On 14/05/13 18:40, Antoine Vacher wrote:
Hello,
I have a strange issue with Samba 4 as an AD DC regarding GPO creation.
I use the following packages on Debian wheezy:
dpkg -l | grep samba
ii libsamba-credentials0:i386 4.0.0+dfsg1-1i386
Samba Credentials
On Thu, 2013-05-16 at 15:22 +0200, Tim Vangehugten wrote:
if
only the printing in samba 4.0.5 would work that would be nice...
Hi
The printing doesn't work in 4.0.5
https://bugzilla.samba.org/show_bug.cgi?id=9745
maybe you could add this thread/your use case to the bugzilla?
Cheers,
Steve
.
I'm sure that it can't be as simple as that but it works perfectly
without having to know anything about smb.conf
hth
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
share
the version?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Sat, 2013-05-18 at 16:31 +0200, steve wrote:
On Sat, 2013-05-18 at 12:51 +0200, Ulrich Schneider wrote:
Maybe I should rephrase the question (and use a more suitable topic)
I have Samba 4.0.5. as an active domain controller.
I want to know how to set up shares e.g. this way
On Sat, 2013-05-18 at 22:40 +0200, Ulrich Schneider wrote:
OK, I read a lot lot today ... last time I read samba manuals has been a
while ...
so new to me is ... acls in the file system.
so is this correct, I can adapt windows file security settings directly
in windows ... and somehow
On Sat, 2013-05-18 at 22:24 +0100, Adam Thorn wrote:
If you want to do more complex things with ACLs (like using the Windows
security dialog box), you also need to set nt acl support=yes in the samba
share config.
Hi
Do we have to set nt acl support= yes? On our 4.0.6 git install it's the
that the domain admin on windows was
like root on Linux. Nope.
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
is
shown kinit: Cannot resolve servers for KDC in realm Test.com while
getting initial credentials
How can I solve that?
I'd go for DNS.
A good start is /etc/hosts. Is there an entry for sam.test.com?
What does /etc/krb5.conf contain?
Cheers,
Steve
--
To unsubscribe from this list go
don't understand. wbinfo lists no users r groups. Do you want everyone
in the domain to have access?
This would make sense:
valid users = @uli+someone-else
What do you have in /etc/nsswitch.conf?
One of the reasons I run away from smb.conf!
Steve
--
To unsubscribe from this list go
files
netgroup: nis
uli@uli-sd30v10:/data$
Am 19.05.2013 11:53, schrieb steve:
On Sun, 2013-05-19 at 11:30 +0200, Ulrich Schneider wrote:
Looks to me like valid users is not working.
valid users = @samdom+schueler
[lehrer]
path = /data/lehrer
On Sun, 2013-05-19 at 18:02 +0800, wong lmark wrote:
I read a article http://www.smilingsouls.net/blog/linux/ad_integration.html
Just for reference.
Hi
That's for joining a Linux client to an already configured DC. BTW it's
strange. He configures nss-ldap and then uses winbind!
Steve
dns as per the wiki (link in the other
post)?
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Sun, 2013-05-19 at 20:10 +0800, wong lmark wrote:
No. I am not sure that where is the dns reconds store in Samba4.
But I have not install bind before upgrade.
You can see them:
samba-tool dns query server zone name A||CNAME|MX|NS|SOA|SRV|
TXT|ALL [options]
--
To unsubscribe from this
for the user is created, but nothing
is put there.
Hi
You don't say which Windows but when permissions are OK, try deleting
the profile. In w7, it's at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\ProfileList
Steve
--
To unsubscribe from this list go to the following URL
On Wed, 2013-05-22 at 13:41 +0200, Tim Vangehugten wrote:
Hi,
Just an update:
Tried today samba 4.0.6, printing works there with the automatic driver
install.
Best regards
Tim Vangehugten
Hi
Are you sure? Its as you were here. No change. After the drivers are
seemingly copied
. The same error: Access is denied. Is
there anything trivial missing from those wiki notes which prevent
printing working with 4.0.6?
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
::---
default:user::rwx
default:user:root:rwx
default:group::---
default:group:300:rwx
default:group:301:r-x
default:group:302:rwx
default:group:303:r-x
default:mask::rwx
HTH
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https
exit (failed to receive smb request)
Anyone please? In particular, why ntlm authentication? Why Username HH3
\Administrator is invalid on this system? I've tried without winbind use
default domain = but nada.
