Re: [Samba] Winbind troubles

On Wed, 2013-07-24 at 14:09 +0200, steve wrote: [SNIP] > > Hum, according to Rowland it uses the gidNumber in the users DN, > > He was correct. I was wrong in assuming that you needed no gidNumber in > the user DN. It is indeed the gidNumber that is used for rfc2307, > exactly as openLDAP. Than

Re: [Samba] Winbind troubles

On Wed, 2013-07-24 at 11:59 +0100, Jonathan Buzzard wrote: > On Wed, 2013-07-24 at 00:49 +0200, steve wrote: > > [SNIP] > > > For the record, sssd pulls all it's info from AD. > > I never said otherwise. > > > A user does not need a gidNumber, it is drawn from the > > primaryGroupID.For Linux

Re: [Samba] Winbind troubles

On 24 July 2013 11:59, Jonathan Buzzard wrote: > Hum, according to Rowland it uses the gidNumber in the users DN, though > his posted "proof" was flawed and it could have been coming from the > gidNumber of the users primary group just as Winbind does. I have > browsed the source code for sssd bu

Re: [Samba] Winbind troubles

On Wed, 2013-07-24 at 00:49 +0200, steve wrote: [SNIP] > For the record, sssd pulls all it's info from AD. I never said otherwise. > A user does not need a gidNumber, it is drawn from the > primaryGroupID.For Linux clients it is vital that whatever the > primaryGroupID is contains the gidNum

Re: [Samba] RE Samba (winbind) troubles

e-mail them to me if you have one. I'll try to make a new big howto for samba. Louis >-Oorspronkelijk bericht- >Van: st...@steve-ss.com [mailto:samba-boun...@lists.samba.org] >Namens steve >Verzonden: woensdag 24 juli 2013 11:08 >Aan: samba@lists.samba.org >O

Re: [Samba] RE Samba (winbind) troubles

On Wed, 2013-07-24 at 01:26 -0700, Paul D. DeRocco wrote: > > From: steve > > > > On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote: > > > > > > I do like samba, but wiki/howtos are lots to improve. > > > > To be fair, it's not just Samba. It's most open source stuff. > > There are > >

Re: [Samba] RE Samba (winbind) troubles

> From: steve > > On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote: > > > > I do like samba, but wiki/howtos are lots to improve. > > To be fair, it's not just Samba. It's most open source stuff. > There are > too many hobbyists and armchair users. As joe public, what we > should be >

Re: [Samba] RE Samba (winbind) troubles

On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote: > hijacked the winbind threat.. but.. > Don't feel threatened. There _are_ alternatives. > > I do like samba, but wiki/howtos are lots to improve. To be fair, it's not just Samba. It's most open source stuff. There are too many hobbyi

Re: [Samba] RE Samba (winbind) troubles

hijacked the winbind threat.. but.. Really,. >> > If you want my opinion and you probably don't, people need to stop >> > thinking NT server if they connect to a samba4 AD server and start >> > thinking AD server, they are totally different. >> > . Novell NDS is much better the MS

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 23:21 +0100, Jonathan Buzzard wrote: > On 23/07/13 17:10, Rowland Penny wrote: > > [SNIP] > > > > > But if the group identified by primaryGroupID 513 has gidNumber 20513 > > (which would be in my opinion best practice) without looking in the > > source code of ss

Re: [Samba] Winbind troubles

On 23/07/13 17:10, Rowland Penny wrote: [SNIP] But if the group identified by primaryGroupID 513 has gidNumber 20513 (which would be in my opinion best practice) without looking in the source code of sssd you don't know whether sssd took the gidNumber of the user or took the pr

Re: [Samba] Winbind troubles

On 23 July 2013 16:44, Jonathan Buzzard wrote: > You don't seem to have taken on board that primaryGroupID is a numerical > identifier for an actual group. Now why Microsoft didn't use the group's > SID I have not the faintest idea. > > I suppose that you have noticed that the primaryGroupID is t

