[Samba] winbind with multiple domains

We have a situation where we have two domains that can authenticate users. One for students, one for faculty/staff, both with rfc2307 attributes. Winbind does lookups properly to the domain that samba is joined to, but claims it cannot lookup sids in the other domain. There is an explicit trust

RE: [Samba] Winbind ignores idmap configuration (3.0.28a)

Jeewa Cc: samba@lists.samba.org Subject: Re: [Samba] Winbind ignores idmap configuration (3.0.28a) Naadir Jeewa wrote: > Sorry, yeah, I have munged it. > > I did some further checking and found it works fine for the 1 user which > is on the home domain. It's users from other trus

Re: [Samba] Winbind ignores idmap configuration (3.0.28a)

Naadir Jeewa wrote: Sorry, yeah, I have munged it. I did some further checking and found it works fine for the 1 user which is on the home domain. It's users from other trusted domains which are a problem. CLDAP messages are getting rejected by the DCs, but Samba instead says "DC not found".

RE: [Samba] Winbind ignores idmap configuration (3.0.28a)

;ve asked the domain admins if they can change the client signing requirements on the trusted domain I need access to. Yours, Naadir Jeewa -Original Message- From: Doug VanLeuven [mailto:[EMAIL PROTECTED] Sent: 03 April 2008 23:11 To: Naadir Jeewa Cc: samba@lists.samba.org Subject:

Re: [Samba] Winbind ignores idmap configuration (3.0.28a)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Naadir Jeewa wrote: | Hullo, | | After having my Samba server joined to a domain, I'm now having | difficulties configuring winbind. I want to use the idmap_rid backend, | and have recompiled Samba from scratch with the requisite rid.so module. | | Ho

RE: [Samba] Winbind ignores idmap configuration (3.0.28a)

:[EMAIL PROTECTED] > Sent: 03 April 2008 20:31 > To: Naadir Jeewa > Cc: samba@lists.samba.org > Subject: Re: [Samba] Winbind ignores idmap configuration (3.0.28a) > > Naadir Jeewa wrote: > >> Hullo, >> >> After having my Samba server joined to a domain, I&#x

Re: [Samba] Winbind ignores idmap configuration (3.0.28a)

@lists.samba.org Subject: Re: [Samba] Winbind ignores idmap configuration (3.0.28a) Naadir Jeewa wrote: Hullo, After having my Samba server joined to a domain, I'm now having difficulties configuring winbind. I want to use the idmap_rid backend, and have recompiled Samba from scratch wit

RE: [Samba] Winbind ignores idmap configuration (3.0.28a)

No joy. Still seems to look in AD for a uid instead of calculating using rid. Naadir -Original Message- From: Justin Payne [mailto:[EMAIL PROTECTED] Sent: 03 April 2008 20:31 To: Naadir Jeewa Cc: samba@lists.samba.org Subject: Re: [Samba] Winbind ignores idmap configuration (3.0.28a

Re: [Samba] Winbind ignores idmap configuration (3.0.28a)

Naadir Jeewa wrote: Hullo, After having my Samba server joined to a domain, I'm now having difficulties configuring winbind. I want to use the idmap_rid backend, and have recompiled Samba from scratch with the requisite rid.so module. However, no matter how "idmap domains / idmap config" is set

[Samba] Winbind ignores idmap configuration (3.0.28a)

Hullo, After having my Samba server joined to a domain, I'm now having difficulties configuring winbind. I want to use the idmap_rid backend, and have recompiled Samba from scratch with the requisite rid.so module. However, no matter how "idmap domains / idmap config" is set up, it seems to get t

[Samba] Samba-winbind under Solaris8

Dear All, I have successfully compiled MIT krb5 and samba 3.0.28a under Solaris8. Joining an AD domain works fine and also the commands wbinfo -t, -g and -u list all of the users. getent passwd and getent group are also working. The problem now is that when i run the "group user" command it jus