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read
On Mon, 2013-05-27 at 19:46 +0100, Rowland Penny wrote:
I do not think that you actually need the krb.conf, try it without it,
after all what have you got to lose?
Rowland
Hi
Confirmed. Certainly not needed if running sssd.
Cheers,
Steve
--
To unsubscribe from this list go
I need Bind so that dynamic dns will work with Linux clients. This was
OK in 4.0.5. Any ideas anyone?
Provisioning with or moving to BIND9_DLZ produces the error:
samba_upgradedns --dns-backend=BIND9_DLZ
Reading domain information
DNS accounts already exist
No zone file
Administrator:*:399:20513:Administrator:/:
getent group Domain\ Users
Domain Users:*:20513:
-
smb.conf on the Samba3 file server:
[global]
workgroup = HH3
realm = HH3.SITE
kerberos method = system keytab
security = ADS
#username map = /home/steve/smbusers
[users
On Wed, 2013-05-29 at 22:28 +0200, steve wrote:
4.0.6 with 3.6.12 file server
Hi
Ordinary users can connect fine:
smbclient //oliva/users -Usteve2
Enter steve2's password:
Domain=[HH3] OS=[Unix] Server=[Samba 3.6.9]
smb: \
log:
schannel_fetch_session_key_tdb: restored schannel info
Hi
Is this possible? I see that the 4.0.6 directory structure is different,
so we can't just do a make install over what's already there.
Is there a method for using the latest stable release by upgrading, or
must we do a fresh install?
Cheers,
Steve
--
To unsubscribe from this list go
On Fri, 2013-05-31 at 12:56 +0100, Alex Matthews wrote:
Hi all,
I have a samba server as member of an AD DC.
In said AD DC there is the 'administrator' user which has the default
UID of 0 (the same as root)
from the ADDC:
# id administrator
uid=0(root) gid=513(SMC\Domain Users)
Version 4.0.7-GIT-d4cd828
openSUSE 12.04 with bind9 installed but not configured.
Hi
Attempting to provision with BIND9_DLZ or samba_upgradedns from a
functioning SAMBA_INTERNAL install produces:
Creating DomainDnsZones and ForestDnsZones partitions
Populating DomainDnsZones and ForestDnsZones
staff2 0 Jun 2 10:58 steve2.txt
steve2@altea:/home/test getfacl steve2.txt
# file: steve2.txt
# owner: steve2
# group: staff2
user::rw-
group::rw-
other::r--
Now the same session on a client with the share mounted:
catral:/home/steve # mount -t cifs //altea/test /mnt
-osec=krb5,username=cifs
;
managed-keys-directory /var/lib/named/dyn;
notify no;
tkey-gssapi-keytab /usr/local/samba/private/dns.keytab;
};
include /usr/local/samba/private/named.conf;
Good luck.
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https
On Sun, 2013-06-02 at 23:31 +1000, Andrew Bartlett wrote:
On Fri, 2013-05-31 at 14:34 +0200, steve wrote:
Version 4.0.7-GIT-d4cd828
openSUSE 12.04 with bind9 installed but not configured.
Hi
Attempting to provision with BIND9_DLZ or samba_upgradedns from a
functioning SAMBA_INTERNAL
On Sun, 2013-06-02 at 23:50 +0300, Giedrius wrote:
2013.06.02 16:16, Andrew Bartlett rašė:
On Sun, 2013-06-02 at 11:52 +0200, steve wrote:
On Sun, 2013-06-02 at 01:46 -0700, Gary Maurizi wrote:
This is a follow up to my previous...
Thomas, I have tried everything else I can think of, I
On Mon, 2013-06-03 at 08:00 +1000, Andrew Bartlett wrote:
That is *very* weird. They may be another package with tdbbackup in a
normal path. Otherwise, could you follow this up with the OpenSUSE
folks?