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 16:44 +0100, Jonathan Buzzard wrote: > On Tue, 2013-07-23 at 15:23 +0100, Rowland Penny wrote: > > > > > > > > If you want my opinion and you probably don't, people need to stop > > thinking NT server if they connect to a samba4 AD server and start > > thinking AD server, t

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 15:04 +0100, Jonathan Buzzard wrote: > On Tue, 2013-07-23 at 14:39 +0100, Rowland Penny wrote: > > Could this be yet another reason to use sssd instead of winbind? > > > > sssd does use the account gidNumber > > > > testuser > > > > primaryGroupID: 513 > > uidNumber: 300110

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 15:23 +0100, Rowland Penny wrote: > > On 23 July 2013 15:04, Jonathan Buzzard > wrote: > Not what I said. The primaryGroupID is an identifier for a > group in AD, > bit like a SID is (I don't get that either). So primaryGroupID > 513 might >

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 14:53 +0100, Jonathan Buzzard wrote: > > What gets me is people claiming that half a dozen lines of configuration > in smb.conf is more complicated than 30+ lines of configuration in an > entirely separate configuration file in addition to several lines in > smb.conf. It mig

Re: [Samba] Winbind troubles

Hallo, Jonathan, Du meintest am 23.07.13: >> Why use a word like orthogonal? > Orthogonal is a single word, is precise and describes what is > required exactly. Sorry - "that depends". I know this word as a synonym of "rectangular", and I mostly know it in a geometrical environment. 90 degre

Re: [Samba] Winbind troubles

On 23 July 2013 15:04, Jonathan Buzzard wrote: > Not what I said. The primaryGroupID is an identifier for a group in AD, > bit like a SID is (I don't get that either). So primaryGroupID 513 might > refer to a group called sambausers, which has a it's own set of > RFC2307bis attributes which inclu

Re: [Samba] Winbind troubles

On 23 July 2013 14:53, Jonathan Buzzard wrote: > Orthogonal is a single word, is precise and describes what is required > exactly. It has been in my vocabulary for approaching 30 years. None > overlapping range is three words and more characters as well. I was not > aware that Newspeak was now a

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 14:39 +0100, Rowland Penny wrote: > Could this be yet another reason to use sssd instead of winbind? > > sssd does use the account gidNumber > > testuser > > primaryGroupID: 513 > uidNumber: 3001106 > gidNumber: 20513 > > getent passwd testuser > testuser:*:3001106:20513:t

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 14:20 +0100, Rowland Penny wrote: > OK, the documentation is better but people still get it wrong probably > because it is more complex than it needs to be, I personally find it > easier to set sssd up, but that is just me. > > Why use a word like orthogonal?, just who knows

Re: [Samba] Winbind troubles

Could this be yet another reason to use sssd instead of winbind? sssd does use the account gidNumber testuser primaryGroupID: 513 uidNumber: 3001106 gidNumber: 20513 getent passwd testuser testuser:*:3001106:20513:testuser:/home/DOMAIN/testuser:/bin/bash Rowland On 23 July 2013 13:54, Jonath

Re: [Samba] Winbind troubles

OK, the documentation is better but people still get it wrong probably because it is more complex than it needs to be, I personally find it easier to set sssd up, but that is just me. Why use a word like orthogonal?, just who knows what orthogonal means, I have only being speaking english for 56 y

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 11:25 +0200, steve wrote: > On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote: > > > > > It's probably still not working for him because he needs to clear the > > now poluted cache/database that winbind has created from previous > > attempts. Using net cache flush mi

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 11:55 +0100, Rowland Penny wrote: [SNIP] > > I thought that testparm did exactly that, it tested all the parameters > in smb.conf, so if the ranges overlap, it should report the error. > You thought wrong then. It tests to see if they are valid so 1000-akjf is in

