similar to: Group mapping: different SIDs

Hello List, we have installed samba Version 3.0.20-0.1-SUSE. when I'm entering > net getlocalsid I get > SID for domain <netbios name> is: S-1-5-21-4166838278-3756557259-2095403906 entering > net getlocalsid <domain name> returns > SID for domain <domain name> is: S-1-5-21-2018781741-1218799122-1862565094 Does this mean that the pdc itself is not in the domain

Hello, I need some understanding about when being as user in a domain group and log on to a windows machine as user that belongs to this group having administrative rights. I will explain in more detail and give some more information: # net getlocalsid > SID for domain FILESERVER is: S-1-5-21-4166838278-3543217259-2095403906 # net getlocalsid <domain> > SID for domain <domain>

Hi, I am in the process of migrating our windows workstations to a samba domain. Here is the problem: When creating the domain user I put every user additionalyy in the domain admin group so that he/she can copy his old files on the local profile to his new domain account. Then after this is done I put them to the domain users group but some (!) of the user the lose then access to the

I've been testing DFS roots and I'm finding that while Vista and 2008 Server clients can connect with no problems, Windows XP Pro and 2003 Server clients fail. This seems like it's the wrong way round - Samba usually has more difficulties with recent Windows versions than older ones - but I can only assume that there's some registry/policy change between the versions. If anybody

I seem to be having a bit of a brain fade with regard to permissions in samba. I have a share with several folders owned by different groups: drwxrws--- 13 root accounts 4.0K Jun 7 12:12 Accounts drwxrws--- 16 ian accounts 4.0K Jun 7 11:24 Administration drwxrws--- 14 accounts users 4.0K Apr 22 12:05 Downloads drwxrwsr-x 7 ian users 4.0K Mar 22 13:51

I groupapped the domadmins group in linux to ntgroup="Domain Admins" but instead of mapping to the SID number ending in 512 it's creating a new SID number endind in 2025 mapped to domadmins... Does anybody knows why??? It worked in the previous server. This is the command I execute net groupmap add ntgroup="Domain Admins" unixgroup=domadmin If I use the rid=512 option I

Hello guys! I'm using samba 3.2.4 (binaries from samba.org) on SLES9+sp3. I am building a PDC with LDAP support (i am attaching my config files), I'm also using ldapsam:trusted and ldapsam:editposix. Although I am setting the account lock after 3 failed tries in usrmgr, and verified that the parameters are actually set in the LDAP, no locking occurs. I started thinking that it was my

This might be more inclusive if I said, Linux Permissions vs POSIX ACLs vs vfs_xattr. I have recently begun to discover the power and flexibility of using POSIX ACLs (by mounting my EXT3/4 filesystems with the acl option). This solved alot of security permissions issues between Samba and Linux groups of users. As I have delved into this deeper and begun using the VFS object, vfs_xattr, things

Hey all, I have a functioning Samba server in my test lab. All of my must-haves are met. My problem really boils down to a minor nuisance. Basically, when I log the test users in and open My Documents I only see one folder: My Music. Not that I really care but curiosity is killing me here and I can't figure out why the My Pictures folder is not present also. On top of that users love

Dear list members, I am unable to logon to the domain. I have created the tdbsam using the "smbpasswd -a root" command. I also added User Administrator as unix and samba account. I also mapped groups "Domain Admins", "Domain users" and "Domain Guests" to unix groups domadmins, domusers and domguests using the "net groupmap modify" command. But is

hello i try to migrate nt4 to samba. the passwd-backend is ldap. the migration itself works fine but after that, i cannot logon from the windows xp clients to the domain. -> i have to rejoin the client to the domain then it works is this a bug or feature? the sambaNTPassword change then in ldap data base here is part of my smb.conf ------------------- snip ----------------- workgroup

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I cannot find anything in the documentation or mailing list that addresses this oddity. I've installed Samba Version 3.4.7 on Ubuntu Server 10.04, and I'm utterly confused by samba's behavior regarding permissions. Users on the server have home directories in /home/chemgroup/username. (chemgroup is actually a symlink to another

Hi. I subscripted just now to the mailing list, but I've been using a Samba file server (PDC) on Debian for about 2.5 years now. Users are almost all WinXP SP3. No users are complaining but since I changed everything to one share with group permission on underlying directories I see a lot of errors in log.smbd. Anyone knows what the log message exactly means? I guess it has something to

Cups 1.2.7 Debian Etch with Samba 3.0.24 Clients: WinXP SP3 (with Firewall completely off for testing) When I define a printer specifically in smb.conf, they show up as shared printers in WinXP. But when I follow the normal way (see below) to load all from cups they don't. I followed mainly the latest SAMBA-HOWTO (chapter 21-22) The only error I see in log.smbd when accessing the

Hello all, at this point i'm at the end of my ideas, so i ask here, at what point i ran in this problem. Hopefully some give advices to the proper direction. The plan: An old debian woody machine with samba 3.0.10-1 should migrated to an new hardware with debian etch and samba 3.0.23c-2. My simple idea was to copy all configuration files and also the passdb.tdb, secrets.tdb and

Hey all, I'm coloring outside the lines a little bit here but I would like to automate the install of a samba pdc. Within that script to install I would like to assign rights to a group. Here is an example of a few steps: # Create Unix group: groupadd domadmins # Map unix group to samba groups: net groupmap add ntgroup="Domain Admins" unixgroup=domadmins rid=512 type=d # Assign

Hi, I think at first you have to do a net groupmap add all the well known Groups. System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Users (S-1-5-21-3732367786-856876144-3282938955-513) -> -1 Domain Admins (S-1-5-21-3732367786-856876144-3282938955-512) -> -1 Power Users (S-1-5-32-547) -> -1 Domain Guests

I am trying to get two Samba PDC/Domains setup with a trust between them. They are separate domains because they are separate companies (one is a subsidiary of the other) located in different cites. I am using Centos 5.1 x86_64 and Samba 3.0.28a packages built by me from Fedora 8 source RPMs. Based on what I have read, in order to do the trust thing I need to use Winbind/idmap to handle the non

Hi, does the output of the two commands really mean that the server FILESERVER is not in the domain?: # net getlocalsid SID for domain FILESERVER is: S-1-5-21-4161338278-3756552359-245403906 # net getlocalsid <domainname> SID for domain <domainname> is: S-1-5-21-2018781741-1218349122-1862352094 Is there another method to check if a server is in a domain? Can I use 'net rpc

Follow up to original post. If I created local groups and users in /etc/passwd & /etc/groups I get farther along. For instance, if I have a Samba PDC with LDAP basically like I listed in my post. If I browse from a w2k pro box to the samba server without the workstation having joined the domain, I can authenticate to the samba server with a user who is not in /etc/passwd but is in LDAP. So