similar to: Samba 4 ldb_wrap open of idmap.ldb

Hi everyone I'm trying to use kerberos to authenticate to Samba 4 ldap. At the moment, I authenticate by specifying the binddn and password in /etc/nslcd.conf and all works fine If I add the line: sasl_mech GSSAPI to /etc/nslcd.conf and restart nslcd, no one can connect to the database. Nothing works. ldapsearch and getent passwd draw a blank. ldapsearch -x -b '' -sbase

Hi Again - following on from my last request for help, I'm now attempting to setup LDAP auth against my working samba4 AD. Simplistically, I'm trying initially to SSH into my AD server (working) using nslcd. I've tried method #1 from https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns lcd My simple config is: uid nslcd gid nslcd uri

Hi 4.0.8 file server in a 4.0.8 domain After a user logs in on a Linux client which is joined to the domain, smbd is constantly looking for files which don't exist: Here is the file server log after a user login to a Linux client has settled down: [2013/08/24 18:43:24.748511, 3] ../source3/smbd/vfs.c:1140(check_reduced_name) check_reduced_name [steve2/.icons/gnome] [/home/users]

Hi everyone Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 Conventional nfs4 export works fine, but I'm having trouble kerberizing it for Samba 4 for my Samba 4 users. I've setup the nfs4 pseudo stuff like this: hh3:/ # mkdir /export hh3:/ # mkdir /export/home hh3:/ # mount --bind /home /export/home Here is /etc/exports: /export

Hi everyone samba --version Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 If I do this: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount - replace: primarygroupid primarygroupid: 1134 I get an error something like: ERR: (Unwilling to perform) error 53 If however I do the

Hi After starting Samba 4, before anyone can do anything, Administrator has to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0 with an expiry time. I've created a host principal and put it into the keytab: samba-tool spn add host someuser samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE How can I keep Samba 4 up without having to get a new

Hi everyone After almost 2 days up-time with Samba 4, it failed again. This time it simply will not restart. The krb5.conf had got corrupted. I replaced it with this one from /usr/local/samba/private /etc/krb5.conf [libdefaults] default_realm = HH3.SITE dns_lookup_realm = false dns_lookup_kdc = true It starts up OK: samba -i -d 3 lpcfg_load: refreshing parameters from

Hi guys, Can anyone comment on my setup steps? I follow instructions from many Howto's website,the below steps worked well until yesterday. It suddenly refused WindowsXp machine to join domain by giving the error "The following error occurs....Access denied" CENTOS 5.1 + fedora-ds-dsgw-1.1.1-1.fc6 + samba-client-3.0.25b-0.el5.4 fedora-idm-console-1.1.1-1.fc6

Hi everyone I'm using nslcd to connect to Samba 4 LDAP. If I specify the binddn and bindpw in /etc/nslcd.conf no problem getent passwd works and everything is mapped just fine. But when I try try to do a kerberized bind to Samba 4 LDAP, I get this: ldb_wrap open of secrets.ldb Kerberos: TGS-REQ host-account at HH3.SITE from ipv4:192.168.1.3:33002 for ldap/hh3.site at HH3.SITE

I am stuck with Samba -Active Directory communication. Trying to bring my SUSE 10.0 to speak with AD Domain. net rpc testjoin - brings a unable to find suitable server message net join - kerberos_kinit_password preauthentication failed and ads_connect preauthentication failed wbinfo -u works fine wbinfo -t works fine getent passwd/group works too smb is running nmb is running winbindd is

I can't get my domain users presented to my local machine with getent passwd and the wiki https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd doesn't give me any steps troubleshoot this issue. My best guess it that I configured the user account incorrectly or I configured nslcd incorrectly. I can't exactly see what is the problem. I get these messages from

Hi After upgrading to Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer looks in the keytab for my nfs server entry: mount -t nfs4 foo bar --o sec=krb5 Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213 for krbtgt/HH3.SITE at HH3.SITE Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb The nfs entry is in the keytab: klist -ke

Hi there, I have a multi DC global setup. 9 x Ubuntu 14.04.3 DC's in multiple Sites. This has been working nicely for some time however recently the FSMO holder has been refusing LDAP requests on occasions and showing constant very high CPU usage: top - 08:59:12 up 8:51, 1 user, load average: 1.03, 1.00, 1.03 Tasks: 186 total, 4 running, 182 sleeping, 0 stopped, 0 zombie %Cpu0 :

Hello, I want my domain users to be able to connect to our linux servers using their AD username through LDAP. I am using nslcd and pam_ldap to do so, but I am having some hard time trying to figure out why the GID is not working properly. # getent passwd Guilherme Guilherme:*:10000:*513*:Guilherme:/home/Guilherme:/bin/bash # getent group|grep 513 # id Guilherme uid=10000(Guilherme) gid=513

Hey, By "through LDAP" I meant that our linux servers would look for the users using pam_ldap. Anyway, I was able to "fix" this by mapping gidNumber to gidNumber instead of primaryGroupID on nslcd.conf. $ id uid=10000(Guilherme) gid=10001(it) grupos=10001(it) On Fri, Aug 21, 2015 at 4:28 PM, Rowland Penny <rowlandpenny241155 at gmail.com > wrote: > On 21/08/15

Hi everyone openSUSE 12.1 samba Version 4.0.0alpha18-GIT-30d4484 Following the wiki instructions for Samba 4, I added include "/usr/local/samba/private/named.conf"; to /etc/named.conf (the last line) The logs give: 3 23:52:50 hh3 named[5743]: Loading 'AD DNS Zone' using driver dlopen 3 23:52:50 hh3 named[5743]: dlz_dlopen failed to open library

samba -b Samba version: 4.0.0alpha18-GIT-5c53926 Build environment: Build host: Linux hh3 3.1.0-1.2-desktop #1 SMP PREEMPT Thu Nov 3 14:45:45 UTC 2011 (187dde0) i686 i686 i386 GNU/Linux openSUSE 12.1 i586 Hi everyone. After. ./source4/setup/provision --realm=hh3.site --domain=HH1 --adminpass=SOMEPASSWORD --server-role='domain controller' The wiki howto is for DNS seems to be

Version 4.0.0alpha18-GIT-957ec28 After starting samba -i -d3, wbinfo -i someuser gives this: ldb_wrap open of secrets.ldb using SPNEGO Selected protocol [8][NT LANMAN 1.0] Cannot reach a KDC we require to contact cifs/hh3.site at SITE : kinit for HH3$@SITE failed (Cannot contact any KDC for requested realm) SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS ldb_wrap open of

Hi Same checkout, same provision, same machine. openSUSE samba --version Version 4.0.0alpha18-GIT-c3a7573 hh3:/home/steve # ldapsearch -H ldap://192.168.1.3 cn=steve2 -b "dc=hh3,dc=site" -Y GSSAPI SASL/GSSAPI authentication started <snip> and all is OK. Ubuntu samba --version Version 4.0.0alpha18-GIT-c3a7573 root at hh3:/tmp# ldapsearch -H ldap://192.168.1.3 cn=steve2 -b

Hello list- As a FreeBSD shop we've used Samba 3.x quite well for a couple years. With version 3.6 due to expire in due time, we've been experimenting with version 4.1 using winbindd with very limited success. We find that if we use the TDB backend instead of either RID or AD, we are able to enumerate our AD users via getent. I cannot enumerate AD users via either the AD or the RID