Re: [Samba] Winbind troubles

On 23 July 2013 11:40, Jonathan Buzzard wrote: > On Tue, 2013-07-23 at 11:06 +0100, Rowland Penny wrote: > > [SNIP] > > > > > OK, I see where you are coming from, but until testparm starts saying > > 'this will not work because' people will keep on having problems with > > winbind, also why do yo

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 11:06 +0100, Rowland Penny wrote: [SNIP] > > OK, I see where you are coming from, but until testparm starts saying > 'this will not work because' people will keep on having problems with > winbind, also why do you need to set up the ranges anyway. testparm does not guarant

Re: [Samba] Winbind troubles

On 23 July 2013 10:05, Jonathan Buzzard wrote: > This is where Matthew went wrong, it's right there in the man page > (unlike three years ago). There are also a large smattering of posts > from myself on this list over the last two years on how important it is > not to have overlapping ranges for

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 11:25 +0200, steve wrote: > On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote: > > > > > It's probably still not working for him because he needs to clear the > > now poluted cache/database that winbind has created from previous > > attempts. Using net cache flush mi

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote: > > It's probably still not working for him because he needs to clear the > now poluted cache/database that winbind has created from previous > attempts. Using net cache flush might work. Personally I would stop > samba delete the tdb fil

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 10:15 +0200, steve wrote: [SNIP] > > +1 > sssd just works: there is plain English documentation available and you > get rfc2307 out of the box. The same day;) > > otoh, if you must stick with winbind there are reports of success here. > Just one more thought to bugzilla it

Re: [Samba] Winbind troubles

On Tue, 2013-07-23 at 09:40 +0200, L.P.H. van Belle wrote: > Hai, > > > I'm having exactly the same problem with winbind as Matthew Daubenspeck. > also on ubuntu 12.04 with sernet packages. ( used sernet-samba-winbind 4.0.7 ) > > I remove the complete config atm but am at the point reinstallin

Re: [Samba] Winbind troubles

Best regards, Louis >-Oorspronkelijk bericht- >Van: rowlandpe...@googlemail.com >[mailto:samba-boun...@lists.samba.org] Namens Rowland Penny >Verzonden: maandag 22 juli 2013 23:45 >Aan: steve >CC: samba@lists.samba.org >Onderwerp: Re: [Samba] Winbind troubles >

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 10:45:28PM +0100, Rowland Penny wrote: > If you want my opinion, this is just another example of why not to use > winbind, if you can wait until tomorrow , I will send you an howto on sssd > on Ubuntu 12.04 Something like this? http://linuxcostablanca.blogspot.com/2013/04/

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 11:36:26PM +0200, steve wrote: > Amazing;) Amazing all right. I have a headache :) > You'd lose control over uidNumber, gidNumber and you wouldn't be able to > specify your own home directories and login shells. It's also a > nightmare if you add a second DC. So if I plan

Re: [Samba] Winbind troubles

If you want my opinion, this is just another example of why not to use winbind, if you can wait until tomorrow , I will send you an howto on sssd on Ubuntu 12.04 Rowland On Jul 22, 2013 10:36 PM, "steve" wrote: > On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote: > > On Mon, Jul 22, 2

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 11:19:26PM +0200, steve wrote: > Similar to what I had when I used winbind, except the * range was lower > than the range we wanted. Try something like 3000-3500 and 3501-4 > perhaps? Like this? idmap config *:backend = tdb idmap config *:range = 3000-3500 idm

Re: [Samba] Winbind troubles

On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote: > On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote: > >OK, that seems like it should work, I had the winbind ad backend > >working, but found it difficult to setup so jumped ship to sssd > >The idmap setup I used

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote: >OK, that seems like it should work, I had the winbind ad backend >working, but found it difficult to setup so jumped ship to sssd >The idmap setup I used was: >idmap config *:backend = tdb >idmap con

Re: [Samba] Winbind troubles

On Mon, 2013-07-22 at 16:46 -0400, Matthew Daubenspeck wrote: > On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote: > > Can you post smb.conf on SRV2? > > Steve > > Certainly: > > [global] > >workgroup = NWLTECH >security = ADS >realm = NWLTECH.ORG >encrypt passwords = yes >

