Another option might be to use a cheap VPN like OpenVPN
On 10 March 2010 15:36, simo wrote:
> On Wed, 2010-03-10 at 18:11 +0530, Sai Ram Purandhar-B22305 wrote:
> > Hi List,
> >
> >
> >
> > I'm using Fedora 12, which has samba 3.4.6 version. Can I configure
> > Samba with SSL support?
>
> No, CI
Sorry, /etc/init.d/nscd stop
On 10 March 2010 12:25, David Markey wrote:
> Are you using nscd?
>
> /etc/nscd stop and see what happens
>
>
> On 10 March 2010 12:16, wrote:
>
>> I channged the add machine and the add user script to:
>> smbldap-useradd .. "
Are you using nscd?
/etc/nscd stop and see what happens
On 10 March 2010 12:16, wrote:
> I channged the add machine and the add user script to:
> smbldap-useradd .. "%u" && nscd -i passwd && sleep 1s
> I think that is what you mean? Unfortunately it didn't solved the problem.
>
> >> On 09 Mar 2
I *think* there'e GPLv3 problems with distributing samba 3.4 with Solaris.
You could be waiting a while.
On Fri, 04 Dec 2009 09:59:06 -0500, Gaiseric Vandal
wrote:
> On 12/03/09 17:42, Gaiseric Vandal wrote:
>> Sunfreeware.com has compiled packages of Samba 3.4.2 with kerberos and
>> ldap sup
used as the
> password for the user DN used to bind to the ldap server.
>
> hmmm...
>
>> -Ursprüngliche Nachricht-
>> Von: David Markey [mailto:dmar...@dodds.dmarkey.com]
>> Gesendet: Montag, 7. September 2009 00:53
>> An: Zeller, Jan
>> Cc: s
These are the settings i use:
[global]
workgroup = TESTDOM
encrypt passwords = true
passdb backend = ldapsam:ldapi:///
domain logons = yes
ldapsam:trusted=yes
ldapsam:editposix=yes
restrict anonymous = 0
log level = 10
log file = /var/log/samba
ldap admin dn = cn=admin,dc=sam
This caught me out too.
sambaPwdMustChange has been phased out since late in the 3.0 series. It is
ignored.
The password expiry is calculated on the fly from sambaPwdLastChange +
sambaMaxPwdAge(Domain entry)
You will have to run the same version of samba on both PDC and BDC.
On Tue, 01 Sep
Use the popular heimdal, openldap + smbk5pwd, samba3 combo
This will keep samba/ldap/kerberos passwords in sync no matter how or where
the password is changed.
Otherwise you could do some pam hackery, perhaps stacking pam_winbind and
pam_krb5 for password changing. You would have to do this on
ldap ssl = off
On Thu, 13 Aug 2009 23:26:37 +0200, Chris Osicki
wrote:
> Hi
>
> I've just upgraded Samba on Solaris 10 from the bundled version (3.0.33)
> to 3.4.0 and winbind don't want to cooperate with LDAP as idmap backend
> anymore.
>
> The smb.conf I use is:
>
> [global]
> workgro
Yup unfortunately rights granted using net sam/rpc and usrmgr are saved
locally in a TDB file(account_policy), this should probably be in LDAP, i
suppose it sould be possible to rsync the tdb file.
On Wed, 5 Aug 2009 17:10:54 -0500, David Christensen
wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
Any version of OpenLDAP should work, in fact any LDAP server should
work(SunONE, Tivoli, Fedora), OpenLDAP is required for smbk5pwd however.
If you want to do replication you should probably use OpenLDAP 2.4.17, it
has a lot of fixes in this area, its not that hard to compile from scratch.
On W
What is the domain controller, Samba, AD, or an NT domain?
On Mon, 27 Jul 2009 17:51:45 -0300, "Herbert G. Fischer"
wrote:
> Hi,
>
> I've spent two days trying to figure out how to solve this,
> researching on the web, etc, and found no answer... :S
>
> I've setup a Ubuntu 9.04 with Samba a
It's possible to use nss_ldap and idmap backend = nss and no winbind, like
you are describing.
