hi,
i hope you can help me:
is there a way to enforce password security (strength, history, ... ) by
policies on windows 2k/xp ?
gpedit.msc shows me some password settings which i would like to change
remotely from our samba PDC after logon
thx in advance
cheerz
--
Michael Gasch
Max Planck Inst
$B!z$49XFI$"$j$,$H$&$4$6$$$^$9!#(B
$B!!(B
$BEv%^%,%8%s$O(BAccessMail$B$NG[?.%7%9%F%`$GAw?.$5$;$FD:$$$F$$$^$9!#(B
$B3'MM$N(BHP$B$d?7$7$$%S%8%M%9$r$I$s$I$s>R2p$7$F3'MM$N$*Lr$KN)(B
$B$F$l$P$H!"F|!94hD%$C$F$*$j$^$9!#(B
$B$I$&$>$40&8\$N$[$I$h$m$7$/$*4j$$CW$7$^$9!#(B(^_^)b
(B
$B$3$N%^%,
I have a winXP client connecting to Samba 3.09 running as a PDC.
The client machine is joined to the domain and the login box
shows the domain name as the entity I'm logging into.
I don't know if I don't have something set "right" or not, but I
noticed my local clock had drifted about 50 seconds of
Howdy All,
I am the adminstrator in a school which has netware 4.11 ( five servers in
the nds tree )as its main student platform. This has been working very
well over the past 6 years or so.
The school has the ability to obtain a microsoft solution at no cost (
except for the new hardware require
I'm trying to use the LDAP backend for the idmap database but I just
can't seem to get it to work. There really is rather pathetic
documentation out there on how to implement this. I've basically got my
ldap server setup with an OU called smb and another OU under it called
idmap. Here is my smb.
Can anyone me why when attempting to install the latest release candidate I
get a message that says a newer version is installed?
Thanks,
Dave
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
I compiled Samba 3.0.11 with LDAP and Kerberos support (used heimdal
because MIT refused to cooperate.)
Got it to join the realm. Visible from Windoze land.
"getent passwd" and "getent group" work great. So do wbinfo -u and -g.
Disabled nscd. /etc/nsswitch.conf shows "passwd: files winbind", a
James Ruthven wrote:
> Hello,
>
> Has anyone run Hula Server (http://www.hula-project.org) and Samba on
> the same server and got the user authentication to sync?
>
> I imagine this would involve configuring Samba to use eDirectory
> (Novell) which Hula is using for store.
>
> I have searched e
On Thu, 2005-03-17 at 16:11 -0800, Jim C. wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> | I actually had an official samba doc I was working off of for the ones
> | I had filled out, but ascii art is a nightmare...
>
> I'll second that.
>
> OK, one last try without any "art" :
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
| I actually had an official samba doc I was working off of for the ones
| I had filled out, but ascii art is a nightmare...
I'll second that.
OK, one last try without any "art" :
[NDHTUMWSLKI]
...or
N ?
D Disabled
H Home dir required
T ?
U User accoun
Hello, at my workplace we have 2 samba servers. One is a PDC called
archives1 with encrypted passwords. The other server is called
Archives4 and it uses plaintext passwords (encrypted passwords = no in
smb.conf). We have a Windows XP user who uses Archives1 for their file
sharing, but wants
Still not sure about the accuracy, although everything makes sense
except Domain trust account.
I actually had an official samba doc I was working off of for the ones
I had filled out, but ascii art is a nightmare...
--
Paul GiengerOffice: 701-281-1884
Applied Engineering I
Are you sure this is accurate? I have a regular user which I use for
most things and his account flags look like this:
sambaAcctFlags: [U ]
According to your diagram here, that is a workstation account. If it is
indeed accurate then we may have an smbldap script bug on our hands, as
this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
| [NDHTUMWSLKI]
| |||
| ||-> Domain trust account)
| |->
| ->
| |||-> Server trust account
| ||-> Workstation account
| |->
| -> User account
| |||->
| ||-> Home dir required
| |-> Disabled
| -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Gienger wrote:
| I did a little digging around in the source, since the only web sites
| I've seen would list a couple. I'd love to see a thorough discussion
| myself. Here's what I've found, feel free to fill in the blanks anyone:
Are you sure t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tony Earnshaw wrote:
| Hi,
|
| It's (possible|probable) that the above was included in
| the list postings in February last; at that time I hadn't
| even begun with Samba (use it in production now :). If
| so,please point me at the archives, if not, cou
Hi all,
I have a setup where a linux box mounts an SMB share from another computer,
and then shares that mount in turn.
Is there any way to make the mounted share writable by visitors to the linux
machine?
Why do I want this? We have an NT4 machine that runs a database, and people
need to sync
After much experimentation I think I can better frame this problem. I
wanted to be able to map an ADS domain group to a local Unix group. I also
wanted to be able to map ADS domain groups/accounts to ROOT. For instance I
wanted all members of the ADS group Domain Admins to map to ROOT. My Linux
Hi,
I am not sure if these tools are still available on the net for download.