Thanks,
Andrew Bartlett
We've taken this up with them before:
On Mon, 2013-06-03 at 08:16 +1000, Andrew Bartlett wrote:
On Mon, 2013-06-03 at 00:05 +0200, steve wrote:
Hi
openSUSE 12.3
This is the first time in many years where the SUSE/openSUSE bind has
_almost_ worked out of the box. They will not entertain non chrooted
installs
server and do an IP takeover on the second? Or was it a cluster?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Mon, 2013-06-03 at 08:51 +1000, Andrew Bartlett wrote:
On Mon, 2013-06-03 at 00:48 +0200, steve wrote:
On Mon, 2013-06-03 at 08:00 +1000, Andrew Bartlett wrote:
That is *very* weird. They may be another package with tdbbackup in a
normal path. Otherwise, could you follow
=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS=
-DDIG_SIGCHASE'
using OpenSSL version: OpenSSL 1.0.0 29 Mar 2010
using libxml2 version: 2.7.6
[root@server samba-master]#
Here it is on openSUSE 12.3:
hh16:/home/steve # named -V
BIND 9.9.2-P2 built with '--prefix=/usr' '--bindir=/usr/bin
On Mon, 2013-06-03 at 09:36 +1000, Andrew Bartlett wrote:
On Mon, 2013-06-03 at 01:11 +0200, steve wrote:
On Mon, 2013-06-03 at 08:16 +1000, Andrew Bartlett wrote:
End users need something simple to install. We also need something that
does dynamic dns reliably. The strong points
On Wed, 2013-06-05 at 16:22 +0100, Jonathan Buzzard wrote:
On Wed, 2013-06-05 at 15:42 +0100, Rowland Penny wrote:
I never said that I couldn't get it to work, I just said that it is
just too complicated. Yes I can read and there was no need to get
personal
You said you gave up
Version 4.1.0pre1-GIT-1a6eac2
Hi
I added a reverse zone to my internal dns. It won't update the reverse
zone. With bind, it does.
Before I go any further, is it possible that the internal dns server
update the reverse zone from a nsupdate request?
Cheers,
Steve
--
To unsubscribe from
On Wed, 2013-06-05 at 18:32 +0100, Rowland Penny wrote:
Well said Steve
From what I have read on the two samba mailing lists, Samba 4 is
supposed to be a clone of windows AD, well windows AD does not have
winbind, so I suppose this begs the question, why when running as a DC
controller
On Wed, 2013-06-05 at 23:13 +0100, Jonathan Buzzard wrote:
On 05/06/13 17:56, steve wrote:
On Wed, 2013-06-05 at 16:22 +0100, Jonathan Buzzard wrote:
On Wed, 2013-06-05 at 15:42 +0100, Rowland Penny wrote:
I never said that I couldn't get it to work, I just said that it is
just too
On Wed, 2013-06-05 at 23:13 +0100, Jonathan Buzzard wrote:
As far as I can tell sssd does not provide a mechanism for the smbd on
at least 3.5 (the 4.x series might be different but the OP is running
3.6) to see an incoming SID and work out the UID.
It would be pretty useless without. It
On Thu, 2013-06-06 at 10:19 +0100, Jonathan Buzzard wrote:
So given the OP wants consistent UID's on presumably his Samba file
server running a 3.6.x variant of Samba how does sssd help?
Hi
sssd is an alternative to using winbind to extract information from AD.
It may help the OP to try it
are group 'Domain
users', the primary group of the user, not 'staff' as the g+s should
give. Files created in the share on the DC are correctly assigned to
group 'staff'.
Question:
How do I get files created in the share 'shared' to be group owned by
group 'staff'?
Cheers,
Steve
://wiki.samba.org/index.php/Samba_as_a_print_server
but no more. Something changed between 4.0.0 and where we are now but I
can't work out what it is.
Try the wiki next?
hth
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman
On 09/06/13 11:00, Adam Sienkiewicz wrote:
Hi Steve
I procceeded regarding this howtu. All seems to be fine except
connection samba-cups. From windows I can add printer, print test page
but all print jobs from samba are lost between samba and cups I think.
There is no entries in cups logs only
On 09/06/13 20:16, Gerry Reno wrote:
On 06/09/2013 06:45 AM, steve wrote:
On 09/06/13 11:00, Adam Sienkiewicz wrote:
Hi Steve
I procceeded regarding this howtu. All seems to be fine except
connection samba-cups. From windows I can add printer, print test page
but all print jobs from samba
are accessible as expected. Where
do I need to go looking for this problem? Anyone struck this before?
Happy to provide further info as directed.
Hi
I'm no expert, but how about using a big hammer?
