[Samba] enforce password settings by policies

hi, i hope you can help me: is there a way to enforce password security (strength, history, ... ) by policies on windows 2k/xp ? gpedit.msc shows me some password settings which i would like to change remotely from our samba PDC after logon thx in advance cheerz -- Michael Gasch Max Planck Inst

[Samba] $B!zM%NI%S%8%M%9>R2p!z(B

$B!z$49XFI$"$j$,$H$&$4$6$$$^$9!#(B $B!!(B $BEv%^%,%8%s$O(BAccessMail$B$NG[?.%7%9%F%`$GAw?.$5$;$FD:$$$F$$$^$9!#(B $B3'MM$N(BHP$B$d?7$7$$%S%8%M%9$r$I$s$I$s>R2p$7$F3'MM$N$*Lr$KN)(B $B$F$l$P$H!"F|!94hD%$C$F$*$j$^$9!#(B $B$I$&$>$40&8\$N$[$I$h$m$7$/$*4j$$CW$7$^$9!#(B(^_^)b (B $B$3$N%^%,

[Samba] using w32tm (WinXP) w/samba3 as DC: can't get DC List

I have a winXP client connecting to Samba 3.09 running as a PDC. The client machine is joined to the domain and the login box shows the domain name as the entity I'm logging into. I don't know if I don't have something set "right" or not, but I noticed my local clock had drifted about 50 seconds of

[Samba] what to do ??

Howdy All, I am the adminstrator in a school which has netware 4.11 ( five servers in the nds tree )as its main student platform. This has been working very well over the past 6 years or so. The school has the ability to obtain a microsoft solution at no cost ( except for the new hardware require

[Samba] idmap LDAP backend

I'm trying to use the LDAP backend for the idmap database but I just can't seem to get it to work. There really is rather pathetic documentation out there on how to implement this. I've basically got my ldap server setup with an OU called smb and another OU under it called idmap. Here is my smb.

[Samba] Updating to Latest Release

Can anyone me why when attempting to install the latest release candidate I get a message that says a newer version is installed? Thanks, Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba

[Samba] Active Directory, Winbind on Solaris 10 sparc

I compiled Samba 3.0.11 with LDAP and Kerberos support (used heimdal because MIT refused to cooperate.) Got it to join the realm. Visible from Windoze land. "getent passwd" and "getent group" work great. So do wbinfo -u and -g. Disabled nscd. /etc/nsswitch.conf shows "passwd: files winbind", a

RE: [Samba] Hula-project and Samba

James Ruthven wrote: > Hello, > > Has anyone run Hula Server (http://www.hula-project.org) and Samba on > the same server and got the user authentication to sync? > > I imagine this would involve configuring Samba to use eDirectory > (Novell) which Hula is using for store. > > I have searched e

Re: [Samba] Re: Where can I find more info on account flags?

On Thu, 2005-03-17 at 16:11 -0800, Jim C. wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > | I actually had an official samba doc I was working off of for the ones > | I had filled out, but ascii art is a nightmare... > > I'll second that. > > OK, one last try without any "art" : >

Re: [Samba] Re: Where can I find more info on account flags?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | I actually had an official samba doc I was working off of for the ones | I had filled out, but ascii art is a nightmare... I'll second that. OK, one last try without any "art" : [NDHTUMWSLKI] ...or N ? D Disabled H Home dir required T ? U User accoun

[Samba] 2 servers, one with plaintext passwds, other encrypted passwds

Hello, at my workplace we have 2 samba servers. One is a PDC called archives1 with encrypted passwords. The other server is called Archives4 and it uses plaintext passwords (encrypted passwords = no in smb.conf). We have a Windows XP user who uses Archives1 for their file sharing, but wants

Re: [Samba] Re: Where can I find more info on account flags?

Still not sure about the accuracy, although everything makes sense except Domain trust account. I actually had an official samba doc I was working off of for the ones I had filled out, but ascii art is a nightmare... -- Paul GiengerOffice: 701-281-1884 Applied Engineering I

Re: [Samba] Re: Where can I find more info on account flags?

