Re: [Samba] Freebsd pdc
--- Original message --- I was just wondering how many people out there are using FreeBSD as a pdc. Yep. Built lots of them. With ldap backends. I see a few guides on the net mostly followed by a load of posts of problems people encounter. Is it like most things that once you have done it once you can soon set up a machine at the drop of hat as you encounter and remedy any problems. I have a few customers at the moment one of who requires a pdc with roaming profiles. I use bsd and samba all the time for normal file sharing and never have problems. I try and avoid windows servers due to costs and licensing but a pdc would be new for me. Any opinions welcome Thanks Terry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Freebsd pdc
Hi On 6 February 2011 07:57, Terry Danter wrote: > I was just wondering how many people out there are using FreeBSD as a > pdc. I see a few guides on the net mostly followed by a load of posts > of problems people encounter. Is it like most things that once you > have done it once you can soon set up a machine at the drop of hat as > you encounter and remedy any problems. I have a few customers at the > moment one of who requires a pdc with roaming profiles. I use bsd and > samba all the time for normal file sharing and never have problems. I > try and avoid windows servers due to costs and licensing but a pdc > would be new for me. > Any opinions welcome I used Samba as a PDC on FreeBSD for many years without problems. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wbinfo ok, but getent nothing
On 6 February 2011 01:38, TAKAHASHI Motonobu wrote: > Have you installed nss_winbind.so.1 to /usr/local/lib or other proper path? This is from the samba ports ; and yes it is installed in the proper place. Also, as mentioned in my previous post, when winbind is compiled with -DDEBUG_NSS I can see the debugging information showing when running getent ; so I'm guessing it is properly loaded and found When I run getent, the debug information found in winbind are displayed like # getent passwd [22522]: endpwent [22522]: endpwent returns NSS_STATUS_SUCCESS (1) Anything else I've overlooked? Thanks JY -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.6 - numerous regressions while running as AD member against Samba4alpha14 DC
I think samba-technical might be a more appropriate list for this question, since it involves Samba 4 (which is still in alpha and the HOWTO says to discuss issues on samba-technical). I have copied my reply there. On 2 February 2011 11:35, Andriy Syrovenko wrote: > Hi! > > I've setup Samba4alpha14 on a FreeBSD 8.2-RC2 box as a DC which just > works serving network of a couple of dozens of Win7 clients. > Then I installed Samba 3.5.6 on another of FreeBSD box and wanted to > join it into the AD. > I've run in the following set of issues: > > 1. Joining domain with > > "net ads join -U administrator" > > fails with the following error messages: > > "kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials" > > and then: > > "Joining domain failed: Invalid credentials". Perhaps if you provide some network traces and maybe some debug level 10 logs from the client and server when you try this, someone will be able to tell you what the problem is. > Having spent some time in debugger I've finally managed to join the > domain by adding the following line to my smd.conf: > > "client ldap sasl wrapping = seal" > > 2. Attempts to perform a dynamic DNS update with > > "net ads dns register -P" > > simply saying "DNS update failed!". Again a couple of hours of > debugging, and the problem is solved using the following patch. Please > not though that I don't really understand what this patch actually > does! :) > > diff -ur samba-3.5.6.orig/source3/libaddns/dnsgss.c > samba-3.5.6/source3/libaddns/dnsgss.c > --- samba-3.5.6.orig/source3/libaddns/dnsgss.c 2010-10-07 > 19:41:16.0 +0300 > +++ samba-3.5.6/source3/libaddns/dnsgss.c 2011-02-01 16:31:35.0 > +0200 > @@ -175,7 +175,7 @@ > * TODO: Compare id and keyname > */ > > - if ((resp->num_additionals != 1) || > + if (/*(resp->num_additionals != 1) ||*/ > (resp->num_answers == 0) || > (resp->answers[0]->type != QTYPE_TKEY)) { > err = ERROR_DNS_INVALID_MESSAGE; > > 3. nss_winbind shows only a single group for each domain user. I mean > when I issue the 'id username' command the 'Domain Users' group is > returned as primary group for username, but memberships in any other > groups is lost. I did not found a solution for this problem. > > Meanwhile I reverted to Samba 3.4.9 and it just works. I've joined the > domain without "client ldap sasl wrapping = seal" being specified in > the config file, DDNS updates just work without any patches, and group > membership resolution is also works just fine. > > When replying to this mail please place me in CC as I am not > subscribed to the list (yet). > > Best regards, > Andrey. -- Michael Wood -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Freebsd pdc
I was just wondering how many people out there are using FreeBSD as a pdc. I see a few guides on the net mostly followed by a load of posts of problems people encounter. Is it like most things that once you have done it once you can soon set up a machine at the drop of hat as you encounter and remedy any problems. I have a few customers at the moment one of who requires a pdc with roaming profiles. I use bsd and samba all the time for normal file sharing and never have problems. I try and avoid windows servers due to costs and licensing but a pdc would be new for me. Any opinions welcome Thanks Terry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.7 release date is...
