Hello,
We are running samba 3.0.34 and having problem joining windows 2008 domain when
"server ldap signing is required".
We configured start-tls, copied over the CA certificate but getting an error
for the request to start ssl/tls
To be exact, here is what we see in wireshark:
Our request to
Hi Jerry,
I used 3.0.25 and 3.0.31
I will look into this again as soon as we move on to 3.2.
Cheers,
Ephi
-Original Message-
From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Sent: Friday, September 05, 2008 7:07 AM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: Re: [Samba] On
Hello,
Pam based authentication is failing for trusted domain users when the trust was
set to one way.
There is no problem for shares access.
Details:
=
1. I have domain DOM-A and domain DOM-B.
2. I setup trust between DOM-A and DOM- in such a way that DOM-A is trusting
DOM-B BUT DOM-B
netsamlogon_clear_cached_user()
in other places to allow none authentication pam functions such as "id" to work
well.
Thanks,
Ephi
-Original Message-----
From: Ephi Dror
Sent: Tuesday, August 26, 2008 10:27 AM
To: 'Gerald (Jerry) Carter'
Cc: samba@lists.samba.org
Subject
o I change this cache length if needed.
Thanks so much,
Ephi
-Original Message-
From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 26, 2008 10:16 AM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: Re: [Samba] User's groups issue
-BEGIN PGP SIGNED MESSAGE--
Hello,
I'm using samba 3.0.31 and seems to have an issue with getting user's groups
info.
It works like a Swiss Watch when I start winbindd and do "id username" for a
given user however, if I add that user to one more group on the domain and
issue "id username" I don't get the up to date info.
Hello,
Does samba support the use of S4U?
What do we need to configure in SAMBA or krb5 to support getting a
ticket obtained by S4U. We are using 3.0.25 and krb5-1.4.1
We are getting the following error:
decode_pac_data: Name in PAC [EMAIL PROTECTED]
does not match principal name i
Hello,
Does samba support the use of S4U?
What do we need to configure in SAMBA or krb5 to support getting a
ticket obtained by S4U. We are using 3.0.25 and krb5-1.4.1
We are getting the following error:
decode_pac_data: Name in PAC [EMAIL PROTECTED]
does not match principal name i
Hello,
Look like demand for multiple file streams support increased lately.
Does samba 3 series intend to support it any time soon?
Look like SAMBA 4 is working on it based on the following form Andrew
Tridgell:
One simple but important example of how the new NTVFS layer helps is the
a
Hello,
I would like to know when do we need to specify "kpasswd protocol =
SET_CHANGE" in krb5.com in the [realms] section when talking to windows
AD domain.
I usually don't use it and it works fine BUT I recently needed to use it
since "net ads join ..." hanged during the last part of join
rsion y N
-Original Message-
From: Howard Wilkinson [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 24, 2006 2:51 PM
To: Ephi Dror; samba@lists.samba.org
Subject: RE: [Samba] Joined 2 samba servers to ADS but kinit in winbindd
failedfor one of them!
Ephi,
Can you pleas
Hi All,
I have strange situation in which two systems running SAMBA (same
version) have successfully joined an ADS.
However one has no problem using wimbindd/ wbinfo to communicate with
the domain and kinit in winbindd works fine.
But the other is failing with a kinit problem as following:
unt/export points and not
for any directory leading to mount point.
Cheers,
Ephi
-Original Message-
From: Ephi Dror
Sent: Monday, August 21, 2006 12:11 PM
To: samba@lists.samba.org
Cc: 'Jeremy Allison'; '[EMAIL PROTECTED]'
Subject: Re: [Samba] User can't ac
ve access
only to administrator for example, that's how they run into the problem
with our SAMBA.
So far I can't see it as a problem.
