On Fri, Mar 23, 2012 at 10:51:47AM +, Johan Hendriks wrote:
Thanks for the reply.
probably my lack of understanding the whole thing is making it a little
confusing for me.
Is there a way to get the same id's on a second server.
You could move to using an LDAP backend, then it'll
I have an odd situation where Samba 3.x domain members in an Active
Directory 2008 R2 domain cannot authenticate the Administrator. All
other users work, but if I try to connect to the samba services as the
domain Administrator, authentication fails. The Windows domain
controllers are happy to
On Tue, Aug 02, 2011 at 08:17:01PM +0200, Frédéric Bérard wrote:
Is it possible to configure a system of authentication based on SSO
samba (and certainly ldap and lot of others things) ?
Which things need to authenticate? At my current workplace, I've set up
Samba with an LDAP backend. Linux
On Thu, Jun 23, 2011 at 01:00:55PM +0100, Dermot wrote:
Found it.
It turns out that the config file for libnss-ldap is
/etc/libnss-ldap.conf on my distro (Debian). So NSS was ignoring the
config that I had been in /etc/ldap/ldap.conf and taking it from
/etc/libnss-ldap.conf.
As far as I'm
On Thu, Jun 23, 2011 at 02:20:56PM +0100, Dermot wrote:
I would have thought, but I am no expert, that
samba would have used the config from smb.conf and that ldapsearch
(and anything else that didn't have hooks else where) would use
/etc/ldap/ldap.conf.
In smb.conf you specify those things
On Thu, Jun 09, 2011 at 10:39:50AM +0100, Bruce Richardson wrote:
I've been testing DFS roots and I'm finding that while Vista and 2008
Server clients can connect with no problems, Windows XP Pro and 2003
Server clients fail. This seems like it's the wrong way round - Samba
usually has more
I've been testing DFS roots and I'm finding that while Vista and 2008
Server clients can connect with no problems, Windows XP Pro and 2003
Server clients fail. This seems like it's the wrong way round - Samba
usually has more difficulties with recent Windows versions than older
ones - but I can
On Thu, Jun 09, 2011 at 12:42:48PM +0200, Daniel Müller wrote:
For me working without any trouble. Centos 5.5,5.4,5.6.
Did you:
host msdfs=yes???
That's the default setting for host msdfs, so there should be no need to
set it. But yes, I did set it explicitly and it made no difference.
It is
On Mon, Dec 20, 2010 at 11:19:52AM +0100, Steffen Frömer wrote:
Hi,
i have problems connecting to DFS-Share from Client WindowsXP. Same
configuration works fine for Windows Vista and 7. On Windows 7 the
LMCompatibility Level is 3.
I missed this in my previous search of the archives.
On Thu, Jun 09, 2011 at 09:14:39AM -0400, John Drescher wrote:
Its working for me for years at work with (xp, xp64, and now windows7
64 bit). I as of a few months I am running samba-3.5.8 on the dfs root
however I had 3.0.37 installed up until recently.
Did you reboot the xp clients after
Have you tried using the real ip address in the links? I switched to
that years ago to allow cifs-msdfs links without a dns server. I am
not sure if that had any effect on XP clients though.
Interesting idea, just tried it, didn't work. Shame.
--
Bruce
Explota!: miles de lemmings no
On Thu, Jun 09, 2011 at 10:47:26AM -0400, John Drescher wrote:
There may be some difference between our set-up (LDAP-backed Samba 3.x
domain) and yours,
I am using a samba ldap domain.
I wonder what is different about our configurations that makes the
difference. I wonder, could you send
On Thu, Mar 17, 2011 at 04:02:29PM +0300, Vladimir Vassiliev wrote:
Hi all,
i use Samba 3.5.6 in ads mode (Windows 2008R2) with ldap idmap backend.
Servers run Centos 4 and 5.
I can't cope with next issue for long time.
On all servers in domain winbind constantly tries to create
On Thu, Mar 17, 2011 at 05:06:03PM +0300, Vladimir Vassiliev wrote:
Why have you created a local computer domain, out of interest?
I didn't do it, Samba did. Really I dunno how to add extra domain to Samba.
How can I delete this domain?