Are you sure this is accurate? I have a regular user which I use for most things and his account flags look like this: sambaAcctFlags: [U ] According to your diagram here, that is a workstation account. If it is indeed accurate then we may have an smbldap script bug on our hands, as this

[Samba] Re: Where can I find more info on account flags?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | [NDHTUMWSLKI] | ||| | ||-> Domain trust account) | |-> | -> | |||-> Server trust account | ||-> Workstation account | |-> | -> User account | |||-> | ||-> Home dir required | |-> Disabled | -

[Samba] Re: Where can I find more info on account flags?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Gienger wrote: | I did a little digging around in the source, since the only web sites | I've seen would list a couple. I'd love to see a thorough discussion | myself. Here's what I've found, feel free to fill in the blanks anyone: Are you sure t

Re: [Samba] SMB protocol security flaw

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tony Earnshaw wrote: | Hi, | | It's (possible|probable) that the above was included in | the list postings in February last; at that time I hadn't | even begun with Samba (use it in production now :). If | so,please point me at the archives, if not, cou

[Samba] double share?

Hi all, I have a setup where a linux box mounts an SMB share from another computer, and then shares that mount in turn. Is there any way to make the mounted share writable by visitors to the linux machine? Why do I want this? We have an NT4 machine that runs a database, and people need to sync

RE: [Samba] Winbind - how to map ADS group to Unix group

After much experimentation I think I can better frame this problem. I wanted to be able to map an ADS domain group to a local Unix group. I also wanted to be able to map ADS domain groups/accounts to ROOT. For instance I wanted all members of the ADS group Domain Admins to map to ROOT. My Linux

[Samba] pwsync - wpsync

Hi, I am not sure if these tools are still available on the net for download. But I searched all the search engines bone dry and cannot find it. Do you happen to know the whereabouts of these wonderful tools? Thank you, Donny Jekels Senior Unix Developer (203) 560 3376 - (cell) GPG - 22E4 5193

[Samba] srvtools (Usrmgr.exe) : strange problem

Hello everybody. I have noted a strange problem when using Usrmgr.exe (from srvtools). The problem arise when a net groupmap is done on a group for which a user exist with the same name that the specified unixgroup. For example, lets say that I have the following UNIX user and group create on m

[Samba] SMB protocol security flaw

Hi, It's (possible|probable) that the above was included in the list postings in February last; at that time I hadn't even begun with Samba (use it in production now :). If so,please point me at the archives, if not, could someone please comment? >From the last SANS NewsBites (apologies for the l

[Samba] Thursby's DAVE and Symlinks

Does anybody here have any experience with Thursby's DAVE and symlinks on a Samba Server? When I connect to my Linux Samba Server via DAVE (running on Mac OS X 10.3.8), I can see all the links that I have made to files that reside in other directories on the Linux Server. However, Mac OS

Re: [Samba] smbpasswd to LDAP

mess. My question is Shouldn't I somehow be able to insert samba passwords into the LDAP database and move on? Or is it just past that point now? Well, you can do one of two things, as I see it: 1. Try to run pdbedit with import/export flags and point it at your password file. Note that I d

Re: [Samba] smbpasswd to LDAP

Quoting Luca Olivetti <[EMAIL PROTECTED]>: > Matt Lung wrote: > > Is there a way to take users samba passwords from an old 2.x Samba server, > and > > insert them into a new 3.x Samba server that using an LDAP backend? The > new > > server is already populated with all users and groups in LDAP an

[Samba] 3.0.11 and KB828741 password bug

Hello, I'm having troubles with what I'm quite positive was the bug related to the MS KB828741 hotfix that was fixed in samba 3.0.4, but I'm running 3.0.11, i think [EMAIL PROTECTED] root]# smbd --version Version 3.0.11 [EMAIL PROTECTED] root]# If I remove the Hotfix on my workstation, I can

Re: [Samba] smbpasswd to LDAP

Matt Lung wrote: Is there a way to take users samba passwords from an old 2.x Samba server, and insert them into a new 3.x Samba server that using an LDAP backend? The new server is already populated with all users and groups in LDAP and is currently on a test network. All that is needed is the u

[Samba] Samba 2.2 vs. 3: Domain Member & Winbind quick question

I have a Samba 2.2 box set up as a member server in a Windows domain. Any random Windows domain user can connect and a local Linux system account is created on the fly, as it should. I am trying to do the same on another box with Samba 3. However, when I connect from a Windows domain member, I get

[Samba] Re: Configure Samba with non-standard OpenLDAP location

> Tony Earnshaw: > > > Dariusz Lis: > > How to configure (and compile) Samba with non-standard OpenLDAP > > location? > > Is it possible? > > Basically, yes. It all depends on where the LDAP libraries (libldap, > liblber) were told to look for ${prefix} during the OpenLDAP compilation. > When Samba

[Samba] OW #10.10 - How do you save documents?