Re: [Samba] Winbind troubles

OK, that seems like it should work, I had the winbind ad backend working, but found it difficult to setup so jumped ship to sssd The idmap setup I used was: idmap config *:backend = tdb idmap config *:range = 1100-2000 idmap config DOMAIN:backend = ad idmap config

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 08:59:47PM +0100, Rowland Penny wrote: >/etc/nsswitch.conf setup correctly? passwd: compat winbind group: compat winbind shadow: compat -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.or

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote: > Can you post smb.conf on SRV2? > Steve Certainly: [global] workgroup = NWLTECH security = ADS realm = NWLTECH.ORG encrypt passwords = yes idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config NW

Re: [Samba] Winbind troubles

On Mon, 2013-07-22 at 15:52 -0400, Matthew Daubenspeck wrote: > On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote: > >Have you tried 'getent passwd username' > >Rowland > > root@srv2:~# getent passwd Administrator > root@srv2:~# getent passwd user1 > root@srv2:~# getent passwd

Re: [Samba] Winbind troubles

/etc/nsswitch.conf setup correctly? On 22 July 2013 20:52, Matthew Daubenspeck wrote: > On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote: > >Have you tried 'getent passwd username' > >Rowland > > root@srv2:~# getent passwd Administrator > root@srv2:~# getent passwd user1 >

Re: [Samba] Winbind troubles

On Mon, Jul 22, 2013 at 08:41:09PM +0100, Rowland Penny wrote: >Have you tried 'getent passwd username' >Rowland root@srv2:~# getent passwd Administrator root@srv2:~# getent passwd user1 root@srv2:~# getent passwd user2 root@srv2:~# getent passwd user3 No results. They are all there thoug

Re: [Samba] Winbind troubles

Have you tried 'getent passwd username' Rowland On 22 July 2013 19:56, Matthew Daubenspeck wrote: > I've rolled 2 virtual servers running Ubuntu 12.04 LTS and have > installed the SerNet packages. SRV1 has the AD setup and SRV2 is a > member server. I've followed the wiki for both servers t

Re: [Samba] Winbind does not update groups

It is not even installed. So no, im still lost --Mike -Original Message- From: Volker Lendecke [mailto:volker.lende...@sernet.de] Sent: Wednesday, May 29, 2013 2:42 PM To: Michael Schmitz Cc: samba@lists.samba.org Subject: Re: [Samba] Winbind does not update groups On Wed, May 29

Re: [Samba] Winbind does not update groups

On Wed, May 29, 2013 at 04:17:33PM +, Michael Schmitz wrote: > I setup winbind as an authentication method on my Ubuntu > server and the only issue I have is when I change a user's > group in Active Director it doesn't update after a > relogin. It shows up with a wbinfo -G but when I use the >

Re: [Samba] winbind authentication returning "failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND"

Im not sure why this keeps getting scrubbed :( Smb.conf http://pastebin.com/8hbKm1cm Krb5.conf http://pastebin.com/kJvPFR05 Commands output: http://pastebin.com/XfVMNUeD From: Nathan Frankish Sent: Monday, 13 May 2013 7:12 AM To: samba@lists.samba.org Subject: winbind

Re: [Samba] winbind authentication returning "failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND"

[2013/05/13 07:08:58.730027, 3] winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir) [ 2367]: request location of privileged pipe [2013/05/13 07:08:58.730252, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send) getpwnam nathan_adm [2013/05/13 07:09:04.052509, 3] winbindd/winbindd_m

Re: [Samba] Winbind and User Private Groups

Jacob Seeley wrote: > Hello, > My question revolves around 'User Private Groups'. I noticed my AD users > UID's do not have matching GID's. I came across the following: > > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html#id2596644 > > This seems to indicate I cannot im

Re: [Samba] Winbind strip domain from username?