But I searched all the search engines bone dry and cannot find it.
Do you happen to know the whereabouts of these wonderful tools?
Thank you,
Donny Jekels
Senior Unix Developer
(203) 560 3376 - (cell)
GPG - 22E4 5193
Hello everybody. I have noted a strange problem when using Usrmgr.exe
(from srvtools). The problem arise when a net groupmap is done on a
group for which a user exist with the same name that the specified
unixgroup. For example, lets say that I have the following UNIX user and
group create on m
Hi,
It's (possible|probable) that the above was included in the list postings
in February last; at that time I hadn't even begun with Samba (use it in
production now :). If so,please point me at the archives, if not, could
someone please comment?
>From the last SANS NewsBites (apologies for the l
Does anybody here have any experience with Thursby's DAVE and symlinks on a
Samba Server?
When I connect to my Linux Samba Server via DAVE (running on Mac OS X
10.3.8), I can see all the links that I have made to files that reside in
other
directories on the Linux Server. However, Mac OS
mess. My question is Shouldn't I somehow be able to insert samba passwords into
the LDAP database and move on? Or is it just past that point now?
Well, you can do one of two things, as I see it:
1. Try to run pdbedit with import/export flags and point it at your
password file. Note that I d
Quoting Luca Olivetti <[EMAIL PROTECTED]>:
> Matt Lung wrote:
> > Is there a way to take users samba passwords from an old 2.x Samba server,
> and
> > insert them into a new 3.x Samba server that using an LDAP backend? The
> new
> > server is already populated with all users and groups in LDAP an
Hello,
I'm having troubles with what I'm quite positive was the bug related to
the MS KB828741 hotfix that was fixed in samba 3.0.4, but I'm running
3.0.11, i think
[EMAIL PROTECTED] root]# smbd --version
Version 3.0.11
[EMAIL PROTECTED] root]#
If I remove the Hotfix on my workstation, I can
Matt Lung wrote:
Is there a way to take users samba passwords from an old 2.x Samba server, and
insert them into a new 3.x Samba server that using an LDAP backend? The new
server is already populated with all users and groups in LDAP and is currently
on a test network. All that is needed is the u
I have a Samba 2.2 box set up as a member server in a Windows domain.
Any random Windows domain user can connect and a local Linux system
account is created on the fly, as it should.
I am trying to do the same on another box with Samba 3. However, when I
connect from a Windows domain member, I get
> Tony Earnshaw:
>
> > Dariusz Lis:
> > How to configure (and compile) Samba with non-standard OpenLDAP
> > location?
> > Is it possible?
>
> Basically, yes. It all depends on where the LDAP libraries (libldap,
> liblber) were told to look for ${prefix} during the OpenLDAP compilation.
> When Samba
--==>> OFFICE WATCH <<==--
The Microsoft Office newsletter from Woody's Watch.
Your independent source for MS Office advice and news since 1996
17 March 2005 Vol 10 No 10
New! "The Desktop Search Handbook" - http://shop.woodyswatch.com/dsh/
Advertise in Wood
Thanks very much. Will update and rebuild on the test box later today!
--David
Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Pullman wrote:
| snip from make.log:
| Compiling libsmb/libsmbclient.c with -KPIC
| "libsmb/libsmbclient.c", line 3249: warning: argument
Is there a way to take users samba passwords from an old 2.x Samba server, and
insert them into a new 3.x Samba server that using an LDAP backend? The new
server is already populated with all users and groups in LDAP and is currently
on a test network. All that is needed is the users samba passwo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Collen wrote:
| Hmm, sorry tryed it, read the info. but pam_smbpass is only if you
| use the samba (textfile) passwd backend.
| so it's no good, if you have a mysql or other passdb backend.!
| but i found a solution, without using winbind!
|
| pam_smb_a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yanping Du wrote:
| Hi,
|
| Is there any way that I can map window AD admin-user
| to Linux root user (uid=gid=0) ?
| I noticed that windows Active-Directory users can use
| "idmap [uid-range]" to map to Linux users, but the
| idmap uid-range doesn't
Hi All,
I have installed Samba 3.0.10 on Solaris 9.
As of right now my windows client machine can access the solaris and
all its file.
I want it make it so that solaris can access all of windows.
Specifically I want it access my windows fileserver.
Thanks in Advance
Jijo
http://www.Care2.com
To test, I suggest that you stop your iptables
services (by running "service iptable stop"). Then try
to join your domain.