Backup first, then:
setfacl -Rm u:marion:rwx The Australian Coffee Centre
Steve
On Mon, 2013-06-10 at 09:54 -0400, Gerry Reno wrote:
On 06/10/2013 03:47 AM, steve wrote:
On 09/06/13 20:16, Gerry Reno wrote:
On 06/09/2013 06:45 AM, steve wrote:
On 09/06/13 11:00, Adam Sienkiewicz wrote:
Hi Steve
I procceeded regarding this howtu. All seems to be fine except
On Mon, 2013-06-10 at 12:40 -0400, Gerry Reno wrote:
On 06/10/2013 12:16 PM, steve wrote:
On Mon, 2013-06-10 at 09:54 -0400, Gerry Reno wrote:
On 06/10/2013 03:47 AM, steve wrote:
On 09/06/13 20:16, Gerry Reno wrote:
On 06/09/2013 06:45 AM, steve wrote:
On 09/06/13 11:00, Adam
have the rfc2307 line in both the DC's. Add:
uidNumber: 322
to the the DN of the user on one of the DC's. Wait a few minutes. Now
create a file. It will have uid 322 no matter which DC is consulted.
HTH
Steve
--
To unsubscribe from this list go to the following URL and read
/sysvol /usr/local/var/locks/sysvol
Test: kill samba on DC1. Result: the gpo's still work.
That's it isn't it?
I now plan to make DC2 a rsync server too and cron that
back DC1. Surely it's not as simple as that. Is it?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read
which DC is consulted.
HTH
Steve
Hi
DN is ldap for Distingished Name
e.g. a user could have an entry in the directory:
dn: CN=vladimir, CN=Users,DC=samba,DC=com
just add:
uidNumber: 322
somewhere for that user. The easiest way to do that so that you can
understand what's happening
Hi
Just try adding the user anyway and let's see what happens:
samba-rool user add tester4
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Mon, 2013-06-17 at 12:27 +0200, steve wrote:
Hi
Just try adding the user anyway and let's see what happens:
samba-rool user add tester4
*
samba-tool
sorry
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options
On Mon, 2013-06-17 at 14:50 +0400, Vladimir A Fomkin wrote:
HI!
root@bdc-samba:~# /usr/local/samba/bin/samba-tool user add tester4
New Password:
Retype Password:
ERROR(ldb): Failed to add user 'tester4': - samldb: Account name
(sAMAccountName) 'tester4' already in use!
root@bdc-samba:~#
:*:321:20513:steve2:/home/users/steve2:/bin/bash
login as steve2 and create a file:
su steve2
touch /tmp/somefile
ls -l somefile
-rw-r--r-- 1 steve2 Domain Users 0 Jun 19 11:41 somefile
HTH
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions
winbind
and the only way I could go with this was to delete the idmap entries
and start again. This is in the other post about an hour or so ago, if
you have any easier way. . .
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org
On Thu, 2013-06-20 at 15:21 -0400, Steve Thompson wrote:
mount -t nfs4 -o sec=krb5 server_fqdn:/data /mnt
What do you have in /etc/idmapd.conf
What does ps aux | grep rpc give?
Can the user browse using nfs3?
mount -t nfs3 -o sec=krb5 server_fqdn:/data /mnt
Have a look at the gotchas. There's
On Thu, 2013-06-20 at 16:57 -0400, Steve Thompson wrote:
On Thu, 20 Jun 2013, steve wrote:
Thanks for your reply! I am really pulling my hair out over this one, and
I don't have that much left :(
What do you have in /etc/idmapd.conf
The content of this file is correct as far as I
::rwx /netdrives/shared
set a loose acl for Domain Admins or map them to root
Then just:
[Shared Drives]
path = /netdrives/shared
read only = no
inherit acls = Yes
Worth a try?
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org
On Thu, 2013-06-20 at 17:44 -0400, Steve Thompson wrote:
On Thu, 20 Jun 2013, John Hodrien wrote:
Five minutes later: holy crap! That is it. I took a user in only one
group: permission denied. I set the NO_AUTH_DATA_REQUIRED flag in
userAccountControl (via ldbedit), and hey presto NFSv4
On Fri, 2013-06-21 at 06:23 +, philippe.simo...@swisscom.com wrote:
Hi Samba users
but getent group does not return group/user membership :
TEST3\g1:*:327:
any advices ?