2013-04-16 12:33 keltezéssel, Luc Lalonde írta: Hello Geza, Here's my 'smb.conf': [global] workgroup = FOO realm = foo.example.com netbios name = ROQUEFORT server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cld

Re: [Samba] winbind problem

:48 An: tn Cc: samba@lists.samba.org Betreff: Re: [Samba] winbind problem   I also have this problem, using a very recent version from git. (see also:  http://www.mail-archive.com/samba@lists.samba.org/msg124657.html <http://www.mail-archive.com/samba@lists.samba.org/msg124657.h

Re: [Samba] winbind problem

I also have this problem, using a very recent version from git. (see also: http://www.mail-archive.com/samba@lists.samba.org/msg124657.html ) Periodically, winbind seems to simply crash, and getent passwd & other ops (e.g. htop) stall. I'd also be happy to provide any debugging information neede

Re: [Samba] winbind use default domain = Yes (not working in 4.0.5)

the problem with PAM_MOUNT by using '%(DOMAIN_USER)' instead of '%(USER). Bye. - Original Message - From: "Johan Hendriks" To: "Luc Lalonde" Cc: samba@lists.samba.org Sent: Tuesday, April 16, 2013 8:27:30 AM GMT -05:00 US/Canada Eastern Subject: RE:

Re: [Samba] Winbind strip domain from username?

>Hello Folks, >This directive works with Samba3 but does not seem to work with Samba-4.0.5: >winbind use default domain = Yes >I want to get a username that does not contain the domain (GIGL). Instead >here's what I get: >[root@roquefort ~]# getent passwd | grep GIGL >GIGL\Administrator:*:0

Re: [Samba] Winbind strip domain from username?

Hello Geza, Here's my 'smb.conf': [global] workgroup = FOO realm = foo.example.com netbios name = ROQUEFORT server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdat

Re: [Samba] Winbind strip domain from username?

On 15/04/13 22:12, Luc Lalonde wrote: Hello Folks, This directive works with Samba3 but does not seem to work with Samba-4.0.5: winbind use default domain = Yes I want to get a username that does not contain the domain (GIGL). Instead here's what I get: [root@roquefort ~]# getent passwd | g

Re: [Samba] Winbind strip domain from username?

2013-04-15 23:12 keltezéssel, Luc Lalonde írta: Hello Folks, This directive works with Samba3 but does not seem to work with Samba-4.0.5: winbind use default domain = Yes I want to get a username that does not contain the domain (GIGL). Instead here's what I get: [root@roquefort ~]# getent

Re: [Samba] Winbind using 100% CPU

On Wed, Apr 10, 2013 at 06:46:48PM -0400, Dylan Klomparens wrote: > I am trying to figure out why winbind is using 100% CPU on my file server. > I am using Samba version 4.0.4. Everything is fine for a few minutes when I > start winbind, however after a while it begins using 100% CPU. I haven't > b

Re: [Samba] winbind: how to fix uid/SID mapping following migration to a new DC

Did you ever get a resolution to your issue with UIDs not matching? I have the same problem and I cannot for the life of me get my UIDs to come from Active Directory. If you did solve it with using the idmap config DOMAIN : backend = ad would you be so kind as to share? I am only able to get

Re: [Samba] winbind against samba4 AD DC

On Thursday, February 21, 2013 04:03:53 PM Ali Bendriss wrote: > Hello, > > Could you please give me some precision about the current state of the > winbind support on a member server. I have tried to list what I understand > about it. (I suppose that the libnss_winbind symlink are correct in /lib

Re: [Samba] winbind - samba4

Hello Thomas, That was it. I made a link in / lib64 and resolved. Clodonil 2012/12/13 Thomas Simmons > I just got to this point in my testing. Be sure you link the files to > /lib64 if you are running a 64 bit version of CentOS. I was having the same > problem and realized the files needed t