--==>> OFFICE WATCH <<==-- The Microsoft Office newsletter from Woody's Watch. Your independent source for MS Office advice and news since 1996 17 March 2005 Vol 10 No 10 New! "The Desktop Search Handbook" - http://shop.woodyswatch.com/dsh/ Advertise in Wood

Re: [Samba] Compile error: libsmbclient on 12rc1 on Solaris 9

Thanks very much. Will update and rebuild on the test box later today! --David Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Pullman wrote: | snip from make.log: | Compiling libsmb/libsmbclient.c with -KPIC | "libsmb/libsmbclient.c", line 3249: warning: argument

[Samba] smbpasswd to LDAP

Is there a way to take users samba passwords from an old 2.x Samba server, and insert them into a new 3.x Samba server that using an LDAP backend? The new server is already populated with all users and groups in LDAP and is currently on a test network. All that is needed is the users samba passwo

Re: [Samba] samba pdc + winbind possible ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Collen wrote: | Hmm, sorry tryed it, read the info. but pam_smbpass is only if you | use the samba (textfile) passwd backend. | so it's no good, if you have a mysql or other passdb backend.! | but i found a solution, without using winbind! | | pam_smb_a

Re: [Samba] winbind: How to map windows admin-user to Linux root ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yanping Du wrote: | Hi, | | Is there any way that I can map window AD admin-user | to Linux root user (uid=gid=0) ? | I noticed that windows Active-Directory users can use | "idmap [uid-range]" to map to Linux users, but the | idmap uid-range doesn't

[Samba] Samba Server

Hi All, I have installed Samba 3.0.10 on Solaris 9. As of right now my windows client machine can access the solaris and all its file. I want it make it so that solaris can access all of windows. Specifically I want it access my windows fileserver. Thanks in Advance Jijo http://www.Care2.com

Re: [Samba] smbldap-tools question

To test, I suggest that you stop your iptables services (by running "service iptable stop"). Then try to join your domain. On XP clients, you should edit a regtry key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword: Regards --- Mist

Re: [Samba] Where can I find more info on account flags?

I did a little digging around in the source, since the only web sites I've seen would list a couple. I'd love to see a thorough discussion myself. Here's what I've found, feel free to fill in the blanks anyone: [NDHTUMWSLKI] ||| ||-> Domain trust account) |-> ->

[Samba] smbldap-tools question

When I used smbldap-populate way back when I set up my LDAP server, I got two sambaDomainName objects in my LDAP tree -- one for the domain name (CORP) and one for the PDC Netbios name (CORPSRV). My Windows XP systems complain that they can't find the PDC for the domain CORPSRV. I am wondering

Re: [Samba] Compile error: libsmbclient on 12rc1 on Solaris 9

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Pullman wrote: | snip from make.log: | Compiling libsmb/libsmbclient.c with -KPIC | "libsmb/libsmbclient.c", line 3249: warning: argument #3 is incompatible | with prototype: | prototype: pointer to char : "libsmb/libsmbclient.c", line 116

[Samba] Browsing list problem

Hey all, bit of an odd problem here; perhaps you can help: First off, we've got two samb a servers; one acting as a PDC, and the other a BDC, both share the same dat, (they sync data back and forth to each other using rsync for backups). Both access LDAP for users and passwords from LDAP. WINS run

[Samba] Winbind, pam_mkhomedir.so problem with long usernames

Hi, I've been succesfully connecting my SuSE Linux (since version 9.0) to my organization's NT domain using Samba's Winbind. The thing is multiple users use my PC, not only myself. Though it was also necessary to setup my pam.d to automatically create their home folders at first logon (using pa

Re: [Samba] HELP !!! migrating from win2000 pdc to linux pdc

Hi, I did remove the windows PDC from the network by way of switching it off. Something occurred to me, if the windows xp box has LOGONSERVER=//TESTPDC then is it possible to fix this problem by changing the netbios name of LINUXPDC to TESTPDC. That way win xp boxes would point to the new serv

[Samba] Samba 3.0.11 compile issue on AIX5.1 - pdb_ldap.c

I've run into a compile problem with Samba 3.0.11 and have searched the web, lists, and bugzilla for assistance, but was unable to find anything that helped with these errors. I have been able to successfully build this release without ldap/ads support, however with the ldap/ads support it fails to

