Re: [Samba] LDAP different Group SID -- not supported for NETLOGON calls
Cesar Amaya wrote: Hello list, I have two Samba-LDAP DC's each in different networks, domain AMECC_SAL (192.168.40.0/24) and domain AMECC_GUA (192.168.42./24). I have established a inter-domain trust relationship in both directions. My problem comes when I try to log into a machine in the AMECC_SAL domain using any user from the AMECC_GUA domain. The machine´s name in which I want to sign in is cc03. The log for the machine account says: # tail -f cc03.log [2008/03/31 16:55:17, 2] passdb/pdb_ldap.c:init_group_from_ldap(2158) init_group_from_ldap: Entry found for group: 515 [2008/03/31 16:55:35, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [ricky] - [ricky] - [ricky] succeeded [2008/03/31 16:55:35, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004) _net_sam_logon: user AMECC_GUA\ricky has user sid S-1-5-21-2494724867-3922152549-500773586-3022 but group sid S-1-5-21-3360583363-2600074294-2199971840-513. The conflicting domain portions are not supported for NETLOGON calls Part of the pdbedit -L -v says: Unix username:ricky NT username: ricky Account Flags:[U ] User SID: S-1-5-21-2494724867-3922152549-500773586-3022 init_group_from_ldap: Entry found for group: 513 init_group_from_ldap: Entry found for group: 513 Primary Group SID:S-1-5-21-2494724867-3922152549-500773586-513 from this output we can tell that Primary Group SID is different from that group sid of cc03.log file: S-1-5-21-3360583363-2600074294-2199971840-513. I am using the following software: FreeBSD 7.0 Release, samba-3.0.28,1, openldap-2.3.41 and smbldap-tools-0.9.4_2. Please can any one give some help??? Thank you very much. I think this error is because the service nns_ldap is not runing. I got this error nss_ldap: could not search LDAP server - Server is unavailable -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP different Group SID -- not supported for NETLOGON calls
Hello list, I have two Samba-LDAP DC's each in different networks, domain AMECC_SAL (192.168.40.0/24) and domain AMECC_GUA (192.168.42./24). I have established a inter-domain trust relationship in both directions. My problem comes when I try to log into a machine in the AMECC_SAL domain using any user from the AMECC_GUA domain. The machine´s name in which I want to sign in is cc03. The log for the machine account says: # tail -f cc03.log [2008/03/31 16:55:17, 2] passdb/pdb_ldap.c:init_group_from_ldap(2158) init_group_from_ldap: Entry found for group: 515 [2008/03/31 16:55:35, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [ricky] - [ricky] - [ricky] succeeded [2008/03/31 16:55:35, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004) _net_sam_logon: user AMECC_GUA\ricky has user sid S-1-5-21-2494724867-3922152549-500773586-3022 but group sid S-1-5-21-3360583363-2600074294-2199971840-513. The conflicting domain portions are not supported for NETLOGON calls Part of the pdbedit -L -v says: Unix username:ricky NT username: ricky Account Flags:[U ] User SID: S-1-5-21-2494724867-3922152549-500773586-3022 init_group_from_ldap: Entry found for group: 513 init_group_from_ldap: Entry found for group: 513 Primary Group SID:S-1-5-21-2494724867-3922152549-500773586-513 from this output we can tell that Primary Group SID is different from that group sid of cc03.log file: S-1-5-21-3360583363-2600074294-2199971840-513. I am using the following software: FreeBSD 7.0 Release, samba-3.0.28,1, openldap-2.3.41 and smbldap-tools-0.9.4_2. Please can any one give some help??? Thank you very much. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot disable roaming profile in smb.conf
I have a Samba-LDAP PDC and I cannot disable the roaming profile feature in trough my smb.conf file. The way to disable roaming profiles is to set logon home and logon path to an empty value. It looks like you have that, so it looks okay to me. Have you tried setting them as logon home = instead of logon home = What is the output of testparm -sv 2/dev/null | grep logon This is the output amecc01pdc01# testparm -sv | grep logon Load smb config files from /usr/local/etc/smb.conf Processing section [homes] Processing section [netlogon] Processing section [Profiles] Processing section [public] Loaded services file OK. Server role: ROLE_DOMAIN_PDC logon script = logon.bat logon path = logon drive = logon home = domain logons = Yes winbind offline logon = No [netlogon] path = /home/samba/netlogon/ I put logon path = because that´s the way man pages of smb.conf says to put it in order to disable this option. Thank you very much. Regards!!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot disable roaming profile in smb.conf
Hello list, I have a Samba-LDAP PDC and I cannot disable the roaming profile feature in trough my smb.conf file. I am using the following software: FreeBSD 7.0 Release, samba-3.0.28,1, openldap-2.3.41 and smbldap-tools-0.9.4_2. This is a bit of my smb.conf file: [global] workgroup = AMECC_SAL enable privileges = yes security = user encrypt passwords = Yes obey pam restrictions = No ldap passwd sync = Yes log level = 2 syslog = 0 logon script = logon.bat logon drive = logon home = logon path = domain logons = Yes preferred master = yes domain master = yes local master = yes wins support = yes wins proxy = yes dns proxy = no Can anybody help me out here. Thank you all!!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Samba for VMS
Hi, I want to make a question, where i can find the installation manual for SAMBA for VMS... thanks a lot for your help. Cesar Enrique Amaya Torres email: [EMAIL PROTECTED] Bogota - Colombia PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
