Al 20/06/13 17:12, En/na Gaiseric Vandal ha escrit:
> If you want to centralize the samba accounts I think the proper way
> would be to use member servers.
Just yesterday I had the same problem with a member server (running
samba 3.6.15), pointing to the ldap server on the domain controller (3.5
von Andrew Bartlett
Gesendet: Freitag, 21. Juni 2013 09:58
An: Philipp Lies
Cc: samba@lists.samba.org
Betreff: Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary
group SID mismatch
On Thu, 2013-06-20 at 10:26 +0200, Philipp Lies wrote:
Hi,
I'm trying to get my new samba server r
---
-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im
Auftrag von Andrew Bartlett
Gesendet: Freitag, 21. Juni 2013 09:58
An: Philipp Lies
Cc: samba@lists.samba.org
Betreff: Re: [Samba] Samba+LDAP: NT_STATUS_UNSUCCESSFUL because of primary
group
On Thu, 2013-06-20 at 10:26 +0200, Philipp Lies wrote:
> Hi,
>
> I'm trying to get my new samba server running for a few days now and I
> start losing my mind over not figuring out what I'm doing wrong. Here's
> my setup:
>
> OpenLDAP 2.4.21 server with ~15 groups and >100 users, all having a uni
OK. I understand (at least a little better.)
So the correct behaviour would be for the standalone workgroup machines
to say "I don't know who DOMAIN/user1 is, so I will map to local
user1." The standalone servers should be using LDAP for unix
accounts put I don't think you really should
You might look into net getlocalsid, net getdomainsid, net setlocalsid and
net setdomainsid commands, you may be able to set the samba servers the
same as your ldap sid... just a though. Remember, messing around with SID's
can cause major issues, so export all sids to file and be ready set them
bac
If I follow correctly the LDAP server is NOT in the domain? The Samba
accounts should be using the SID of the Samba PDC not the SID of the
LDAP server. This of course means that a Samba member server can't
use the same LDAP back end (at least for Samba authentication.)
Long and short
Hi,
I'm trying to get my new samba server running for a few days now and I
start losing my mind over not figuring out what I'm doing wrong. Here's
my setup:
OpenLDAP 2.4.21 server with ~15 groups and >100 users, all having a unix
and a samba NT password stored in the LDAP as well as a User SID an
I would compare the LDAP attributes between a problem machine and a
working machine.Each machine has to have a unique unix account name
and SID.
Normally you don't need to precreate the samba acct with "smbpasswd -a
-m" or pdbedit. However it may help with the diagnostics to see
what
I found that Samba 3.5.x has trouble creating the LDAP attributes
correctly on new machine accounts . I think Samba 3.4.x was OK.
Rejoining a machine to a domain was usually OK. You need may need to
do a mix of account creation with smbpasswd and LDAP modification with
the LDAP editor.
Greetings.
I've run into a trouble when trying to add a new Win7 machine on a domain.
The domain is controlled by a server running Samba + LDAP (samba compiled
with ldap support), on a Debian 5 OS at the local network.
I've added the machine name to the LDAP three through phpldapadmin using
the o
On 26/12/2012 22:33, Andrew Bartlett wrote:
On Wed, 2012-12-26 at 08:36 -0200, TI wrote:
Hi Guys,
I have six Linux Servers running Samba 3 as PDC of our domain, in
different locations. They are integrated through LDAP (which is
configured to replicate over our VPN) and all responds to the same
On Wed, 2012-12-26 at 08:36 -0200, TI wrote:
> Hi Guys,
>
> I have six Linux Servers running Samba 3 as PDC of our domain, in
> different locations. They are integrated through LDAP (which is
> configured to replicate over our VPN) and all responds to the same
> domain. So, wherever the user is, h
Hi Guys,
I have six Linux Servers running Samba 3 as PDC of our domain, in different
locations. They are integrated through LDAP (which is configured to replicate
over our VPN) and all responds to the same domain. So, wherever the user is, he
will log in the same domain name.
Now I'am plannin
hello, everybody
after migrating the cfg file from samba version 3.2.5 to 3.5.6
mounting the share and browsing its directories takes a very long time
(at least for the root folder and for the first time, after that it
kind of stabilizes and works ok, file transfer speed is as it should
be, though
On Mon, 2012-09-17 at 04:35 +0800, Jeffrey Chan wrote:
> Hi all,
>
> What's a good Samba+LDAP appliance these days for a small business?