[Samba] winbind, AD on other network an machine accounts

Hello, we have a network with Xp Clients and AD. On a second network we have XP clients Redhat linux servers that run samba. Between the networks there is a firewall. Now we would like to authenticate the XP clients in the linux network against the AD. As far as I did understand it should b

[Samba] winbind 3.0.28a not working with nt4 -> windows 2003 trust domain

Hi Folks, I have upgraded from samba 3.0.28 to 3.0.28a and now users aren't able to connect to the samba share. Winbind is logging this message: [2008/03/25 15:07:12, 5] passdb/secrets.c:get_trust_pw_clear(720) get_trust_pw_clear: could not fetch clear text trust account password for domain DO

[Samba] winbind between trusted domains really acting up under 3.0.28a

I'm starting to see some really weird things happen on a range of Samba-3.0.28a servers installed as "security=ADS" members of a variety of domains. This was working last time I checked (weeks ago), but something's happened. Windows Updates tend to spring to mind more than Samba upgrades as a c

Re: [Samba] Winbind+ldap = core dump

possible to tell samba/winbind not to do core dumps? smb.conf (only shown one share as we have lots!): [global] printer admin = @"MCS+sysadmin","MCS+root","MCS+administrator" add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u server

[Samba] winbind and compat mode in nsswitch.conf

Hay together, is the following entry in nsswitch.conf possible ? passwd: compat passwd_compat: winbind I want to use the compat mode, so i can use the +/- semantic. But in this case i cant login with username/password. If i configure the nsswitch.conf like: passwd: files winbind The login wo

Re: [Samba] winbind segfaulting

Ben Rogers wrote: Hi, I am running Redhat RHEL 4, authentification is via kerberos against and AD server, usernames are supplied via ldap service running on another redhat box Then why do u need winbind? - winbind has been seg faulting repeating when accessing samba - always the same error m

[Samba] winbind segfaulting

Hi, I am running Redhat RHEL 4, authentification is via kerberos against and AD server, usernames are supplied via ldap service running on another redhat box - winbind has been seg faulting repeating when accessing samba - always the same error message... see logs below - can anyone tell me whats g

Re: [Samba] UserPrincipalName with samba/winbind 3.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: > > Hi, > > I'm currently trying the 3.2 version of winbindd (pam + nss + > winbindd). I would like to loging with the userPrincipalName on à Win 2k3 > but I can't. Winbindd retrun NT_STATUS_INVALID_PARAMETER_MIX (PAM:

Re: Fwd: [Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

Douglas VanLeuven wrote: > Walter Huf wrote: >> I changed those lines, and nothing seemed to change. >> However, I remembered more information that I could include. >> getent passwd does not list domain users, only local users. Something still looks wrong to me with your pam config. But I checked

Re: [Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

I changed those lines, and nothing seemed to change. However, I remembered more information that I could include. getent passwd does not list domain users, only local users. Sample lines from /var/log/samba/log.winbindd: [2008/02/22 14:13:21, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613)

Re: Fwd: [Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

Walter Huf wrote: > I changed those lines, and nothing seemed to change. > However, I remembered more information that I could include. > getent passwd does not list domain users, only local users. > > Sample lines from /var/log/samba/log.winbindd: > [2008/02/22 14:13:21, 1] nsswitch/idmap_ad.c:id

Fwd: [Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

I changed those lines, and nothing seemed to change. However, I remembered more information that I could include. getent passwd does not list domain users, only local users. Sample lines from /var/log/samba/log.winbindd: [2008/02/22 14:13:21, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613)

Re: [Samba] Winbind+ldap = core dump

elieve it fails for both samba and dovecot (pop3/imap mail server). At the > moment we are generating about 10gb/hour of core dumps which a cron job is > keeping cleaned up. Has anyone got any ideas on this? also is it possible > to tell samba/winbind not to do core dumps? enable core