Cheers,
Ephi
-Original Message-
From: simo [mailto:[EMAIL PROTECTED]
Sent: Monday, August 21, 2006 11:41 AM
To: Jeremy Allison
Cc: Ephi Dror; sam
d !=0)
change_to_root_user();
#endif
result = sys_stat(fname, sbuf);
#ifdef EPHI
if (conn->vuid !=0)
change_to_user(conn, conn->vuid);
#endif
END_PROFILE(syscall_stat);
return result;
}
-Original Message-
From: Jeremy Al
Hi all,
I have noticed that if you create a share to path lets say
\\dir1\dir2\dir3
And a user lets say u1 has full control on dir3 BUT no control at all on
dir2 then user u1 cannot access the share.
Is it right?
We have a situation with clients who typically do the following:
Create a share
Hi all,
I have a situation in which my SAMBA 3.0.14a could not join the a very
large windows 2003 AD domain with tens of domain controllers all over
the world. With an error I have never seen before.
The kinit part went OK but the net ads join part failed.
What we tried is to have our SAMBA jo
Hi,
Regarding "change share command" option in smb.conf.
I am not using it by I am wondering how it can ever work if input
parameters don't include existing share name.
I mean if you want to change existing share name to new share name,
don't you need to get the old share name too?
It can
Hi everyone,
I am wondering why do I see S-XXX numbers instead of actual names when
viewing and setting quota from windows.
My server is configured as a stand alone in which I use pdbedit to add
bunch of users.
However, when I look at properties-> security, names are coming up
correct (not a
Hi All,
Does anyone run SQL and/or exchange on SAMBA server share?
Are there any special considerations to take? would you be kind enough
to share your experience doing it?
Any special smb.conf configuration is required?
is there any performance issue or functional limitations supporting it?
Hi,
I am running SAMBA 3.0.14a and having the problem described in bug 765.
https://bugzilla.samba.org/show_bug.cgi?id=765
Which is:
If Win2k3 policy: "Domain Controller: LDAP server signing requirements"
set to "Require Signing", net ads join fails
My questions:
1. If I upgrade to th
Hi All,
Microsoft just coming up with R2
(http://searchstorage.techtarget.com/originalContent/0,289142,sid5_gci11
50420,00.html?track=NL-52&ad=536546)
I have couple of questions regarding it:
1. Have they modified/added new features to the core CIFS, RPC, etc.
protocols to support some of th
Hi all,
I have a strange situation, I hope someone can tell me what's wrong.
I have a samba server 3.014a joined win2003 AD.
When I run "wbinfo -n administrator", I am getting an error: "Could not
lookup name administrator"
BUT
If I first run "wbinfo -u" I get the list of users successfu
Hi All,
Here is my situation:
I run 3.014a samba server. It joins different ADS domains through out
the day and every day.
Configured it with "use keytab = yes" but did not execute the command
"net ads flush keytab" after each new domain join.
While trying to map a share from a client with
ew Bartlett [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 14, 2005 8:03 PM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: RE: [Samba] Kerberos enc type [xx] failed
On Tue, 2005-06-14 at 19:04 -0700, Ephi Dror wrote:
> Hi Andrew,
>
> I upgraded krb5 libs to 1.3.3 and now the error became &
ytab!
Joined 'SSN217' to realm 'LONDON.STORADINC.COM'
And last, is it to do with kerberos hot fix
http://support.microsoft.com/kb/833708/
Just wondering.
Thanks so much in advance for any hint in this complicated area.
Cheers,
Ephi
-Original Message-
From: Ephi Dror
Thank you Andrew for sharing with us your expertise and give us those
suggestions.
We really appreciate it.
Cheers,
Ephi
-Original Message-
From: Andrew Bartlett [mailto:[EMAIL PROTECTED]
Sent: Monday, June 13, 2005 10:15 PM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: Re: [Samba
Hi All,
I am getting Kerberos "enc type" problem that I can't explain:
[2005/06/11 11:41:29, 1, pid=29355]
libads/kerberos_verify.c:ads_keytab_verify_ticket(61)
ads_keytab_verify_ticket: krb5_kt_start_seq_get failed (No such file
or directory)
[2005/06/11 11:41:29, 3, pid=29355]
libads/kerber
ald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 25, 2005 10:37 AM
To: Ephi Dror
Cc: Paul Gienger; samba@lists.samba.org
Subject: Re: [Samba] mapping with username: "[EMAIL PROTECTED]" failed
-BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ephi Dror wrote:
> HOWEVER,
n't allow me to use "[EMAIL PROTECTED]", meaning only "netbiosDomain\name"
works.