> Currently I used a stock Ubuntu server and did all Samda/LDAP configuration
> manually. I'm looking for something that can allow my regular staff to use
> as w
Am Mon, 17 Sep 2012 04:35:39 +0800 schrieb Jeffrey Chan:
> Hi all,
>
> What's a good Samba+LDAP appliance these days for a small business?
not using it myself:
http://www.univention.de/
http://www.zentyal.org/
- Thomas
--
To unsubscribe from this list go to the following URL and read the
in
Hi all,
What's a good Samba+LDAP appliance these days for a small business?
Currently I used a stock Ubuntu server and did all Samda/LDAP configuration
manually. I'm looking for something that can allow my regular staff to use
as well.
1. I tried most of the popular NAS distros, like FreeNAS, NAS
On Tuesday, 31.07.2012 at 12:11 +0200, Arokux B. wrote:
> what are the minimum permissions for the attributes
> sambaLMPassword/sambaNTPassword for the the LDAP administrator account
> so that Samba is just enabled to use it for authentication with
> ldapsam backend.
>
> It seems like auth is not
Hi,
what are the minimum permissions for the attributes
sambaLMPassword/sambaNTPassword for the the LDAP administrator account
so that Samba is just enabled to use it for authentication with
ldapsam backend.
It seems like auth is not enough, is this true?!
Thanks,
Arokux
--
To unsubscribe from
Hello everyone,
I rewrite a topic because I need your help,
Does someone has installed an password policy between LDAP and SaMBa ? Mine
does'nt work :/, samba don't find the policy. But in the log i found :
ldapsam_get_account_policy_from_ldap
I've already put the overlay in slapd.conf.
Tha
I found « username map [script] » directive in smb.conf man page. I've
tested P1234=jdoe and it's works. Next is to make a one line script to make
this dynamic ^^
Another solution was to make a proxy LDAP instead of a replica.
Thanks for the help !
If anyone have another idea, i'm open :)
2012/5/
Unfortunaly, I cannot do this since the two attributes are different
meaning and are used in another applications so maybe with a local LDAP
replica and use of your tricks will works. I will try if there are no
"Samba" solutions.
Thanks :)
2012/5/24
>
> I am not sure if you can act on the samba
I am not sure if you can act on the samba side. Maybe you should think
the other way around. You can map one attribute to another inside the
LDAP server.
You would use the "map attribute" directive to map
"eduPersonPrincipalName" to "uid". Both logins would then authenticate
against "ui
Hi !
I have an OpenLDAP where users DN are in the form «
uid=P1234,ou=people,dc=example,dc=com » and where the login is in the «
eduPersonPrincipalName » attribute (ex : jdoe).
I have configured my system (Debian Squeeze) to authenticate against LDAP
(libpam-ldapd + libnss-ldapd with a mapping uid
Am 02.04.2012 07:43, schrieb Massimiliano Perantoni:
Hi,
the distribution is a Debian 6 but I compiled samba myself against a self
compiled openldap 2.4.26.
Actually the only difference is the openldap client libraries version,
I do use 2.3 instead of 2.4, but using getent, as I stated before
Hi,
> the distribution is a Debian 6 but I compiled samba myself against a self
> compiled openldap 2.4.26.
Actually the only difference is the openldap client libraries version,
I do use 2.3 instead of 2.4, but using getent, as I stated before,
works...
If I do getent passwd I get, with the fai
Hey,
the distribution is a Debian 6 but I compiled samba myself against a
self compiled openldap 2.4.26. The passdb backend line doesn't look
different than yours (except the server names of course ;-)). You are
not running nscd by chance ? If so does getent passwd work with a
simulated ldap1
Hi,
could you send me the setup?
Which lines did you add?
Whici distro do you run?
Thanks!
Il 31 marzo 2012 22:11, Stephan ha scritto:
> Am 31.03.2012 20:56, schrieb Steve Thompson:
>
>> On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
>>
>>> Well, did not try, but guess it happens the same.
