RE: [Samba] Winbind - how to map ADS group to Unix group
It might be a very silly way to do it, but this is how I accomplished it as I
never got any help from the group during my setup. Most of the tools provided
by Samba didn't work for me, and I haven't been able to figure out the problem.
I have added all the respective SAMBA groups to local /etc/group, so here you
may make test2 member of Domain Users group, and it will work. If you would
like a take a quick look at my setup, please feel free to visit
http://www.miracletechs.com/sambainstall.html.
Thank you.
Miles, Noal [EMAIL PROTECTED] wrote:
Winbind is configured for ads.
I want Domain\Domain Users to be members of local linux group test2.
I created a local group on the linux box:
Groupadd -u 502 test2
I have tried net groupmap addmem, it tells me the syntax is
Net groupmap addmem alias-sid member-sid
There is no SID for test2 so how can I use net groupmap addmem?
Wbinfo -G 502
Cannot convert gid 502 to sid
Net groupmap add ntgroup=Domain\Domain Users unixgroup=test2
Successfully added group Domain\Domain Users to the mapping db
Getent group test2
Test2:x:502:
So this doesn't work either.
I have also tried username map in smb.conf with no success.
I appreciate the suggestions thus far. Any additional help would be greatly
appreciated.
Thanks,
Noal
-Original Message-
From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 01, 2005 8:00 AM
To: Miles, Noal
Cc: 'samba@lists.samba.org'
Subject: Re: [Samba] Winbind - how to map ADS group to Unix group
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Miles, Noal wrote:
| OK I set winbind nested group = yes
use `net groupmap {addmem,delmem,listmem}'
cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCJHV4IR7qMdg1EfYRAgauAJ9zI4gmGpn/9H0E0zA4Y3Nips3nnACdHAUj
HOXXv8XrN7gaVl2mBrpxLcs=
=/mab
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] My Documents doesn't sync unless logged off
My Documents folder doesn't sync with the server unless users log off from the machine and log back in. Is there a way to sync the My Documents folder during the session? Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba+LDAP users can't su
I am authenticating RedHat Fedora box against a Samba+Openldap server. Users can login on console and ssh to the Fedora box using their ldap credentials, but they can't su. For example, I can ssh to Fedora box as user A, but I can't su - A. Su and login under pam.d seem to be same. Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbcquotas (Need help with command syntax)
I need to setup quota on //server/home for user a to 1GB and on //server/client (for all users on this share) to 10GB May you please let me know the exact command to be used for this? Also, do I need to add any other parameter in smb.conf in order to make quotas work? I have compiled samba with quotas option. Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: SAMBA + OPENLDAP - Getent - Please help :)
Fellows: I am still stuck with getent part. As I mentioned previously, nss_ldap-207-2.i386.rpm (which came with RedHat 3) gave me segmentation fault, so I have configured nss_ldap-232 from the padl site. I have used the following configure parameters: configure --with-ldap-lib=openldap --with-ldap-conf-file=/etc --with-ldap-dir= /usr --enable-schema-mapping=yes OpenLDAP openldap-2.2.20 is configured as: configure --prefix=/usr --enable-slapd --enable-ldbm=yes --enable-ldap=yes --e nable-dnssrv --enable-hdb --enable-dyngroup --enable-slurpd --with-cyrus-sasl=no --with-tls=no --enable-ipv6=no --enable-crypt=yes --enable-passwd=yes --enable -dyngroup=yes Samba samba-3.0.10 is configured as: configure --enable-cups --with-ldap --with-smbmount --with-quotas --with-winb ind --with-ldapsam ldap.conf configuration is as follows: #SIZELIMIT 12 #TIMELIMIT 15 DEREF never host 192.168.1.198 base dc=mercurytechs,dc=com binddn cn=Manager,dc=XXX,dc=com bindpw XXX pam_password exop nss_base_passwd ou=People,dc=XXX,dc=com?sub nss_base_shadow ou=People,dc=XXX,dc=com?sub nss_base_group ou=Groups,dc=XX,dc=com?sub pdbedit -Lv lists all the users. slapcat does list all the accounts and groups. I can query the ldap database using ldapsearch, but getent doesn't give me any output at all. Please let me know, where may be a possible mistake. Thank you. Choudary Mumtaz [EMAIL PROTECTED] wrote: I am not able to download the attached file. May you please send me another copy? Also, I have switched to nss_ldap-207-2.i386.rpm and now I get a segmentation error when I do getent --service=ldap passwd May someone please point me to the right direction? Thank you. Tony Earnshaw wrote: Jim C.: |Yes. I have followed the instructions from the book, and I have also ... | will cost you both time and sweat .( Heck, I'd be ecstatic if I could just get a schema file patch for posixGroups that appropriately support dn syntax. For me the standard Openldap nis.schema (posix) and samba3 schema work o.k. - of did I have to change the samba3 schema? My working one's attached. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] session setup failed: NT_STATUS_LOGON_FAILURE