It's also possible to use nss_winbind and no nss_ldap, however there has
been a bug on the server side that has stopped this from working. So the
option above is your only option unless you have a versio
Have you tried:
mv /bin/sh /bin/sh.old
ln -s /bin/bash /bin/sh
rm /bin/sh && mv /bin/sh.old /bin/sh
On Tue, 23 Jun 2009 15:18:04 +0200 (CEST), christoph.be...@desy.de wrote:
> Hi,
>
> I found some hints but no solution that worked for me actually, I try to
> compile 3.3.5 on Solaris
AIX doesnt have a pam.conf. it uses LAM.
change
obey pam restrictions = yes
to
obey pam restrictions = no
William Jojo wrote:
> Arendt, Volker wrote:
>> Hello all,
>>
>> we currently do have a problem with samba 3.3.4 on AIX 5.3.
>> We have set up the samba system to integrate in our AD Domain
On Mon, 11 May 2009 10:36:49 -0700 (PDT), Pete Clapham
wrote:
> Hi, all --
>
> I want to add SMB passwords using a script. It would appear that some
> variant on the following:
>
> smbpasswd -a -s
>
> would work. However, the syntax of the -s option isn't clear. How do
I
> insert the passwo
{SSHA}
im not sure if password-crypt-salt-format $1$%.2s is needed with {SSHA}
John Du wrote:
> David Markey wrote:
>> John Du wrote:
>>
>>> David Markey wrote:
>>>
>>>> John Du wrote:
>>>>
>>>>
>>&
John Du wrote:
> David Markey wrote:
>> I would imagine that you'll need to re-jig your ACLs in slapd.conf,
>>
>> Please supply logs.
>>
>>
> Thank you very much.
>
> I can use /opt/IDEALX/sbin/smbldap-passwd to change both the Windows
>
I would imagine that you'll need to re-jig your ACLs in slapd.conf,
Please supply logs.
John Du wrote:
> John Du wrote:
>> Hi,
>>
>> I have been running Samba with OpenLDAP for a few years. We recently
>> upgrade the OpenLDAP server from 2.2.13 to 2.4.11.
>>
>> When users change their password
-bash-3.00# /usr/sfw/sbin/smbd -V
Version 3.0.33
Not the most the up to date release bit its progress.
jerry wrote:
> David Markey wrote:
> > Solaris 10 U6 comes with a samba that is capable to
> > joining AD out of the box.
>
> Woot! didn't realize that. Very goo
Solaris 10 U6 comes with a samba that is capable to joining AD out of
the box.
Bjoern Meier wrote:
> hi,
>
> 2009/4/14 McGranahan, Jamen :
>> OK, I've installed the MIT version of KRB5 & samba appears to have
>> installed correctly. However, it appears that I am not able to join my
>> domain.
>
I think 3.2.5 has a privileges bug, You'll have to upgrade to the latest
in the 3.2 series, probably compile it from scratch.
junior carvalho wrote:
> Yes, it has the same station join the domains with this user...
>
> JC
>
> 2009/3/16 David Markey <mailto:dm
Can you try to use usrmgr.exe and see if you have permissions problems
with that?
junior carvalho wrote:
> Hi all;
>
> I'm using samba 3.2 with smbldap-tools ( not ldapsam:*, but dosen't
> works too ), until that i work with centos 4 and debian etch's samba, I
> always set the same configu
One can use the netscape schema that comes with samba to use SunOne. I
have had more success with openldap i have to say.
Cameron Laird wrote:
> Has anyone had success using Sun ONE as an LDAP (authentication)
> back-end to Samba (preferably 4.0, but 3.3 would be fine)?
>
> I've found people wh
icked as I have full permissions. Am I incorrect?
Thanks.
On Wed, 11 Mar 2009 23:55:54 +0000, David Markey
wrote:
>
>
> When i have a file in a share and go to check its permissions in the
> permissions tab, all the entries are blank. But if i click advanced
> then the permiss
When i have a file in a share and go to check its permissions in the
permissions tab, all the entries are blank. But if i click advanced
then the permissions are shown properly(but in advanced mode).
Is there a reason the permissions arent shown on the "basic" security
tab?
Thanks.
--
To unsub
hide files = /*.desktop/*.ini/
This seems to be working exactly the way I want it to. Does anyone see any
security issues with the above configuration?
Thanks for all the replys!
On Tue, 10 Mar 2009 18:10:11 +0000, David Markey
wrote:
> No..
>
> I want only postgrad group t
-0400, Andrew Chaplin
wrote:
> I think you are saying you only want the postgrad group to have access
> to their home directory share.