Hi, On Sat, Feb 05, 2011 at 07:52:09AM +0100, Christian PERRIER wrote: > Quoting Miguel Medalha (miguelmeda...@sapo.pt): > > On the Samba wiki page "Samba3 Release Planning", the following is stated: > > > > "Thursday, February 2011 - Planned release date for Samba 3.5.7" > > > > Which of the February Thursdays will it be? 10, 17 or 24? > > > > The quoted page resides here: > > > > http://wiki.samba.org/index.php/Release_Planning_for_Samba_3.5 > > > AFAICT, from Karolin's mails to -technical, the planned date is > Thursday 10th. yes, exactly. Thanks, Christian! Sorry for the typo, it has been fixed meanwhile. Cheers, Karolin -- Samba http://www.samba.org SerNet http://www.sernet.de sambaXP http://www.sambaxp.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wbinfo ok, but getent nothing
2011/2/5 Jean-Yves Avenard : > FreeBSD samba 3.6.6 ; connected to a Windows 2008 R2 AD > > wbinfo -u and wbinfo -g will properly show all the users and groups ; > but for some reasons, I can get getent with winbind to show any > users... Have you installed nss_winbind.so.1 to /usr/local/lib or other proper path? --- TAKAHASHI Motonobu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba PDC & Exchange 2000 Server
exchange 2000 requires Active Directory. I would guess MAYBE you could use Samba 4. BUt I don't know if Samba 4 supports all the account attributes that Exchange would require. I would guess not. postfile/amavis/spamassasin/mail relaying would be topics for forums. Windows 2000 is no longer supported my Microsoft. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Dave Wynne Sent: Saturday, February 05, 2011 6:12 AM To: 'samba@lists.samba.org' Subject: [Samba] Samba PDC & Exchange 2000 Server I presently have a 2 server system a Sambe PDC and a mail server running Bynari Insight Server and we use Bynari connector to connect our Outlook 2000 clients to the Insight Server. It works well enough. BUT Bynari are stopping support for Outlook 2000. For us the upgrade all our copies of Outlook is expensive and we have all the functionality we need. So, we have MS Server 2000 and Exchange 2000 which we used to use, but had all sorts hacking issues etc when we used it for our Domain and Mail. I've been thinking that we could continue with our Samba PDC and use something like postfix, with amavis and spamassasin to act as a SMTP relay agent to an Exchange 2000 stand alone server which is fully isolated behind our firewall on a protected subnet and use port forwarding to enable Webmail and OpenVPN server to access the mail from outside. Does anyone know how to connect Exchange to Samba & Openldap and also what would I have to do to set up postfix, amavis and spamassasin to act as a relay? Any thoughts I'm sure someone has wanted to do this before. I'm loathed to move away from a linux mail server but costs make it attractive. Best regards, Dave Wynne Senior Engineer Artimech Pty. Ltd. MiniFab 1 Dalmore Drive Scoresby, Vic 3179 Australia Tel: (03) 9753 3700 Email:d...@artimech.com.au Please Visit Our Website www.artimech.com.au Information Contained Within This Communication Is Private and In Confidence -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wbinfo ok, but getent nothing
Oh, and forgot to mention that getent passwd user_name (where user_name is one of the user returned by wbinfo -u) returns nothing either.. JY -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] wbinfo ok, but getent nothing
Hi there. Feel like I'm getting nowhere. Code: FreeBSD samba 3.6.6 ; connected to a Windows 2008 R2 AD wbinfo -u and wbinfo -g will properly show all the users and groups ; but for some reasons, I can get getent with winbind to show any users... I've must have tried over 100 different configuration, read all the tutorials I could find ; I never got it to work :( smb.conf: [global] security = ADS workgroup = MEL realm = mel.domain.com wins server = ad.domain.com password server = ad.domain.com winbind uid = 1000 - 2 winbind gid = 1000 - 2 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind refresh tickets = Yes winbind