[Samba] Winbind+ldap = core dump

are generating about 10gb/hour of core dumps which a cron job is keeping cleaned up. Has anyone got any ideas on this? also is it possible to tell samba/winbind not to do core dumps? smb.conf (only shown one share as we have lots!): [global] printer admin = @"MCS+sysadmin","

[Samba] UserPrincipalName with samba/winbind 3.2

Hi, I'm currently trying the 3.2 version of winbindd (pam + nss + winbindd). I would like to loging with the userPrincipalName on à Win 2k3 but I can't. Winbindd retrun NT_STATUS_INVALID_PARAMETER_MIX (PAM: 4) Any idea winbindd --version output : Version 3.2.0pre2-GIT--e 85eec1d-te

[Samba] winbind group membership

Hi all, I have a Solaris 10 (update 4) box (x86) that is joined to an active directory via samba/winbind (3.0.25c version included with Solaris including latest patches). The users are working fine however their group membership is not. Users that should be members of certain groups do not

[Samba] Winbind separator Problem

Hello list, I have installed samba-3.0.24 on FC 6. I have some problems to authenticate users against pam_winbind If the user has the winbind separator in the username then the authentication does not work Here are some logs: [2008/01/09 14:12:45, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(

Re: [Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

something that has worked for me on occasion with the later samba verisons is to change: *idmap uid*, and *idmap gid* to *winbind uid*, and *winbind gid* I dont understand why, because the man page says that winbind uid/gid is a wrapper for idmap uid/gid. But maybe that is why. I hope it helps

[Samba] Winbind 3.0.26a cannot authenticate with ActiveDirectory

I am using Ubuntu Gutsy, which comes with Winbind 3.0.26a. I am using the same configuration that worked on Ubuntu Feisty, which uses Winbind 3.0.24. Something changed with Winbind, apparently, to break the configuration that was working perfectly. How can I fix my configuration to work with the ne

RE: [Samba] Winbind problem with more details.

, 2008 2:26 PM To: Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Trimble, Ronald D wrote: > > Ross, do you have any links to document what you are saying > about the "password server" being set to a domain? I h

Re: [Samba] winbind - not ready for prime time?

On Sun, Feb 17, 2008 at 11:15:32AM -0500, Whit Blauvelt wrote: > Either I'm getting too old for this work, or it uniquely fails the usability > test. You're getting too old for this work Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lis

[Samba] winbind - not ready for prime time?

What's the consensus? Should winbind even be considered for production use? Looking back through the archives of the Samba lists, there's a lot of doubt about it. Where people have had problems, there are more often than not no solutions given. When I look at the man page in 3.0.28, there are litte

[Samba] winbind problem

I'm trying to do an ADS share. With a sane nsswitch.conf, that is with these settings: passwd: compat winbind group: compat winbind I get this as the result: # smbclient //no3/ftp -Uwhit

RE: [Samba] Winbind problem with more details.

tart over again from 1000 in each domain and you wouldn't want conflicting uids and gids. -Ross > -Original Message- > From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] > Sent: Friday, February 15, 2008 2:29 PM > To: Trimble, Ronald D; Herb Lewis > Cc: samba@lists.samba

RE: [Samba] Winbind problem with more details.

: Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Trimble, Ronald D wrote: > > You are 100% correct. I did have a situation several weeks > ago where I was forced to delete the cache and as a result I > had to go through the

RE: [Samba] Winbind problem with more details.

-Original Message- > From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] > Sent: Friday, February 15, 2008 12:30 PM > To: Ross S. W. Walker; Trimble, Ronald D; Herb Lewis > Cc: samba@lists.samba.org > Subject: RE: [Samba] Winbind problem with more details. > > Ross S. W. Wal

RE: [Samba] Winbind problem with more details.

ering or ordering. -Ross > -Original Message- > From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] > Sent: Friday, February 15, 2008 12:06 PM > To: Trimble, Ronald D; Herb Lewis > Cc: samba@lists.samba.org > Subject: RE: [Samba] Winbind problem with more details. > > Trimb

RE: [Samba] Winbind problem with more details.

ebruary 15, 2008 12:06 PM To: Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Trimble, Ronald D wrote: > > Here you go... I forgot to ask which version of samba your now running, but assuming it is something around '3.0

RE: [Samba] Winbind problem with more details.