It doesn't work for groups:(
use:
getent group TEST\g1
hth
Steve
--
To unsubscribe from this list go
On Fri, 2013-06-21 at 08:36 +, philippe.simo...@swisscom.com wrote:
Hi Steve
getent group TEST3\g1 give an empty result, and getent group TEST3\\g1
with the same result as getent group g1, without user/group membership.
in fact my problem goes further : shares access control (write
On Fri, 2013-06-21 at 10:12 +0100, Rowland Penny wrote:
Hi, well yet another reason to use sssd instead of winbind. When I
turned on winbind in /etc/nsswitch.conf on my test S4 server,
Also I would suggest forgetting using @group in smb.conf and use ACL's
instead.
Didn't see this, but
On Fri, 2013-06-21 at 15:39 +0200, Ali Bendriss wrote:
On Friday, June 21, 2013 10:12:26 AM Rowland Penny wrote:
Hi, well yet another reason to use sssd instead of winbind.
[...]
Hi,
An other option is to use samba AD in one server and the file server (smbd +
winbindd) in an other.
.
With 3.6.13 on FreeBSD 9.1 the return is nearly instantaneous.
Hi
Do you ever need to list _all_ the groups? If not then set:
winbind enum groups = No
and then query the groups singly:
getent group name.of.group
Also, you could cache them. I'm not sure but nscd may work with winbind.
hth
Steve
and nslcd.
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
cache them. I'm not sure but nscd may work with winbind.
hth
Steve
Yes, in fact the tool I'm writing NEEDS all groups from AD, so, that's not
going to work. And as the script doesn't know the groups ahead of time.
It's weird, I'll grab a winbind -i d 10 file when I get a minute
?
Thx!
samba-tool user add vladimir --uid-number=1234567
Now for your next question:
How do I choose the uid-number;)
hth
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Wed, 2013-06-26 at 08:09 -0700, smb l. ist wrote:
Well, winbind works fine for listing groups.
But not for you. Nor I;)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On 27/06/13 13:58, Vladimir A Fomkin wrote:
Hi!
samba-tool don't work with --uid-number option!
Hi
It only works with the development version.
Why not add the uidNumber to the user using ldbedit or ldbadd?
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions
On Thu, 2013-06-27 at 17:28 +0400, Vladimir A Fomkin wrote:
How add one parameter by ldbedit without interactive editor? (for
scripting)
ldbmodify
There are scripts here:
http://linuxcostablanca.blogspot.com.es/p/s4bind.html
hth
--
To unsubscribe from this list go to the following URL and
are served from the DC?
Cheers, Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Mon, 2013-07-01 at 17:04 +0100, Jonathan Buzzard wrote:
On Mon, 2013-07-01 at 09:59 -0400, Gaiseric Vandal wrote:
[SNIP]
A domain controller can be a file server, although in many cases a
domain controller will only provide authentication and logon
functions.It does need
On Mon, 2013-07-01 at 14:35 -0400, Gaiseric Vandal wrote:
I don't think it necessarily makes it a member a member server BUT if it
isn't a member server it is going to be pretty useless for serving profiles.
Ok, so if a samba 4 box can serve profiles, then it is called a member
server, whether
speakers. It would help enormously over here, if we all stuck to calling
a spade a spade.
Thanks for reading,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Mon, 2013-07-01 at 19:55 -0500, Ricky Nance wrote:
I feel like I am saying what has already been said, so if you could be
more specific about what kind of hierarchy you have, I could give you
a more specific answer. For the most part, if its serving files and in
a domain, but not
On Tue, 2013-07-02 at 11:02 +0200, Michael Wood wrote:
Hi Steve
On 2 July 2013 09:28, steve st...@steve-ss.com wrote:
On Mon, 2013-07-01 at 19:55 -0500, Ricky Nance wrote:
I feel like I am saying what has already been said, so if
you could
the new attributes to one
of the DC's. Disable the other DC while you do this. Take the id's from
whatever the xidNumber is on the DC you choose.
hth
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Thu, 2013-07-11 at 13:46 -0400, Robert Heller wrote:
At Thu, 11 Jul 2013 11:52:49 -0400 Steve Litt sl...@troubleshooters.com
wrote:
Hi all,
I ask this question about once a decade.
I have about 7 computers, all Linux or BSD. Are there any cool things I
can do with Samba
./configure for the git take
the same defaults as the release?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
working. Then, what you change
within it and what permissions you change to get the 'access denied'.
Which version have you installed?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
did has 2 DC's and a 4.0.7 file server. But I
think that if you build from source, it doesn't make much difference.