Cheers,
Ephi
-Original Message-
From: Paul Gienger [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 25, 2005 5:45 AM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: Re: [Samba] m
Hi All,
When trying to map my SAMBA share from WinXP, it prompted me for name
and password but it failed when I used [EMAIL PROTECTED]
However, using "domain\name" worked.
Any idea why my SAMBA server didn't accept this name style [EMAIL PROTECTED]
?
Assume: Realm (AD domain): domain.com
Hi
I have the following question:
Joining Win200x as ADS/DOMAIN, I see no problems for windows users to
get authenticated even if they don't have local accounts.
However, with the same samba (3.06) joining NT4 SP6 domain I see that
only users that also have entry in /etc/passwd are been au
Hi All,
I run Linux with two interfaces. Configured those interfaces with IP
and added both IPs to DNS (which is not Windows DNS on my domain
controller) lets say with names "A" and name "B."
I run SAMBA on that Linux and joined as ADS to a domain controller "D"
and I used the name "A" and
Hi All,
I upgraded my windows 2003 enterprise server to sp1 and having problems with
winbindd/wbinfo.
I am using samba 3.0.6 and joined as ADS
wbinfo -u
wbinfo -g
wbinfo -p
wbinfo -t
work like a Swiss watch
However
wbinfo -n ephi
wbinfo -s .
DO NOT WORK.
Is the latest SAM
Johnson [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 14, 2005 8:15 AM
To: Tom Skeren
Cc: Andrew Bartlett; samba@lists.samba.org; Ephi Dror
Subject: Re: [Samba] Joining a domain controller with a conflict name
Tom Skeren wrote:
> Jonathan Johnson wrote:
>
>> Again, this is the r
rs,
Phi
-Original Message-
From: Andrew Bartlett [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 13, 2005 3:52 PM
To: Ephi Dror
Cc: samba@lists.samba.org
Subject: Re: [Samba] Joining a domain controller with a conflict name
On Wed, 2005-04-13 at 15:40 -0700, Ephi Dror wrote:
> Hi
Hi All,
Is it a way to prevent joining a domain with a netbios name that already
used by other domain member?.
For example, if I have SAMBA server "SA1" already joined a domain and
then I go to a different SAMBA server and make it join the same domain
with the name "SA1" also.
What I found
Hi All,
If I have domain controller on a different subnet than the samba server
and I would like to join that domain controller in an environment
without WINS, meaning only DNS available.
Unfortunately, it failed.
Is it possible to do it? I am using domain type DOMAIN (not ADS) in
smb.con
Hi All,
Does anyone has an idea why sometimes when I issue "net rpc testjoin"
right after I joined the domain using ("net ads join") I get an error :
"Error in domain join verification (fresh connection)"
But after waiting few seconds, testjoin is succeed like a Swiss watch.
Its only hap
Hi All,
I'm running netbench against our samba based filer and having I believe
a controller problem.
When I configure the test to run multiple engines per client (about 5 in
my case) and about 20 clients so all together I have 100 engines, the
controller crashes.
My clients are a mix of N
Hi All,
How do I make windows file explorer to not show "Printers and Faxes" when
clicking on SAMBA server while browsing for Microsoft Windows Network. Also,
once I click on it, the "Add Printer" icon shows up.
In smb.conf I have:
show add printer wizard = no
load printers = no
Hi All,
I am wondering:
Is it possible for a windows client to use separate tcp/ip connection per
share.
Meaning that if we have SAMBA server that shares let's say three shares,
then each client that connect to those shares (tcon) will end up having
three tcp/ip connections with the server and of
Hi All,
To join an ADS based domain we need to join the realm first (kinit ...) and
then
join the domain (net ads join .)
Is it possible to do it without specifying user name and
password (perhaps some other shared secret)?
For instance, if a machine was already added in the domain server w
43 matches
Mail list logo