>
Am 31.03.2012 20:56, schrieb Steve Thompson:
On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
Well, did not try, but guess it happens the same.
Just for completeness, which version of samba did you use for ldap
failover?
I was using 3.0.33 at the time, on CentOS 5 x86_64. Not sure which
rev
On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
Well, did not try, but guess it happens the same.
Just for completeness, which version of samba did you use for ldap failover?
I was using 3.0.33 at the time, on CentOS 5 x86_64. Not sure which
revision of CentOS; it was a while ago.
Steve
Well, did not try, but guess it happens the same.
Just for completeness, which version of samba did you use for ldap failover?
Il 31 marzo 2012 19:04, Steve Thompson ha scritto:
> On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
>
>> I'm exactly using that, without luck...
>
>
> Not sure what t
On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
I'm exactly using that, without luck...
Not sure what to tell you; I have used multiple LDAP servers in the past
with success, although these days I use a single virtual LDAP server which
load balances across a set of backend servers. What h
I'm exactly using that, without luck...
--
Massimiliano Perantoni
site: http://www.perantoni.net
Il 31 marzo 2012 15:35, Steve Thompson ha scritto:
> On Sat, 31 Mar 2012, Gaiseric Vandal wrote:
>
>> I don't think Samba (depending on the version) supports multiple ldap
>> backends. You should
On Sat, 31 Mar 2012, Gaiseric Vandal wrote:
I don't think Samba (depending on the version) supports multiple ldap
backends.You should have samba_server_1 using ldap_server_1 and
samba_server_2 using ldap_server_2.
Samba most certainly does support multiple LDAP backends. There's even an
e
alf Of Massimiliano Perantoni
> Sent: Saturday, March 31, 2012 6:12 AM
> To: samba@lists.samba.org
> Subject: [Samba] Samba LDAP Failover
>
> Hi,
> I have a quite "simple" setup for a particular customer that loves
> redundancy and failover.
> PDC + BDC with LDA
lf Of Massimiliano Perantoni
Sent: Saturday, March 31, 2012 6:12 AM
To: samba@lists.samba.org
Subject: [Samba] Samba LDAP Failover
Hi,
I have a quite "simple" setup for a particular customer that loves
redundancy and failover.
PDC + BDC with LDAP Passwords on two 389-ds in multimaster node + sever
Hi,
I have a quite "simple" setup for a particular customer that loves
redundancy and failover.
PDC + BDC with LDAP Passwords on two 389-ds in multimaster node +
several samba member servers
Actually pointing singularly on both the systems everything works great.
As soon as I modify my passdb back
I'm trying to combine samba + ldap, I was successful in another
attempt what motivated me to create one. deb package that would make
the whole process, I installed this package, the ldap dit was created
successfully but when I try to insert a Windows machine in the Domain
I get the message that
I'm trying to combine samba + ldap, I was successful in another
attempt what motivated me to create one. deb package that would make
the whole process, I installed this package, the ldap dit was created
successfully but when I try to insert a Windows machine in the Domain
I get the message that the
From: Guilhem Souque
Date: Mon, 27 Feb 2012 12:01:50 +0100
> I try to configure a domain member server on an other debian squeeze
> that will serve as cifs and nfs server.
(snip)
> The unix uids provided by winbind are not the same than those used by
> the system (libnsss-ldap)
> winbind don
On 27/02/12 12:01, Guilhem Souque wrote:
t's seems that in samba 3.0.24 (debian etch) the uid in the idmap OU
was the same that those in the USERS OU because i have some entry that
are correct and i had domain member server in this samba version.
Is there a way to synchronize unix uids with idm
Hi samba lists,
we have a samba-ldap domain running on a debian squeeze (samba
3.5.6)server (pdc and bdc).
I try to configure a domain member server on an other debian squeeze
that will serve as cifs and nfs server.
My Debian server member use winbind (on ldap) for mapping the users
windows si
Hi samba lists,
we have a samba-ldap domain running on a debian squeeze (samba
3.5.6)server (pdc and bdc).
I try to configure a domain member server on an other debian squeeze
that will serve as cifs and nfs server.