Re: [Samba] winbind - samba4

Hello Clodonil, I just got to this point in my testing. Be sure you link the files to /lib64 if you are running a 64 bit version of CentOS. I was having the same problem and realized the files needed to go in /lib64. -- To unsubscribe from this list go to the following URL and read the instructio

Re: [Samba] Winbind losing Trust with the AD domain

Peace, To answer my own question/post, I seem to have found the culprit. It looks like it is indeed something very simple, and I could even blame it on the AD ( more or less)... :o) The userAccountControl attribute is a structure that contains flags pertaining to the user account: (See http://ww

Re: [Samba] winbind - samba4

Hello, I solved the problem; solution: # ln-s / usr/local/samba/lib/libnss_winbind.so.2 / lib64/libnss_winbind.so # ln-s / lib / libnss_winbind.so / lib/libnss_winbind.so.2 to: # ln-s / usr/local/samba/lib/libnss_winbind.so.2 / lib64/libnss_winbind.so # ln-s / lib64/libnss_winbind.so / lib64/l

Re: [Samba] winbind - samba4

On 12/5/12, Clodonil Trigo wrote: > The pipe is in /usr/local/samba/var/run/winbindd. The winbind this working > because the wbinfo returns successfully. I think that is something between > the centos and the lib's winbind. Yep, I wasn't correct: in Debian one can have the opposite issue -- worki

Re: [Samba] winbind - samba4

Hi Andrew, The pipe is in /usr/local/samba/var/run/winbindd. The winbind this working because the wbinfo returns successfully. I think that is something between the centos and the lib's winbind. Clodonil Prof. Msc. Clodonil H. Trigo www.nisled.org E-mail: clodo...@nisled.org Classificação: ()

Re: [Samba] winbind - samba4

On Mon, 2012-12-03 at 22:11 +0200, Hleb Valoshka wrote: > On 12/3/12, Clodonil Trigo wrote: > > I am using centos 6.3 and did the migration from samba3 to Samba4. More the > > "getent passwd" does not return users. > > I made the link: > > ln-s /usr/local/samba/lib/libnss_winbind.so.2 / lib/libnss

Re: [Samba] winbind - samba4

On 12/4/12, Clodonil Trigo wrote: > I did not think the process of winbind, I believe it is internal to samba. There is no separate winbindd process in samba4. There are several *.so providing this service. > I did several test before migrating to the samba3 Samba4 and had success in > all case

Re: [Samba] winbind - samba4

On 04/12/12 14:44, Clodonil Trigo wrote: Hi, Commands: [root@lost var]# ps ax | grep samba 23756 ?S 0:00 /usr/local/samba/sbin/samba 23757 ?S 0:38 /usr/local/samba/sbin/samba 23758 ?S 0:03 /usr/local/samba/sbin/samba 23761 ?S 0:00 /usr/local/s

Re: [Samba] winbind - samba4

Hi, Commands: [root@lost var]# ps ax | grep samba 23756 ?S 0:00 /usr/local/samba/sbin/samba 23757 ?S 0:38 /usr/local/samba/sbin/samba 23758 ?S 0:03 /usr/local/samba/sbin/samba 23761 ?S 0:00 /usr/local/samba/sbin/smbd --option=server role check:i

Re: [Samba] winbind - samba4

On 04/12/12 14:17, Clodonil Trigo wrote: Yes, this Samba4 running. Add users normally. All other features of Samba4 this OK. Only winbind not. The Winbind there is pid or socket? Clodonil Prof. Msc. Clodonil H. Trigo www.nisled.org E-mail: clodo...@nisled.org

Re: [Samba] winbind - samba4

Yes, this Samba4 running. Add users normally. All other features of Samba4 this OK. Only winbind not. The Winbind there is pid or socket? Clodonil Prof. Msc. Clodonil H. Trigo www.nisled.org E-mail: clodo...@nisled.org Classificação: () Confidencial (X) Interna As informações contidas nesta men