nested groups = No #winbind separator = + idmap uid = 1000 - 2 idmap gid = 1000 - 2 idmap config MEL : backend = rid idmap config MEL : base_rid = 1000 idmap config MEL : range= 1000 - 2 map untrusted to domain = Yes I also compiled samba with -DDEBUG_NSS in order to determine what was going on. wbinfo -u and wbinfo -g properly shows all the username and groups defined on the AD however, getent passwd only return the local users: Code: group: files winbind #group_compat: ldap hosts: files dns networks: files passwd: files winbind #passwd: compat #passwd_compat: winbind shells: files services: files protocols: files rpc: files getend passwd returns: Code: # getent passwd [22522]: endpwent [22522]: endpwent returns NSS_STATUS_SUCCESS (1) ... list of local users [22522]: getpwent [22522]: getpwent returns NSS_STATUS_NOTFOUND (0) [22522]: setpwent [22522]: setpwent returns NSS_STATUS_SUCCESS (1) That is shows the debug information leads me to believe that nss_winbind is properly called. Code: # net ads info LDAP server: 192.168.0.3 LDAP server name: ad.domain.com Realm: MEL.DOMAIN.COM Bind Path: dc=MEL,dc=DOMAIN,dc=COM LDAP port: 389 Server time: Sat, 05 Feb 2011 20:13:24 EST KDC server: 192.168.0.3 Server time offset: 9 So what am i missing Thank you for your help Jean-Yves -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba PDC & Exchange 2000 Server
I presently have a 2 server system a Sambe PDC and a mail server running Bynari Insight Server and we use Bynari connector to connect our Outlook 2000 clients to the Insight Server. It works well enough. BUT Bynari are stopping support for Outlook 2000. For us the upgrade all our copies of Outlook is expensive and we have all the functionality we need. So, we have MS Server 2000 and Exchange 2000 which we used to use, but had all sorts hacking issues etc when we used it for our Domain and Mail. I've been thinking that we could continue with our Samba PDC and use something like postfix, with amavis and spamassasin to act as a SMTP relay agent to an Exchange 2000 stand alone server which is fully isolated behind our firewall on a protected subnet and use port forwarding to enable Webmail and OpenVPN server to access the mail from outside. Does anyone know how to connect Exchange to Samba & Openldap and also what would I have to do to set up postfix, amavis and spamassasin to act as a relay? Any thoughts I'm sure someone has wanted to do this before. I'm loathed to move away from a linux mail server but costs make it attractive. Best regards, Dave Wynne Senior Engineer Artimech Pty. Ltd. MiniFab 1 Dalmore Drive Scoresby, Vic 3179 Australia Tel: (03) 9753 3700 Email:d...@artimech.com.au Please Visit Our Website www.artimech.com.au Information Contained Within This Communication Is Private and In Confidence -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Adding LDAP Backend to Samba
Am 04.02.2011 16:40, schrieb Jorge Concha C.: On Thu, 03 Feb 2011 20:16:00 -0300, J. Echter wrote: User SID: S-1-5-21-3842863818-2180709222-141296495-1001 Primary Group SID:S-1-5-21-3842863818-2180709222-141296495-513 Another thing to check: User SID: S-1-5-21-3842863818-2180709222-141296495-1001 -> command 'net getlocalsid' must response S-1-5-21-3842863818-2180709222-141296495 (if not, run 'net setlocalsid S-1-5-21-3842863818-2180709222-141296495'). And in your LDAP server you must to have an entry as this: sambaDomainName= with sambaSID=S-1-5-21-3842863818-2180709222-141296495 Hi, net getlocalsid show the right sid. In my LDAP there is also a sambaDomainName=workgroup. There's also the right SID in there.. can anybody tell me if my users and machines are in the right LDAP groups? i got: ou=computers, there's uid=pc1$ ou=groups, there's cn=user1 cn=pc1$ ou=idmap, is empty ou=smb-usr, there's uid=user1 also i'd like to check the logs, i got many samba related logs but don't find any hint whats going on... where could i have a look too? cheers. juergen greetings. p.s. sorry Jorge, did a quick reply. didn't want to spam you -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba