want to implement a single sign on scheme using openldap and kerberos on a linux server, how can samba be integrated into this scheme? As far as I can understand from the docs, the discussions on samba and k

  1   2   3   4   5   6   7   8   9   >