Something did it. Was this machine a domain controller
On Thu, Mar 17, 2011 at 09:50:14AM -0500, Chris Weiss wrote:
yes, filesystem permissions do override any share level permissions in
the conf. you'll need to adjust hrshared permissions as needed.
Pedantically, it's not that one overrides the other; the restrictions in
the two different
On Wed, Mar 16, 2011 at 11:09:59AM +0100, J. Echter wrote:
Hi,
i have a Samba PDC (no LDAP) and added add user script to my config.
I can create the user with no problems, login is possible but the
/home/samba/profile/user dir is not created.
It'll be created automatically when the user
On Wed, Mar 16, 2011 at 12:16:52PM +0100, J. Echter wrote:
no, i want to have a profile dir created when a new created user
logs in. that's it. :)
Well, as long as you have the correct acls on the share and permissons
on the directory, the user's workstation should try to create the
user
On Wed, Mar 16, 2011 at 11:21:42AM +0100, Marco Ciampa wrote:
IMHO you have to create it with a script.
In that script you will create the user (with useradd) and then the profile
dir...
I think it is probably a bad idea to do this with a script unless you
have some good reason to need it.
On Wed, Mar 16, 2011 at 04:17:05PM +0100, J. Echter wrote:
Am 16.03.2011 13:01, schrieb Bruce Richardson:
On Wed, Mar 16, 2011 at 12:16:52PM +0100, J. Echter wrote:
no, i want to have a profile dir created when a new created user
logs in. that's it. :)
If you create these directories
On Wed, Mar 16, 2011 at 12:01:52PM +, Bruce Richardson wrote:
What do you have in your logon path setting in smb.conf?
You never answered this question. You don't need to have anything
there, because it defaults to \\%N\%U\profile, but if you do have
something there, what is it?
Are you
On Fri, Jan 14, 2011 at 02:51:58AM +0900, TAKAHASHI Motonobu wrote:
2011/1/13 Kevin Taylor groucho.64...@hotmail.com:
Is there a way that we can increment the samba bad password count, when a
user fails a password on a linux system? I'm looking for ways to get both
Windows and Linux to
On Mon, Jan 10, 2011 at 07:05:54AM -0500, William E Jojo wrote:
Look at:
net rpc rights grant username SeMachineAccountPrivilege
This will add users to the account_policy.tdb file with join rights in that
domain. When you upgrade or move to another machine, be sure to bring this
file
On Thu, Nov 04, 2010 at 11:50:03AM -0700, James D. Parra wrote:
Hello Bruce,
Still can't get setfacl to get group or user info from the AD (Windows 2003)
I have the following in nsswitch.conf;
passwd: compat ldap
group: files ldap
Have you put the correct details into the nss_ldap
On Wed, Nov 03, 2010 at 05:05:28PM -0700, James D. Parra wrote:
Well it does if you're using winbindd to map DOMAIN\\groupname
to a group on the box :-).
~
Thank you Jeremy. What is the best way to do that?
The key tool is nsswitch. Winbind may or may not be
On Tue, Nov 02, 2010 at 10:09:16AM +0100, Daniel Müller wrote:
Dear all,
after a lot of thinking about the registry way of configuring samba I came
about that group policies are especially stored things in the registry.
Group policies alter the registry of Windows workstations and member
On Thu, Oct 28, 2010 at 09:16:43PM -0400, Robert Moskowitz wrote:
Are there any good articles comparing features/functions of a
Workgroup compared to a Domain?
If you don't want the centralised control of a Windows domain, leave
Workgroups well alone; they are fragilel overly complex for what
On Fri, Oct 29, 2010 at 06:50:08PM -0500, John H Terpstra wrote:
Please help use to understand exactly how ZeroConf helps with user and
group management. Confused by your answer!
Are you one of the original posters alternate personalities? Otherwise,
I'm a little confused by yours. The OP
Having set up two way trust between a Samba domain (with LDAP backend)
and an AD domain, I find that
1. Users from the trusted domain are authenticated against the proper
DC (that is, their regular password works), but only if there is a
corresponding local domain user.
2. Users from the
On Thu, Oct 21, 2010 at 05:02:55PM -0400, Gaiseric Vandal wrote:
I have not tried ssh'ing in as a trusted domain user (I definately
don't want that available..)
It's not something I want to make available, but it was an important
test to prove that winbind was creating the correct idmap
29 matches
Mail list logo