Subject: RE: [Samba] Winbind problem with more details. Ross S. W. Walker wrote: > > Trimble, Ronald D wrote: > > > > Here you go... > > I forgot to ask which version of samba your now running, but > assuming it is something around '3.0.25', then here is my >

RE: [Samba] Winbind problem with more details.

That is a lot of good information... let me give it a shot on a test system to see what happens. -Original Message- From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] Sent: Friday, February 15, 2008 12:06 PM To: Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba

RE: [Samba] Winbind problem with more details.

S. W. Walker [mailto:[EMAIL PROTECTED] Sent: Friday, February 15, 2008 12:30 PM To: Ross S. W. Walker; Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Ross S. W. Walker wrote: > > Trimble, Ronald D wrote: > > > > He

RE: [Samba] Winbind problem with more details.

Ross S. W. Walker wrote: > > Trimble, Ronald D wrote: > > > > Here you go... > > I forgot to ask which version of samba your now running, but > assuming it is something around '3.0.25', then here is my > suggestion config. If it is an earlier version let me know. I just realized that your confi

RE: [Samba] Winbind problem with more details.

Trimble, Ronald D wrote: > > Here you go... I forgot to ask which version of samba your now running, but assuming it is something around '3.0.25', then here is my suggestion config. If it is an earlier version let me know. > [global] > workgroup = NA > realm = NA.UIS.UNISYS.COM >

RE: [Samba] Winbind problem with more details.

cl inherit = yes -Original Message- From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] Sent: Friday, February 15, 2008 11:09 AM To: Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Trimble, Ronald D wrote: > > The users who

RE: [Samba] Winbind problem with more details.

erb Lewis > Cc: samba@lists.samba.org > Subject: RE: [Samba] Winbind problem with more details. > > Trimble, Ronald D wrote: > > > > Just an FYI... this is not a local group but an AD Domain > > Local group. We are using Domain Local groups since they can > > c

RE: [Samba] Winbind problem with more details.

-Original Message- From: Ross S. W. Walker [mailto:[EMAIL PROTECTED] Sent: Thursday, February 14, 2008 4:37 PM To: Ross S. W. Walker; Trimble, Ronald D; Herb Lewis Cc: samba@lists.samba.org Subject: RE: [Samba] Winbind problem with more details. Ross S. W. Walker wrote: > Trim

RE: [Samba] Winbind problem with more details.

: [Samba] Winbind problem with more details. Trimble, Ronald D wrote: > > Just an FYI... this is not a local group but an AD Domain > Local group. We are using Domain Local groups since they can > contain users from other domains. Are all these users members of the same domain? If

[Samba] problem with samba+winbind+kerberos+AD

I have a server with samba+winbind+kerberos+AD sharing files. When users log in there is NO-DELAY communication with this server, but, after some minutes of inactivity there is a 5 secs. delay until the server starts offering data. Log files don't show any net-split, neither user disconnec

RE: [Samba] Winbind problem with more details.

OTECTED] > > Sent: Thursday, February 14, 2008 3:08 PM > > To: Trimble, Ronald D > > Cc: samba@lists.samba.org > > Subject: Re: [Samba] Winbind problem with more details. > > > > you will notice that the SID type for the requested group is > > 4 which

RE: [Samba] Winbind problem with more details.

ted domains = yes' option set? What does your idmap setup look like? -Ross > -Original Message- > From: Herb Lewis [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 14, 2008 3:08 PM > To: Trimble, Ronald D > Cc: samba@lists.samba.org > Subject: Re: [Samba] Winbind

RE: [Samba] Winbind problem with more details.