My Debian server member use winbind (on ldap) for mapping the users
windows si
On Thu, 2012-02-16 at 21:10 +0800, Fajar Priyanto wrote:
> Hi all,
> I have a setup like this. Pls let me know if it's possible or not.
> SAMBA + Local LDAP ---> SASLAUTHD --> Global LDAP
No.
Samba uses the sambaNTPassword attribute in it's LDAP schema which is a
crypt of the password. You may
Hi all,
I have a setup like this. Pls let me know if it's possible or not.
SAMBA + Local LDAP ---> SASLAUTHD --> Global LDAP
Desc:
I'd like to do Samba authentication to LDAP, passthrough to another
LDAP using SASL.
The current situation is:
SSH authentication from LDAP user to that Samba box wor
On 2012-02-02 15:08, Adam Tauno Williams wrote:
check password script = /usr/local/sbin/crackcheck -c -s
Not sure where I got crackcheck from; it is a compiled binary.
I think you got it from the samba tar ball:
https://lists.samba.org/archive/samba/2011-September/164089.html
--
Message s
On Thu, 2012-02-02 at 15:00 +0100, Götz Reinicke wrote:
> --ms020400080806080209020400
> Content-Type: text/plain; charset=ISO-8859-15
> Content-Transfer-Encoding: quoted-printable
>
> Hallo,
>
> we run a Redhat samba 3.5.4 PDC with openldap 2.4 as
> user/passwordbackend. The ldap als
Hallo,
we run a Redhat samba 3.5.4 PDC with openldap 2.4 as
user/passwordbackend. The ldap also contains the posix information for
the users to login to some web/mail/etc. servers.
I'm faced with the task to implement a 'both worlds' compatible paswword
sync process regarding complexity etc.
For
Hi,
I am using Samba to join AD.But have a problem with version 3.4.7 which not
meet in version 3.2.5.
Here is my steps:
in version 3.2.5
1. set smb.conf and krb5.conf the realm to test.com; in smb.conf set use
kerberos keytab = true
2. net ads join -U Administrator%Password createupn=t...@te
The Samba wiki page related to the use of Windows 7 with Samba contains
the following statements:
«
There are currently two registry settings required to be added on the
Windows 7 client prior to joining a Samba Domain. These are:
HKLM\System\CCS\Services\LanmanWorkstation\Parameters
Hi,
I'm running Samba 3.5.6 with OpenLDAP 2.4.23 (from Debian Squeeze) as
PDC. Everything is working fine (Joining Domains, Log on Users) but I'm
not able to Log in as Domain Admin. If I try to, the message "Unable to
log on „The User Profile Service service failed the logon. User profile
can
I don't know if I should post this here or in the samba bugzilla but
here goes...
I am trying to get samba-ldap (editposix) to use the Inetorgperson
schema so that I can setup a samba domain using our existing ldap
directory. Our websites users are held in a LDAP directory that has user
info
Am 04.08.2011 12:09, schrieb J. Echter:
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu:
From: "J. Echter"
Date: Tue, 02 Aug 2011 14:12:05 +0200
I thought im done setting domain to WORKGROUP, as its set in
smbldap.conf.
I don't get why smbldap tools thinks im on a domain called BDC.
Would i
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu:
From: "J. Echter"
Date: Tue, 02 Aug 2011 14:12:05 +0200
I thought im done setting domain to WORKGROUP, as its set in smbldap.conf.
I don't get why smbldap tools thinks im on a domain called BDC.
Would it help if i post some output from pdbedit
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu:
net rpc getsid
hi,
yes i did this step and just repeated it to be sure.
sudo net rpc getsid
bdc:
[sudo] password for bdc:
Storing SID S-1-5-21-3842863818-2180709222-141296495 for Domain
WORKGROUP in secrets.tdb
pdc:
sudo smbldap-useradd -a t
From: "J. Echter"
Date: Tue, 02 Aug 2011 14:12:05 +0200
> I thought im done setting domain to WORKGROUP, as its set in smbldap.conf.
>
> I don't get why smbldap tools thinks im on a domain called BDC.