Re: [Samba] winbind - samba4

On 04/12/12 13:13, Clodonil Trigo wrote: Olá Rowland, Yes, the command getent returns the users of the /etc/passwd, more not return of Samba4. look selinux: [root@lost samba]# cat /etc/selinux/config SELINUX=disabled SELINUXTYPE=targeted I do not know what can be. Clodonil 2012/12/4 R

Re: [Samba] winbind - samba4

Olá Rowland, Yes, the command getent returns the users of the /etc/passwd, more not return of Samba4. look selinux: [root@lost samba]# cat /etc/selinux/config SELINUX=disabled SELINUXTYPE=targeted I do not know what can be. Clodonil 2012/12/4 Rowland Penny > This is strange, wbinfo -u s

Re: [Samba] winbind - samba4

On 04/12/12 11:52, Clodonil Trigo wrote: I used this howto. Several tests made ​​prior to migration, and in any case worked. Its make a debug this? Clodonil 2012/12/3 Rowland Penny mailto:rpe...@f2s.com>> Hi, I take it that you have followed the upgrade howto at: https://wiki.samba

Re: [Samba] winbind - samba4

I used this howto. Several tests made ​​prior to migration, and in any case worked. Its make a debug this? Clodonil 2012/12/3 Rowland Penny > Hi, I take it that you have followed the upgrade howto at: > https://wiki.samba.org/index.**php/Samba4/samba-tool/domain/** > classicupgrade/HOWTO

Re: [Samba] winbind - samba4

Hi Hleb, I did not think the process of winbind, I believe it is internal to samba. I did several test before migrating to the samba3 Samba4 and had success in all cases. More time to make real the problem gave winbind. What line you changed in smb.conf? Prof. Msc. Clodonil H. Trigo www.nisled.

Re: [Samba] winbind - samba4

On 12/3/12, Clodonil Trigo wrote: > I am using centos 6.3 and did the migration from samba3 to Samba4. More the > "getent passwd" does not return users. > I made the link: > ln-s /usr/local/samba/lib/libnss_winbind.so.2 / lib/libnss_winbind.so > ln-s /lib/libnss_winbind.so /lib/libnss_winbind.so.2

Re: [Samba] winbind - samba4

On 03/12/12 17:01, Clodonil Trigo wrote: On 03/12/12 12:07, Clodonil Trigo wrote: * Hi,*>>**>>* I am using centos 6.3 and did the migration from samba3 to Samba4. More the*>>* "getent passwd" does not return users.*>>**>>* I made the link:*>>* ln-s /usr/local/samba/lib/libnss_winbind.so.2 / lib/

Re: [Samba] winbind - samba4

On 03/12/12 12:07, Clodonil Trigo wrote: Hi, I am using centos 6.3 and did the migration from samba3 to Samba4. More the "getent passwd" does not return users. I made the link: ln-s /usr/local/samba/lib/libnss_winbind.so.2 / lib/libnss_winbind.so ln-s /lib/libnss_winbind.so /lib/libnss_winbind.

Re: [Samba] Winbind issue using samba 3.6.3

r: groups: cannot find name for group ID 10513 - Original Message - From: "Heather Choi" To: "Steve Snedeker" Cc: samba@lists.samba.org Sent: Friday, September 28, 2012 11:12:11 PM Subject: Re: [Samba] Winbind issue using samba 3.6.3 Looks like you have a potentiall

Re: [Samba] Winbind issue using samba 3.6.3

p ID 10513 - Original Message - From: "Heather Choi" To: "Steve Snedeker" Cc: samba@lists.samba.org Sent: Friday, September 28, 2012 11:12:11 PM Subject: Re: [Samba] Winbind issue using samba 3.6.3 Looks like you have a potentially conflicting idmap block here: idmap backe

Re: [Samba] Winbind issue using samba 3.6.3

Looks like you have a potentially conflicting idmap block here: idmap backend = rid:DOMAN=1-2 and here: idmap uid = 1-2 idmap gid = 1-2 This is more contemporary with Samba 3.6: idmap config * : backend = tdb idmap config * : range = 20001-3 idmap config DO