: samba@lists.samba.org Subject: Re: [Samba] Winbind problem with more details. you will notice that the SID type for the requested group is 4 which we see from smb.h is SID_NAME_ALIAS /* local group */ Trimble, Ronald D wrote: > Everyone, > One of our developers was kind eno

RE: [Samba] Winbind problem with more details.

So what does that tell me? -Original Message- From: Herb Lewis [mailto:[EMAIL PROTECTED] Sent: Thursday, February 14, 2008 3:08 PM To: Trimble, Ronald D Cc: samba@lists.samba.org Subject: Re: [Samba] Winbind problem with more details. you will notice that the SID type for the requested

Re: [Samba] Winbind problem with more details.

you will notice that the SID type for the requested group is 4 which we see from smb.h is SID_NAME_ALIAS /* local group */ Trimble, Ronald D wrote: Everyone, One of our developers was kind enough to insert some bug checking into the mod_auth_pam and mod_auth_sys_group so that

[Samba] Winbind problem with more details.

Everyone, One of our developers was kind enough to insert some bug checking into the mod_auth_pam and mod_auth_sys_group so that we could see a little more of what was going on with our authentication failures. Here is what we just saw. Two of our users NA\connelmp and NA\gumin

[Samba] Winbind Error.

I have been getting the following error on log files. Can someone please hint me how to fix it? winbindd[2638]: ERROR: string overflow by 1 (256 - 255) in safe_strcpy [lookup_name returned an error ~LA -- To unsubscribe from this list go to the following URL and read the instructions: https:

[Samba] winbind and nscd

Good morning, Recently, I had, for one of our clients, to set up a dns cache on linux desktops running winbind in an active directory environment. I knew winbind and nscd where not supposed to work correctly together, due to UID/GID cache conflicts arround nss, winbind maintaining its own cache

[Samba] Winbind data (getent) not persistent?

Hi All, I have one other question: Why is the winbind data (getent) not persistent? I have played with the cache option in smb.conf file, but it does not seem to work. I'd expect this option to control the refresh interval of the AD data, but on my Redhat AS 4.0 system it goes out every couple

[Samba] Winbind with one-way trusts?

Winbind works very well for most of the domains with which we have trusts. But for one domain, 'groups DOMAIN\user' returns only gid 0, and I see kerberos errors in winbind logs: [2008/01/31 13:51:12, 1] libsmb/clikrb5.c:ads_krb5_mk_req(602) ads_krb5_mk_req: krb5_get_credentials failed for [EM

[Samba] winbind problem

Hi everyone, I recently bought a qnap TS-209Pro [www.qnap.com]. This embeds samba 3.0.23d.I configured it to connect to our Active Directory, but as soon as I set winbind enum users and winbind enum groups to "yes" in the /etc/smb.conf file, winbindd uses 100% of CPU. I've googled the problem and

[Samba] Winbind and Nested Groups

Hi to all: I'm using Debian Etch with Samba + LDAP PDC. I like to create users in GroupA and add GroupA to another group, ex: GroupB. In Windows, with Active Directory I can create a Local Group and add it to a Domain Group. I readed that Windbind support this feature and it's called Nest

[Samba] Winbind showing wrong entries

Hi there I have two samba servers with winbind (debian etch) getting users from the same Windows DC. on one of both I get wrong results calling getent group: domänen-benutzer:x:1:_dbagent BUILTIN+administrators:x:1: The group BUILTIN+administrators does not have Unix-attributes set and

[Samba] Debugging samba/winbind SMB share

Hi, I had an active-directory authentication based samba system up and running, working well. However, I tried to access an SMB share on the server a few days back and just get a windows login user/password prompt. I'm trying to debug why theres a "system error". PAM is configured for pam_w

[Samba] winbind forced password change requires interactive shell

We've discovered that although Winbind supports password changes when the account password is expired, this only works with *interactive* shells. This is a major problem for us. Use case 1: SSH tunnels: $ ssh [EMAIL PROTECTED] -N -L 4711:localhost:22 [EMAIL PROTECTED]'s password: channel 2: op

RE: [Samba] winbind: group membership issues.