>
> Would it help if i post some output from pdbedit or stuff like that? I
> really don't get
Am 02.08.2011 14:54, schrieb J. Echter:
Am 02.08.2011 14:40, schrieb Julien Celle:
Le 02/08/2011 14:22, J. Echter a écrit :
Am 02.08.2011 14:06, schrieb Julien Celle:
pdbedit output indicates that the profile is stored on '\\pdc...' and
that the user is defined on the domain 'BDC'.
oh i forgo
Am 02.08.2011 14:40, schrieb Julien Celle:
Le 02/08/2011 14:22, J. Echter a écrit :
Am 02.08.2011 14:06, schrieb Julien Celle:
pdbedit output indicates that the profile is stored on '\\pdc...' and
that the user is defined on the domain 'BDC'.
oh i forgot, profiles are on \\pdc.
cheers.
Hi,
Le 02/08/2011 14:22, J. Echter a écrit :
Am 02.08.2011 14:06, schrieb Julien Celle:
pdbedit output indicates that the profile is stored on '\\pdc...' and
that the user is defined on the domain 'BDC'.
oh i forgot, profiles are on \\pdc.
cheers.
Hi,
There may be a problem trying to access your
Am 02.08.2011 14:06, schrieb Julien Celle:
pdbedit output indicates that the profile is stored on '\\pdc...' and
that the user is defined on the domain 'BDC'.
oh i forgot, profiles are on \\pdc.
cheers.
--
To unsubscribe from this list go to the following URL and read the
instructions: https:/
Am 02.08.2011 14:06, schrieb Julien Celle:
First of all, there is a problem between your samba conf and the
output of pdbedit : your server netbios name is defined in your
smb.conf as 'BDC' and your workgroup/domain as 'workgroup' whereas the
pdbedit output indicates that the profile is stored
First of all, there is a problem between your samba conf and the output
of pdbedit : your server netbios name is defined in your smb.conf as
'BDC' and your workgroup/domain as 'workgroup' whereas the pdbedit
output indicates that the profile is stored on '\\pdc...' and that the
user is defined
Am 25.07.2011 14:38, schrieb J. Echter:
Am 22.07.2011 17:48, schrieb TAKAHASHI Motonobu:
From: "J. Echter"
Date: Thu, 21 Jul 2011 08:51:25 +0200
Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
hi,
tried all your hints. still now profiles found...
H...
My testing environment is availabl
Am 22.07.2011 17:48, schrieb TAKAHASHI Motonobu:
> From: "J. Echter"
> Date: Thu, 21 Jul 2011 08:51:25 +0200
>
>> Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
>> hi,
>>
>> tried all your hints. still now profiles found...
>
> H...
>
> My testing environment is available at
>
> ftp:/
From: "J. Echter"
Date: Thu, 21 Jul 2011 08:51:25 +0200
> Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
> hi,
>
> tried all your hints. still now profiles found...
H...
My testing environment is available at
ftp://ftp.ring.gr.jp/pub/net/samba-jp/vmware_player_images/sambapdc-squeeze
Am 21.07.2011 11:33, schrieb L.P.H. van Belle:
Hai,
a working profile share..
[profiles]
path = /bacula/samba/profile
comment = Profiel enviroment.
read only = no
create mask = 0600
directory mask = 0700
browseable = Yes
guest ok = Y
7-20 18:21
>Aan: samba@lists.samba.org
>Onderwerp: Re: [Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles
>
>Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
>>
>>> [profile]
>>> path = /bacula/samba/profile
>> This path has valid permission?
>
>d
Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
From: "J. Echter"
Date: Wed, 20 Jul 2011 17:58:34 +0200
i've finally have my LDAP backend working for authentication for my DC.
Logon scripts are executed, user is authenticated, but my roaming
profiles are not found.
here is what i have in my
Am 20.07.2011 18:08, schrieb TAKAHASHI Motonobu:
[profile]
path = /bacula/samba/profile
This path has valid permission?
drwxrwxrwt 21 root root 4096 Jul 7 09:48 profile
And actually "pdbedit -v a-user" shows valid profile path?
pdbedit -v klaudia
Full Name:klaudia
From: "J. Echter"
Date: Wed, 20 Jul 2011 17:58:34 +0200
> i've finally have my LDAP backend working for authentication for my DC.
>
> Logon scripts are executed, user is authenticated, but my roaming
> profiles are not found.