>
> Look at the smb.conf entry for "valid users".
>
> David Markey wrote:
>> I really think i have explained the situation eno
I really think i have explained the situation enough and its not that
complex. I only want the users in the postgrad group to get access to
their home directories via samba but i dont want them to be able to
access anyone elses.
include = %D%w%S.smb.conf wont work, that would obviosly mean id ne
If you are referring to http://marc.info/?l=samba&m=122692173903872&w=2
This doesnt work for me because postgrad isnt the primary group of those
particular users.
On Tue, 10 Mar 2009 16:18:44 +, Miguel Medalha
wrote:
>
>> Im my [homes] share i want to have two access rules. First one is
>>
No Sorry,
The only people who i want to give access to their own home directory is
postgrad. but I only want them to access their own home dirctory not anyone
elses(i.e the %D%w%S rule)
Any clearer?
On Tue, 10 Mar 2009 16:55:14 +0100, Stéphane PURNELLE
wrote:
> Hi,
>
> In other word (if I un
Hi All
Im my [homes] share i want to have two access rules. First one is
%D%w%S so that DOMAINdmarkey will only be able to access his own home
directory and nobody elses
But I only want users in the postgrad group to be able to access
their home directory.
How could i implement both rules on
Dont think its an option, we use heimdal and smbk5pwd. LAM would have to
support EXOP which i dont think it does
On Thu, 05 Feb 2009 09:07:12 +1100, Tim Bates wrote:
> Stefan Dengscherz wrote:
>> Another alternative would be to use more mature LDAP Account
>> management web utils:
>> - GOSA
>>
s user login & change Samba
> password hash)
>
>
> Hope that helps!
>
>
> 2009/2/4 David Markey :
>>
>>
>> Hi
>> I have a PDC with an LDAP backend that i want to use SWAT to give
>> users the option to change their password via the web inter
Hi
I have a PDC with an LDAP backend that i want to use SWAT to give
users the option to change their password via the web interface.
I cant seem to be able to get SWAT to authenticate any users it
always gives me an authorization error.
Is swat with an LDAP backend supported?
Cheers.
Davi
Would suit this particular configuration.
Dale Schroeder wrote:
> See if this is what you want:
> http://us1.samba.org/samba/docs/man/Samba-Guide/unixclients.html#sdcsdmldap
>
>
> Hope it helps.
>
> Dale
>
> David Markey wrote:
>> Hi,
>>
>>
>> Samba
Hi,
Samba version 3.2-test(from git)
I have a PDC(CS Domain) called kerry with an openldap backend, I have a
file server that i want to authenticate off the same ldap as the PDC but
i dont want it to be a BDC. This machine is called offaly.
I would have thought that this would work pretty smoo
Hi,
I'm trying to come up with a distributed design for a samba 3
infrastructure(Heimdal will also be in here too). Please see this
picture for what i come up with.
http://www.dmarkey.com/~dmarkey/samba.png
Opinions?
Also, Do password changes always happen on the PDC or will the BDC
handle
Ok that seems to work properly. When is 3.2.5 expected out?
David Markey wrote:
> Just applied it and it locked out the account(Yay), now i'm waiting 30
> mins to see if it unlocks the account after that time, which it should.
>
>
>
> Jeremy Allison wrote:
>>
Just applied it and it locked out the account(Yay), now i'm waiting 30
mins to see if it unlocks the account after that time, which it should.
Jeremy Allison wrote:
> On Wed, Nov 05, 2008 at 10:55:57PM -, [EMAIL PROTECTED] wrote:
>> I can confirm that 3.0.32 does lock out accounts, I'll be g
Great to hear it. If you need to get me to test any patches feel free to
ask.
Jeremy Allison wrote:
> On Wed, Nov 05, 2008 at 05:01:15PM +0000, David Markey wrote:
>> https://bugzilla.samba.org/show_bug.cgi?id=5825
>>
>>
>>
>> I raised this bug a while ago exper
https://bugzilla.samba.org/show_bug.cgi?id=5825
I raised this bug a while ago experiencing what you are.Nobody seems to
have done much about it.
Victor Medina wrote:
> Hello guys!
>
> I'm using samba 3.2.4 (binaries from samba.org) on SLES9+sp3.
>
> I am building a PDC with LDAP support (
42 matches
Mail list logo