: samba@lists.samba.org > Subject: [Samba] winbind: group membership issues. > > Hi all, > > I have a Solaris 10 (update 4) box (x86) that is joined to > an active directory via samba/winbind (3.0.25c version > included with Solaris including latest patches). > > The users

[Samba] winbind: group membership issues.

Hi all, I have a Solaris 10 (update 4) box (x86) that is joined to an active directory via samba/winbind (3.0.25c version included with Solaris including latest patches). The users are working fine however their group membership is not. Users that should be members of certain groups do not

[Samba] Winbind separator Problem

Hello list, I have installed samba-3.0.24 on FC 6. I have some problems to authenticate users against pam_winbind If the user has the winbind separator in the username then the authentication does not work Here are some logs: [2008/01/09 14:12:45, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(

[Samba] winbind initialization: GetDC got invalid response type 21

Hi all, I'm running Samba 3.0.28 on CentOS 5.1 as a PDC. I'm having problems with winbind taking a long to initialize or reconnect to the domain. For example, starting winbind and then checking the trust secret takes ~30 seconds: # time /usr/local/samba/bin/wbinfo -t checking the trust secret vi

[Samba] Winbind nss Secondary Group not showing

greetings!! I have winbind nss info set to template sfu. The winbind can fetch the uid,gid and shell from AD Schema, but cant seem fetch secondary group information. The OS is RHEL 4 and Samba 3.26. Guide me on how to fix this. thanks in advance. ~LA -- To unsubscribe from this list go to th

RE: [Samba] Winbind and groups

en > > > Ben Vaughan > Globalcom IT Infrastructure Support Team > [EMAIL PROTECTED] > 312 673 4116 > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Vaughan > Sent: Tuesday, December 11, 2007 10:30 AM > To: samba@

RE: [Samba] Winbind and groups

om: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Vaughan Sent: Tuesday, December 11, 2007 10:30 AM To: samba@lists.samba.org Subject: [Samba] Winbind and groups Hello Friendly Samba People, I have a working samba install that allows my AD users access to files on my linux box. The li

[Samba] Winbind and groups

Hello Friendly Samba People, I have a working samba install that allows my AD users access to files on my linux box. The linux box is configured via Winbind as a domain member and uses Winbind as the local NSS. I can successfully resolve both users and groups from the AD. Users are currently

[Samba] Samba Winbind results caching

I am currently using Samba Winbind 3.0.20b-3.21 on x86_64 SLES 9 to authenticate an external application (CVSNT <http://www.cvsnt.org/wiki> : http://www.cvsnt.org/wiki) using the ntlm_auth --helper-protocol=squid-2.5-ntlmssp executable. The Linux machine is joined to a specific domain cont

Re: [Samba] winbind reporting incorrect groups

Assuming you are using LDAP, you should check to see if there are overlaps in your GID/UID ranges between the LDAP entries and the local /etc/passwd and /etc/group files. This is a complete guess since you didn't include your smb.conf file, nor version of Samba, nor your nsswitch.conf file. Wit

[Samba] winbind reporting incorrect groups

Hello folks, I'm getting a problem where winbind incorrectly lists groups for a certain user. I'm using 3.0.27a. >From what I'm seeing, winbind lists another group the user is not in. Doing getent and grepping for the group lists the members correctly though. The commands id and groups return

Re: [Samba] winbind users not getting groups. idmap backend problem?