>
> here is what i have in my config files:
(snip)
> hide file
Hi,
i've finally have my LDAP backend working for authentication for my DC.
Logon scripts are executed, user is authenticated, but my roaming
profiles are not found.
here is what i have in my config files:
smb.conf
[global]
printing = bsd
netbios name = PDC
server string = PDC (%h)
: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im
Auftrag von Götz Reinicke - IT-Koordinator
Gesendet: Dienstag, 1. Februar 2011 15:53
An: samba@lists.samba.org
Betreff: [Samba] Samba, LDAP, Windows XP - force passwordchange on first
login
Hello,
I was looking for the right
Hello,
I was looking for the right ldap attribute and setting to force users to
change there password when they log in for the first time.
Can somewone point me to the syntax or doc I did not found yet?
samba 3.5.4 and openldap-2.4.19
Thanks and regards,
--
Götz Reinicke
IT-Koordinator
Tel.
Rodolfo Barbosa
Gesendet: Montag, 31. Januar 2011 12:27
An: samba@lists.samba.org
Betreff: [Samba] Samba+LDAP+Password
Hi,
We have a Debian Lenny running Samba 3.5.5 with OpenLDAP and Winbind. The
users can change their password via windows clientes but after the
password expires thei can't
Hi,
We have a Debian Lenny running Samba 3.5.5 with OpenLDAP and Winbind. The
users can change their password via windows clientes but after the
password expires thei can't set a new password. To unlock the user account
I have to set a new password via smblda-passwd script.
I have the following p
Dear friends
My domain users in two diffrent OU, one OU is TEMP_USERS and other OU
is PEOPLE.
What i should mention in smb.conf ?
If i mention
ldap user suffix = ou=PEOPLE, then
users of ou TEMP_USERS is not able to authenticate.
Please guide me.
Thanks
--
http://linuxinterviews.blogspo
On 07/27/2010 03:38 PM, Daniel Deptuła wrote:
W dniu 2010-07-27 20:05, alexan...@nautae.eti.br pisze:
Hi.
Excuse my English.
I've installed Samba+OpenLDAP as a PDC.
Everything works fine but Samba ignores completely group information.
Linux is ok.
Any clue? I'm going crazy here!
Here's
W dniu 2010-07-27 20:05, alexan...@nautae.eti.br pisze:
Hi.
Excuse my English.
I've installed Samba+OpenLDAP as a PDC.
Everything works fine but Samba ignores completely group information.
Linux is ok.
Any clue? I'm going crazy here!
Here's the sittuation:
user: fish1
home dir: /home/reaml
alexan...@nautae.eti.br wrote:
Hi.
Excuse my English.
I've installed Samba+OpenLDAP as a PDC.
Everything works fine but Samba ignores completely group information.
Linux is ok.
Any clue? I'm going crazy here!
Here's the sittuation:
user: fish1
home dir: /home/reaml/swim/fish1
primary group
Hi.
Excuse my English.
I've installed Samba+OpenLDAP as a PDC.
Everything works fine but Samba ignores completely group information.
Linux is ok.
Any clue? I'm going crazy here!
Here's the sittuation:
user: fish1
home dir: /home/reaml/swim/fish1
primary group: swimmers
other groups: smokers
Hello,
Ubuntu 9.10 Server / Samba 3.4 with an ldap backend
I'm looking for some explanation on how a few options work together to make
passwords work properly. I have some accounts that have the sambaAcctFlag
[UX] and that should set it so their passwords don't expire correct?
This doesn't seem
I am currently running Samba (3.0.33) on CentOS 5 with an OpenLDAP back-end.
I would like to be able to have a script run that would look at the
sambaPwdLastSet attribute, compare it to the current time and then if
needed...email the user a reminder to change their password. I have never
written an
Hi,
some time a go I started to try a migration form our "old" samba PDC
with smbpasswd user backend to a new ldap based.
I got to the point, that users can login to shares and now I'd liked to
set up the server as an PDC with ldap and machine accounts too.
The smbldap-toosl are installed and co
Subject: [Samba] Samba/LDAP and home dir creation
Hi, all.
I'm working on a project to create a Samba PDC
with LDAP authentication. I've been pretty
successful in getting everything to work.