Re: [Samba] Winbind issue using samba 3.6.3

On 24/09/12 22:31, Steve Snedeker wrote: We have a cross platform environment with a Windows 2008 server running Active Directory and many of our workstations are running ubuntu 10.10 using winbind for user authentication. The version of samba running on these boxes is 3.5.4 We are looking to

Re: [Samba] winbind: uid range is ignored

On 08/08/2012 05:57 PM, Jonathan Buzzard wrote: On 08/08/12 16:41, steve wrote: On 08/08/12 10:40, Jonathan Buzzard wrote: On 08/08/12 08:49, steve wrote: On 08/08/2012 12:35 AM, Jonathan Buzzard wrote: steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote:

Re: [Samba] winbind: uid range is ignored

On Wed, Aug 08, 2012 at 09:40:02AM +0100, Jonathan Buzzard wrote: > > Do you think it is likely that I would have a production file server > system in place with over 900 active SMB connections using an Alpha > release piece of software? > > I don't even use 3.6 yet because it is showing too many

Re: [Samba] winbind: uid range is ignored

On 08/08/12 16:41, steve wrote: On 08/08/12 10:40, Jonathan Buzzard wrote: On 08/08/12 08:49, steve wrote: On 08/08/2012 12:35 AM, Jonathan Buzzard wrote: steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:

Re: [Samba] winbind: uid range is ignored

On 08/08/12 10:40, Jonathan Buzzard wrote: On 08/08/12 08:49, steve wrote: On 08/08/2012 12:35 AM, Jonathan Buzzard wrote: steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wi

Re: [Samba] winbind: uid range is ignored

On 08/08/12 08:49, steve wrote: On 08/08/2012 12:35 AM, Jonathan Buzzard wrote: steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least

Re: [Samba] winbind: uid range is ignored

Hey Steve, I knew the error "Can't initialize directory" with the auto-create method of pam+winbind for home directories as well, but I think my setup is a little bit different than yours... My setup looks like this: - 50 linux-server - 5 AD secondary DC's (Active Directory w2k8 R2) - 1 Master-D

Re: [Samba] winbind: uid range is ignored

On 08/08/2012 12:35 AM, Jonathan Buzzard wrote: steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least from a security perspective. Why

Re: [Samba] winbind: uid range is ignored

steve wrote: On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least from a security perspective. Why a single home directory? We have a single NFS sh

Re: [Samba] winbind: uid range is ignored

On 07/08/12 16:15, Jonathan Buzzard wrote: On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least from a security perspective. Why a single home directory? We have a single NFS share containing

Re: [Samba] winbind: uid range is ignored

On 07/08/12 15:10, steve wrote: On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least from a security perspective. Why a single home directory? We have a single NFS share containing folders for the two domains and inside thos

Re: [Samba] winbind: uid range is ignored

On 04/08/12 22:06, NdK wrote: Il 04/08/2012 21:13, steve ha scritto: Uh? "wide links" seems a bad idea to me... At least from a security perspective. Why a single home directory? We have a single NFS share containing folders for the two domains and inside those a folder for each home. We are

Re: [Samba] winbind: uid range is ignored

Il 05/08/2012 12:32, Jonathan Buzzard ha scritto: > A supported version of Windows Server 2003 (aka the 2003R2) has the > RFC2307 extensions in the schema. The installation of the R2 service > pack extends the schema to include RFC2307, your windows admins simply > don't get a choice over that bit

Re: [Samba] winbind: uid range is ignored

NdK wrote: Il 04/08/2012 12:00, steve ha scritto: You have many ways to obtain that "same mapping" objective. I chose to use rid 'cause I couldn't modify my AD schema. But the preferred way is extend AD schema and specify there the UIDs and GIDs. You don't have to extend the schema. You can st

  1   2   3   4   5   6   7   8   9   10   >