> [global] > workgroup = OURWORKGROUP > netbios name = hostname > server string = Linux workstation 1 > security = ADS > log file = /var/log/samba/samba.%m > max log size = 50 > local master = no > preferred master = no > idmap uid = 1-2 > idmap gid = 1-2 > winbind enum users = yes

[Samba] winbind users not getting groups. idmap backend problem?

yo. i have a vmware VI3 machine (which is effectively FC3 for our intents and purposes) i'm trying to get to authenticate with our active directory domain. it's -mostly- working- i can log in as my domain user successfully, getent passwd and group work, wbinfo -u and -g work, however wbinfo -t fa

Re: [Samba] Winbind runs great for a while then dies with "read from socket failed!"

Hello all, I experienced a same problem with http://lists.samba.org/archive/samba/2003-January/059073.html I use following. Hardware: Dell PowerEdge 2950 OS: Red Hat Enterprise Linux ES4 Update 4 Kernel: 2.6.9-55.0.2.ELsmp RPM packages are: samba-3.0.10-1.4E.12.2 samba-common-3.0.10-1.4E.12.2 s

[Samba] Winbind / AIX 5.3 returns incomplete user informations

Hi, We are facing a problem on AIX 5.3 (latest patch) where the following behavior happens. Reproduced with versions of samba from 3.0.23 to 3.0.26a. # Normal behavior : # id and id username should return the same info # [EMAIL PROTECTED]:/# id uid=0(root) gid=0(system) groups=2(bin),3(sys),7(se

RE: [Samba] winbind caused "ls -l" hang on solaris 8

as rebooted. After the machine is started, the whole directory "test" is gone. Anybody know this issue. Thanks, Junmin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, 21 November 2007 11:48 AM To: samba@list

Re: [Samba] winbind caused "ls -l" hang on solaris 8

Bai, Junmin wrote: Thanks for your reply. I understand what you mean. The command ldapsearch works fine and wbinfo -u and wbinfo -g work beautifully. What do "getent passwd" and "getent group" do? I bet they hang after showing the contents of your /etc files. It's openldap on solaris 8. Do

RE: [Samba] winbind caused "ls -l" hang on solaris 8

ECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, 20 November 2007 11:52 PM To: samba@lists.samba.org Subject: Re: [Samba] winbind caused "ls -l" hang on solaris 8 Bai, Junmin wrote: [%<] > The problem is the entry "passwd: files winbind" in /etc/nsswitch.conf >

Re: [Samba] winbind caused "ls -l" hang on solaris 8

Bai, Junmin wrote: [%<] The problem is the entry "passwd: files winbind" in /etc/nsswitch.conf caused "ls -l" and Samba hang. If winbind is removed from nsswitch.conf, "ls -l" worked fine but Samba lost the ability to authenticate users against ADS. Does anyone know how to build Samba with ADS

[Samba] winbind caused "ls -l" hang on solaris 8

Hi Guys I compiled Samba 3.0.26a --with-ads and --with-winbind with krb5-1.6.2 and openldap-2.3.38 using gcc version 3.4.6 on Solaris 8. and added winbind in passwd entry in /etc/nsswitch.conf passwd: files winbind The problem is the entry "passwd: files winbind" in /etc/nsswitch.conf caused "

Re: [Samba] Winbind password problem

John H Terpstra wrote: > > > This configuration is broken! You have told Samba to be a domain member > server (security = domain), yet it appears you want it to be a domain > controller ("security = user" plus "domain logons = Yes"). The > configuration > uses LDAP, but I do not see specif

Re: [Samba] Winbind password problem

On Thursday 15 November 2007 00:56, John and Asta wrote: > I’m having a real problem getting winbind to work with our domain server > SAMBA version:3.0.26a. Winbind used to work fine with the old server > running an older version of samba > > The Globals of my smb.conf looks like: > > > # Samba con

[Samba] Winbind password problem

I’m having a real problem getting winbind to work with our domain server SAMBA version:3.0.26a. Winbind used to work fine with the old server running an older version of samba The Globals of my smb.conf looks like: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2005/0

Re: [Samba] winbind doc error?