However, I've run into a small snag:
The PDC is built on an OpenSuse 11.2 box. Most
On Wednesday 09 June 2010 4:47:31 pm you wrote:
> Hi Dimitri,
>
> You probably want to enable the PAM module
> responsible for this. Back up and edit your
> /etc/pam.d/system-auth and add the following
> line:
>
> session required pam_oddjob_mkhomedir.so
> skel=/etc/skel/ umask=0022
>
> Note: Messi
Hi Dimitri,
You probably want to enable the PAM module responsible for this. Back
up and edit your /etc/pam.d/system-auth and add the following line:
session required pam_oddjob_mkhomedir.so skel=/etc/skel/ umask=0022
Note: Messing with your pam config may lock you out of the system, so
be caref
Hi, all.
I'm working on a project to create a Samba PDC
with LDAP authentication. I've been pretty
successful in getting everything to work.
However, I've run into a small snag:
The PDC is built on an OpenSuse 11.2 box. Most of
the member servers are also OpenSuse 11.2 boxes.
However, a
Windows 7 can connect to the domain as a member (using wiki.samba Win 7
details) but cannot see any shared resources or connect to the machine at
all. Logs show tings start ok but fall apart pretty quickly. Anyone else
having issues with Win7 and Samba? On this network, XP, Vista and Mac all
sw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You are missing something, which I just realized reading this: a couple
of emails that went back and forth off-list. Oops.
I think the following is essentially accurate: someone will surely
correct me if it's not.
At the moment, this is the only s
2010/5/18 Alex McKenzie :
> r...@sl1:/etc/samba# testparm
> Server role: ROLE_DOMAIN_PDC
> [global]
> workgroup = CHEMBMB
> domain logons = Yes
> preferred master = Yes
> domain master = Yes
> This is a standalone server providing file sharing, but not acting as a
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This fixed it!
For the record, since I suspect this all gets archived and is
searchable: here's the output of testparm.
r...@sl1:/etc/samba# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I do have smbldap tools installed and, as far as I can tell, set up.
net join CHEMBMB -U Administrator returns "cannot join as standalone
machine".
The LDAP structure may be the issue... I don't think computer accounts
were ever set up on the current
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
t...@tms3.com wrote:
> SNIP
>>> SID for domain SL1 is: S-1-5-21-1557386430-3227286864-500253393
>>> SID for domain CHEMBMB is: S-1-5-21-4167008922-1292391803-4044586981
>>>
>>> 7) Users have both user and group SIDs in the form
>>> "S-1-5-21-41670089
SNIP
SID for domain SL1 is: S-1-5-21-1557386430-3227286864-500253393
SID for domain CHEMBMB is: S-1-5-21-4167008922-1292391803-4044586981
7) Users have both user and group SIDs in the form
"S-1-5-21-4167008922-1292391803-4044586981-[unique number]", which is
generated according to the rules t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So no one has any guesses on this? I've found nothing new, so any help
at all would be appreciated...
- -Alex
Alex McKenzie wrote:
> Greetings,
>
> While I've seen this referred to a lot of places, I haven't yet found
> a posted solution that wor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings,
While I've seen this referred to a lot of places, I haven't yet found
a posted solution that works for me. Testing has been done from a Mac
running OSX 10.5.8 Here's what I have so far: if anyone can give me a
next step to test, I'd app
samba-requ...@lists.samba.org wrote:
Subject:
Re: [Samba] samba, ldap, kerberos
From:
Natxo Asenjo
Date:
Mon, 15 Feb 2010 09:42:18 +0100
To:
Samba Mail List
To:
Samba Mail List
On Mon, Feb 15, 2010 at 7:27 AM
On Mon, Feb 15, 2010 at 7:27 AM, Pramathesh Ambasta
wrote:
> Though I am not new to samba, I am new to this so will really appreciate
> guidance. If I want to implement a single sign on scheme using openldap and
> kerberos on a linux server, how can samba be integrated into this scheme? As
> far a
Though I am not new to samba, I am new to this so will really appreciate
guidance. If I want to implement a single sign on scheme using openldap
and kerberos on a linux server, how can samba be integrated into this
scheme? As far as I can understand from the docs, the discussions on
samba and k
1 - 100 of 898 matches
Mail list logo