RE: [Samba] Samba configure script not finding ldap libs

Try: LDFLAGS='-L/usr/lib' export LDFLAGS then run ./configure -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Theodore Jencks Sent: Wednesday, March 16, 2005 9:54 PM To: samba@lists.samba.org Subject: [Samba] Samba configure script not finding ldap libs

RE: ***SPAM*** Re: [Samba] Configure Samba with non-standard OpenLDAPlocation

Try the configure format below: LDFLAGS='-L/usr/local/openldap/lib' CPPFLAGS='-I/usr/local/openldap/include' ./configure --prefix=/usr/local/samba-3.0.12pre1 --with-ldap --with-ads --with-winbind --with-krb5=/usr/local/krb5-1.3.5 --with-libiconv=/usr/local/libiconv-1.9.1 That's from my own compil

Re: [Samba] Share Group Access

How do you make a group a member of a group ??? (newb) - Original Message - From: "Michael Wray" <[EMAIL PROTECTED]> To: Sent: Wednesday, March 16, 2005 10:05 PM Subject: Re: [Samba] Share Group Access > Easy fix: Make group D and add GROUP A and B as members, but not C, then make > t

Re: [Samba] HELP !!! migrating from win2000 pdc to linux pdc

On Thursday 17 March 2005 10:32, Phil Dawson wrote: > John, > > In my original port I said > > quote: "changed linuxpdc to be domain master" > > I wrote to mean "changed linuxpdc to be ROLE_DOMAIN_PDC". Sorry if I > didn't make myself clear. I did test with testparm before trying to log > on

[Samba] samba server shows up as Domain Controller

Hi All, I finally compiled Samba 3.0.12pre1 (and 3.0.11) successfully on AIX 4.3.3! The steps I took will be placed at http://itayemi.tripod.com/samba.aix433.html Issues: I have joined an AD domain with the following commands. When I check on AD, I find that the computer is listed as a "DOMAIN C

[Samba] Hula-project and Samba

Hello, Has anyone run Hula Server (http://www.hula-project.org) and Samba on the same server and got the user authentication to sync? I imagine this would involve configuring Samba to use eDirectory (Novell) which Hula is using for store. I have searched everywhere for documentation referencing

Re: [Samba] samba pdc + winbind possible ?

Hmm, sorry tryed it, read the info. but pam_smbpass is only if you use the samba (textfile) passwd backend. so it's no good, if you have a mysql or other passdb backend.! but i found a solution, without using winbind! pam_smb_auth.so !! that did the trick.. only i downloaded the ftp://ftp.samba.org

[Samba] ADS Samba Syncronisation

Hey, my English is not very good. Sorry My Problem: I have a Windows 2000 ADS Dommain and my Samba Server is Member of this Domain. The Users has a lot of directorys on the Smab Server. The User rights for the Smba Directorys are: owner root, group Windows 2000 group, other ---. The Access to the

[Samba] log.smbd: connection to ldap server failed

Dear all, I have a samba 3 PDC with authentication through an OpenLDAP directory. When I enter the Administrator sername and password to join my domain, I receive a "Failer to open a session...". I check my log.smbd file, it indicates "Connection to LDAP server failed for the Xth try". If I try

Re: [Samba] HELP !!! migrating from win2000 pdc to linux pdc

John, In my original port I said quote: "changed linuxpdc to be domain master" I wrote to mean "changed linuxpdc to be ROLE_DOMAIN_PDC". Sorry if I didn't make myself clear. I did test with testparm before trying to log on. Everything looked ok. Again, it didn't work. What I have tried s

[Samba] Re: is it possible to cut and paste linux shadow file passwd hashes to smbpasswd file?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | is it possible to cut and paste linux shadow file passwd hashes to | smbpasswd file? ...and have it work? I'm afraid not. What you need is: passwd program = /usr/bin/passwd '%u' unix password sync = Yes This way, when a user changes their password, bo

Re: [Samba] Samba(PDC)+LDAP+XPpro cannot join domain /w XP pro machine

I am runing into a similar problem. The difference is that when I enter the admin passwd to join my domain, a session failes to be opened... For you, I'd suggest that you check your password encryption type if it is set correctly... --- Steven Jacobs <[EMAIL PROTECTED]> a écrit : > I receive a