I am trying to configure a OPENLDAP+SAMBA server and I am getting the following error message: session setup failed: NT_STATUS_LOGON_FAILURE when I run the following command: smbclient -L localhost -U Administrator Password: session setup failed: NT_STATUS_LOGON_FAILURE Does anybody know, where do I need to look to fix it? Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: SAMBA + OPENLDAP - Getent - Please help :)
I am not able to download the attached file. May you please send me another copy? Also, I have switched to nss_ldap-207-2.i386.rpm and now I get a segmentation error when I do getent --service=ldap passwd May someone please point me to the right direction? Thank you. Tony Earnshaw [EMAIL PROTECTED] wrote: Jim C.: |Yes. I have followed the instructions from the book, and I have also ... | will cost you both time and sweat .( Heck, I'd be ecstatic if I could just get a schema file patch for posixGroups that appropriately support dn syntax. For me the standard Openldap nis.schema (posix) and samba3 schema work o.k. - of did I have to change the samba3 schema? My working one's attached. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SAMBA + OPENLDAP - Getent - Please help :)
I have setup a SAMBA + OPENLDAP server following Samba-3 By Example, but I have run into several problems. All the tests described in the Chapter 6 such as pdbedit -Lv, slapcat, and ldapsearch -x -b give the desired results. But, getent can't read passwd or group information from ldap backend. I have done my best to solve the problem, but it just doesn't work. I have compiled the nss_ldap from Idealx and configured the /etc/ldap.conf as well as nsswitch.conf according to the instructions, but without any success. May someone please point me, how to troubleshoot this issue? Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] SAMBA + OPENLDAP - Getent - Please help :)
Yes. I have followed the instructions from the book, and I have also tried to use authconfig as it is RedHat AS 3. Thank you. Jeff Saxton [EMAIL PROTECTED] wrote: Have you configured pam and nss? Jeff Saxton Sr. Support Engineer SenSage, Inc. ( Formerly Addamark Technologies, Inc. ) http://www.sensage.com mailto:[EMAIL PROTECTED] OFFICE: +1 415-281-1900x128 CELL: +1 415-640-6392 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Choudary Mumtaz Sent: Friday, January 21, 2005 2:48 PM To: samba@lists.samba.org Subject: [Samba] SAMBA + OPENLDAP - Getent - Please help :) I have setup a SAMBA + OPENLDAP server following Samba-3 By Example, but I have run into several problems. All the tests described in the Chapter 6 such as pdbedit -Lv, slapcat, and ldapsearch -x -b give the desired results. But, getent can't read passwd or group information from ldap backend. I have done my best to solve the problem, but it just doesn't work. I have compiled the nss_ldap from Idealx and configured the /etc/ldap.conf as well as nsswitch.conf according to the instructions, but without any success. May someone please point me, how to troubleshoot this issue? Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] getent doesn't find the ldap users
Hi All: I have configured LDAP and SAMBA following the instructions from samba.org. All the tests slapcat etc. are fine. I have also configured nss using ldap.conf, but getent passwd etc. doesn't find the ldap users. May you please point me to the right direction? Where should I look for errors? Thank you. Asad. - Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-populate - failed to add entry: modifications require authentication
Hi All: I am following the documentation from samba.org to setup a PDC. I am stuck at the initial setup of the directory structure. I am getting the following error message, while running smbldap-populate: failed to add entry: modifications require authentication Please let me know asap if you have an answer. Thank you. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