HTH
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
to the directory.
An easy way to do that is to use ldbedit:
ldbedit --url=/usr/local/samba/private/sam.ldb cn=testuser
Now getent will work.
hth
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Tue, 2013-07-16 at 18:48 -0400, Matthew Daubenspeck wrote:
On Tue, Jul 16, 2013 at 08:45:15PM +0200, Marc Muehlfeld wrote:
Did you clean up the tdb files on your member server? I could imagine, that
Samba mixes the old and new domain in it's idmap cache. If it's a new
installation and
started but I'm afraid that from here the
learning curve is steep. I know systems like GNOME and KDE have quite
simple right click share folder as samba. Maybe that's good enough
if you have just one folder?
HTH,
Steve
--
To unsubscribe from this list go to the following URL and read
root@srv2:~# getent passwd user3
Can you post smb.conf on SRV2?
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Mon, 2013-07-22 at 16:46 -0400, Matthew Daubenspeck wrote:
On Mon, Jul 22, 2013 at 10:27:36PM +0200, steve wrote:
Can you post smb.conf on SRV2?
Steve
Certainly:
[global]
workgroup = NWLTECH
security = ADS
realm = NWLTECH.ORG
encrypt passwords = yes
idmap
On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote:
On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote:
OK, that seems like it should work, I had the winbind ad backend
working, but found it difficult to setup so jumped ship to sssd
The idmap setup I used was:
On Tue, 2013-07-23 at 09:40 +0200, L.P.H. van Belle wrote:
Hai,
I'm having exactly the same problem with winbind as Matthew Daubenspeck.
also on ubuntu 12.04 with sernet packages. ( used sernet-samba-winbind 4.0.7 )
I remove the complete config atm but am at the point reinstalling now.
and start it again, redo the domain join and
try it.
Just thought about nscd too. On some distros it's default. . .
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
On Tue, 2013-07-23 at 14:53 +0100, Jonathan Buzzard wrote:
What gets me is people claiming that half a dozen lines of configuration
in smb.conf is more complicated than 30+ lines of configuration in an
entirely separate configuration file in addition to several lines in
smb.conf. It might
On Tue, 2013-07-23 at 15:04 +0100, Jonathan Buzzard wrote:
On Tue, 2013-07-23 at 14:39 +0100, Rowland Penny wrote:
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber:
On Tue, 2013-07-23 at 16:44 +0100, Jonathan Buzzard wrote:
On Tue, 2013-07-23 at 15:23 +0100, Rowland Penny wrote:
If you want my opinion and you probably don't, people need to stop
thinking NT server if they connect to a samba4 AD server and start
thinking AD server, they are
On Tue, 2013-07-23 at 23:21 +0100, Jonathan Buzzard wrote:
On 23/07/13 17:10, Rowland Penny wrote:
[SNIP]
But if the group identified by primaryGroupID 513 has gidNumber 20513
(which would be in my opinion best practice) without looking in the
source code of sssd you
On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote:
hijacked the winbind threat.. but..
Don't feel threatened. There _are_ alternatives.
I do like samba, but wiki/howtos are lots to improve.
To be fair, it's not just Samba. It's most open source stuff. There are
too many hobbyists
On Wed, 2013-07-24 at 01:26 -0700, Paul D. DeRocco wrote:
From: steve
On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote:
I do like samba, but wiki/howtos are lots to improve.
To be fair, it's not just Samba. It's most open source stuff.
There are
too many hobbyists
On Wed, 2013-07-24 at 11:59 +0100, Jonathan Buzzard wrote:
On Wed, 2013-07-24 at 00:49 +0200, steve wrote:
[SNIP]
For the record, sssd pulls all it's info from AD.
I never said otherwise.
A user does not need a gidNumber, it is drawn from the
primaryGroupID.For Linux clients
that you have set chmod g+s?
If so, I can reproduce what you see. The g+s is ignored when accessed on
a cifs mounted share and instead the primaryGroupID is used.
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman
On Thu, 2013-07-25 at 08:17 -0400, Ryan Bair wrote:
Thank you for confirming. I do have g+s on the directory. I'll file a
bug about this issue today.
No problem. If you go with the bugzilla, could you post the link here?
Thanks.
--
To unsubscribe from this list go to the following URL and
701 - 800 of 1661 matches
Mail list logo