On Friday 09 November 2007 23:13, Guido Lorenzutti wrote: > Hi People: In the how to posted on .. > http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html > > The docs says several times to the option -B in the winbindd , but I > can't find anything on the manpage about that switch

[Samba] winbind doc error?

Hi People: In the how to posted on .. http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html The docs says several times to the option -B in the winbindd , but I can't find anything on the manpage about that switch and I can't notice any difference by using it. The docs are outda

[Samba] samba, winbind and pam

Hello, I use samba/winbind and pam to authenticate to our Active Directory. I ask pam to create the user home directory on linux when the user does a login. it works just fine but the problem that I'm having is that in the home directory I end up having tons of user homes but they

[Samba] Winbind Offline Login

Hi, I've been testing winbind offline logon feature using samba-3.2.0pre1. It works great when logging in locally (or via SSH) to the machine in offline mode, but I can't seem to connect to a share from a Windows client when in offline mode. The reasoning behind using the offline feature for u

[Samba] trouble with samba/winbind

Hello, I have installed samba 3.2.0-pre1 on a Debian Lenny system and joined it to a windows 2003 AD domain. Wbinfo -u -g and -t all show good results (returns users and groups, rpc call successful). The "net ads" commands return good results as well (net ads info, net ads status, net ads lookup).

[Samba] Winbind crashes in 3.026a using rid

Winbind 3.026a crashes when reading out user information with wbinfo using the idmap/rid module. The tdb module works without crash (tested by exchanging the uncommented and commented lines in the following fragment from smb.conf). I configured rid as follows: [global] # idmap uid=1000-6 # i

[Samba] Winbind Problem

Hello, I have a Centos 4.4 Linux server that setup Winbind with windows 2003AD integration, the winbind suddenly can't receive AD accounts, I can use wbinfo -u to show AD user name and group etc, but getent passwd isn't pulling across all of the domain accounts. I also had another Centos 4.4 L

[Samba] Winbind problem

Hello, I have a Centos 4.4 Linux server that setup Winbind with windows 2003AD integration, the winbind suddenly can't receive AD accounts, I can use wbinfo -u to show AD user name and group etc, but getent passwd isn't pulling across all of the domain accounts. I also had another Centos 4.4 L

[Samba] Winbind problem

[2007/10/24 10:09:49, 1] nsswitch/winbindd_user.c:winbindd_getpwent(566) could not lookup domain user sfa07307 [2007/10/24 10:09:49, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(50) error getting user id for sid S-1-5-21-106390638-1002753184-2220938350-2579 [2007/10/24 10:09:49, 1] nsswitch/

[Samba] winbind nss info = rfc2307 doesn't work when users not in "Users" Container?

Hi all, we have been using a samba setup with samba being an AD member, idmap backend = ad and winbind nss info = rfc2307 for several month without problems yet. But it turns out now that we cannot move useraccounts in AD from the original location "CN=Users,dc=uni-wh,dc=de" to a newly created

[Samba] Winbind and Samba - Renaming an Active Directory Domain

Hi Has anyone been thru the renaming of a domain (Win2k3) with a linux box running Samba and Winbind? Any info would be most appreciated Cheers Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind authentication over transitive trusts between multiple W2k3 Domains

Hallo, we use Samba 3.0.22 with MIT Kerberos and winbind on Ubuntu edgy in a Windows2003 ADS enviroment. Everything works fine like kinit, net ads join, getting the Domain accounts from the own and other domains, but one important thing fails - obviously winbind cannot resolve name to sid, when

[Samba] Winbind integration with large AD on Solaris 10

I'm having trouble getting Samba working on Solaris 10 with a large active directory (35000 users, 5000 groups). I've set this up successfully in the past with winbind enum users = yes and winbind enum users = yes in the smb.conf file. Owing to the large number of users in this application, I nee

<    4   5   6   7   8   9   10   11   12   13   >