On XP clients, you should edit a regtry key:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requiresignorseal"=dword:
Regards
--- Mist
I did a little digging around in the source, since the only web sites
I've seen would list a couple. I'd love to see a thorough discussion
myself. Here's what I've found, feel free to fill in the blanks anyone:
[NDHTUMWSLKI]
|||
||-> Domain trust account)
|->
->
When I used smbldap-populate way back when I set up my LDAP server, I got two
sambaDomainName objects in my LDAP tree -- one for the domain name (CORP) and
one for the PDC Netbios name (CORPSRV). My Windows XP systems complain that
they can't find the PDC for the domain CORPSRV. I am wondering
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Pullman wrote:
| snip from make.log:
| Compiling libsmb/libsmbclient.c with -KPIC
| "libsmb/libsmbclient.c", line 3249: warning: argument #3 is incompatible
| with prototype:
| prototype: pointer to char : "libsmb/libsmbclient.c", line 116
Hey all, bit of an odd problem here; perhaps you can help:
First off, we've got two samb a servers; one acting as a PDC, and the other
a BDC, both share the same dat, (they sync data back and forth to each other
using rsync for backups). Both access LDAP for users and passwords from
LDAP. WINS run
Hi, I've been succesfully connecting my SuSE Linux (since version 9.0) to my
organization's NT domain using Samba's Winbind. The thing is multiple users
use my PC, not only myself. Though it was also necessary to setup my pam.d
to automatically create their home folders at first logon (using
pa
Hi,
I did remove the windows PDC from the network by way of switching it off.
Something occurred to me, if the windows xp box has LOGONSERVER=//TESTPDC
then is it possible to fix this problem by changing the netbios name of
LINUXPDC to TESTPDC. That way win xp boxes would point to the new serv
I've run into a compile problem with Samba 3.0.11 and have searched the
web, lists, and bugzilla for assistance, but was unable to find anything
that helped with these errors. I have been able to successfully build
this release without ldap/ads support, however with the ldap/ads support
it fails to
Try:
LDFLAGS='-L/usr/lib'
export LDFLAGS
then run ./configure
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Theodore Jencks
Sent: Wednesday, March 16, 2005 9:54 PM
To: samba@lists.samba.org
Subject: [Samba] Samba configure script not finding ldap libs
Try the configure format below:
LDFLAGS='-L/usr/local/openldap/lib'
CPPFLAGS='-I/usr/local/openldap/include' ./configure
--prefix=/usr/local/samba-3.0.12pre1 --with-ldap --with-ads
--with-winbind --with-krb5=/usr/local/krb5-1.3.5
--with-libiconv=/usr/local/libiconv-1.9.1
That's from my own compil
How do you make a group a member of a group ??? (newb)
- Original Message -
From: "Michael Wray" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, March 16, 2005 10:05 PM
Subject: Re: [Samba] Share Group Access
> Easy fix: Make group D and add GROUP A and B as members, but not C, then
make
> t
On Thursday 17 March 2005 10:32, Phil Dawson wrote:
> John,
>
> In my original port I said
>
> quote: "changed linuxpdc to be domain master"
>
> I wrote to mean "changed linuxpdc to be ROLE_DOMAIN_PDC". Sorry if I
> didn't make myself clear. I did test with testparm before trying to log
> on
Hi All,
I finally compiled Samba 3.0.12pre1 (and 3.0.11) successfully on AIX
4.3.3!
The steps I took will be placed at
http://itayemi.tripod.com/samba.aix433.html
Issues:
I have joined an AD domain with the following commands. When I check on
AD,
I find that the computer is listed as a "DOMAIN C
Hello,
Has anyone run Hula Server (http://www.hula-project.org) and Samba on
the same server and got the user authentication to sync?
I imagine this would involve configuring Samba to use eDirectory
(Novell) which Hula is using for store.
I have searched everywhere for documentation referencing
Hmm, sorry tryed it, read the info. but pam_smbpass is only if you
use the samba (textfile) passwd backend.
so it's no good, if you have a mysql or other passdb backend.!
but i found a solution, without using winbind!
pam_smb_auth.so !! that did the trick..
only i downloaded the ftp://ftp.samba.org
Hey,
my English is not very good. Sorry
My Problem: I have a Windows 2000 ADS Dommain and my Samba Server is Member
of this Domain. The Users has a lot of directorys on the Smab Server. The
User rights for the Smba Directorys are: owner root, group Windows 2000
group, other ---. The Access to the
Dear all,
I have a samba 3 PDC with authentication through an
OpenLDAP directory.
When I enter the Administrator sername and password to
join my domain, I receive a "Failer to open a
session...".
I check my log.smbd file, it indicates "Connection to
LDAP server failed for the Xth try".
If I try
John,
In my original port I said
quote: "changed linuxpdc to be domain master"
I wrote to mean "changed linuxpdc to be ROLE_DOMAIN_PDC". Sorry if I
didn't make myself clear. I did test with testparm before trying to log
on. Everything looked ok. Again, it didn't work. What I have tried
s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
| is it possible to cut and paste linux shadow file passwd hashes to
| smbpasswd file?
...and have it work? I'm afraid not. What you need is:
passwd program = /usr/bin/passwd '%u'
unix password sync = Yes
This way, when a user changes their password, bo
I am runing into a similar problem.
The difference is that when I enter the admin passwd
to join my domain, a session failes to be opened...
For you, I'd suggest that you check your password
encryption type if it is set correctly...
--- Steven Jacobs <[EMAIL PROTECTED]> a écrit :
> I receive a
54 matches
Mail list logo