Displaying 20 results from an estimated 2000 matches similar to: "Samba 4 ldb_wrap open of idmap.ldb"
2012 Jan 17
1
Samba 4 and GSSAPI kerberos ldap connect
Hi everyone
I'm trying to use kerberos to authenticate to Samba 4 ldap. At the
moment, I authenticate by specifying the binddn and password in
/etc/nslcd.conf and all works fine
If I add the line:
sasl_mech GSSAPI
to /etc/nslcd.conf
and restart nslcd, no one can connect to the database. Nothing works.
ldapsearch and getent passwd draw a blank.
ldapsearch -x -b '' -sbase
2014 Nov 19
1
Cannot bind to AD using nslcd
Hi Again - following on from my last request for help, I'm now attempting to
setup LDAP auth against my working samba4 AD.
Simplistically, I'm trying initially to SSH into my AD server (working)
using nslcd.
I've tried method #1 from
https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns
lcd
My simple config is:
uid nslcd
gid nslcd
uri
2013 Aug 24
1
smbd looking for non existent files
Hi
4.0.8 file server in a 4.0.8 domain
After a user logs in on a Linux client which is joined to the domain,
smbd is constantly looking for files which don't exist:
Here is the file server log after a user login to a Linux client has
settled down:
[2013/08/24 18:43:24.748511,
3] ../source3/smbd/vfs.c:1140(check_reduced_name)
check_reduced_name [steve2/.icons/gnome] [/home/users]
2012 Jan 28
2
nfs4 with Samba 4
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
Conventional nfs4 export works fine, but I'm having trouble kerberizing
it for Samba 4 for my Samba 4 users.
I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home
Here is /etc/exports:
/export
2012 Feb 14
1
Samba4 ldbmodify Unwilling to perform error 53
Hi everyone
samba --version
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
If I do this:
ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site
dn: CN=steve6,CN=Users,DC=hh3,DC=site
changetype: modify
add: objectclass
objectclass: posixaccount
-
replace: primarygroupid
primarygroupid: 1134
I get an error something like: ERR: (Unwilling to perform) error 53
If however I do the
2012 Jan 11
6
Samba 4 kerberos and kinit
Hi
After starting Samba 4, before anyone can do anything, Administrator has
to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0
with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new
2011 Dec 22
1
Samba 4 Kerberos: Failed to decrypt PA-DATA
Hi everyone
After almost 2 days up-time with Samba 4, it failed again. This time it
simply will not restart.
The krb5.conf had got corrupted. I replaced it with this one from
/usr/local/samba/private
/etc/krb5.conf
[libdefaults]
default_realm = HH3.SITE
dns_lookup_realm = false
dns_lookup_kdc = true
It starts up OK:
samba -i -d 3
lpcfg_load: refreshing parameters from
2009 Mar 04
0
Can anyone comment on my setup?
Hi guys,
Can anyone comment on my setup steps?
I follow instructions from many Howto's website,the below steps worked
well until yesterday.
It suddenly refused WindowsXp machine to join domain by giving the error
"The following error occurs....Access denied"
CENTOS 5.1 + fedora-ds-dsgw-1.1.1-1.fc6 + samba-client-3.0.25b-0.el5.4
fedora-idm-console-1.1.1-1.fc6
2012 Jan 19
0
Samba 4 GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed
Hi everyone
I'm using nslcd to connect to Samba 4 LDAP. If I specify the binddn and
bindpw in /etc/nslcd.conf no problem getent passwd works and everything
is mapped just fine.
But when I try try to do a kerberized bind to Samba 4 LDAP, I get this:
ldb_wrap open of secrets.ldb
Kerberos: TGS-REQ host-account at HH3.SITE from ipv4:192.168.1.3:33002 for
ldap/hh3.site at HH3.SITE
2006 Nov 06
1
Samba with AD
I am stuck with Samba -Active Directory communication. Trying to bring my SUSE 10.0 to speak with AD Domain.
net rpc testjoin - brings a unable to find suitable server message
net join - kerberos_kinit_password preauthentication failed and ads_connect preauthentication failed
wbinfo -u works fine
wbinfo -t works fine
getent passwd/group works too
smb is running
nmb is running
winbindd is
2014 Oct 05
1
What is wrong with my nslcd configuration?
I can't get my domain users presented to my local machine with getent
passwd and the wiki
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
doesn't give me any steps troubleshoot this issue. My best guess it that
I configured the user account incorrectly or I configured nslcd
incorrectly. I can't exactly see what is the problem.
I get these messages from
2012 Feb 10
1
latest Samba 4 does not look in keytab
Hi
After upgrading to
Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer
looks in the keytab for my nfs server entry:
mount -t nfs4 foo bar --o sec=krb5
Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213
for krbtgt/HH3.SITE at HH3.SITE
Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb
The nfs entry is in the keytab:
klist -ke
2016 Jan 06
1
Samba 4.3.x high CPU load
Hi there,
I have a multi DC global setup. 9 x Ubuntu 14.04.3 DC's in multiple Sites.
This has been working nicely for some time however recently the FSMO holder
has been refusing LDAP requests on occasions and showing constant very high
CPU usage:
top - 08:59:12 up 8:51, 1 user, load average: 1.03, 1.00, 1.03
Tasks: 186 total, 4 running, 182 sleeping, 0 stopped, 0 zombie
%Cpu0 :
2015 Aug 21
2
LDAP + Samba4(AD) + SSH
Hello,
I want my domain users to be able to connect to our linux servers using
their AD username through LDAP.
I am using nslcd and pam_ldap to do so, but I am having some hard time
trying to figure out why the GID is not working properly.
# getent passwd Guilherme
Guilherme:*:10000:*513*:Guilherme:/home/Guilherme:/bin/bash
# getent group|grep 513
# id Guilherme
uid=10000(Guilherme) gid=513
2015 Aug 24
2
LDAP + Samba4(AD) + SSH
Hey,
By "through LDAP" I meant that our linux servers would look for the users
using pam_ldap.
Anyway, I was able to "fix" this by mapping gidNumber to gidNumber instead
of primaryGroupID on nslcd.conf.
$ id
uid=10000(Guilherme) gid=10001(it) grupos=10001(it)
On Fri, Aug 21, 2015 at 4:28 PM, Rowland Penny <rowlandpenny241155 at gmail.com
> wrote:
> On 21/08/15
2011 Dec 03
1
samba 4 named. dlz_bind9.so not found
Hi everyone
openSUSE 12.1
samba Version 4.0.0alpha18-GIT-30d4484
Following the wiki instructions for Samba 4, I added
include "/usr/local/samba/private/named.conf";
to /etc/named.conf (the last line)
The logs give:
3 23:52:50 hh3 named[5743]: Loading 'AD DNS Zone' using driver dlopen
3 23:52:50 hh3 named[5743]: dlz_dlopen failed to open library
2011 Nov 29
2
Samba 4 success on openSUSE 12.1
samba -b
Samba version: 4.0.0alpha18-GIT-5c53926
Build environment:
Build host: Linux hh3 3.1.0-1.2-desktop #1 SMP PREEMPT Thu Nov 3
14:45:45 UTC 2011 (187dde0) i686 i686 i386 GNU/Linux
openSUSE 12.1 i586
Hi everyone.
After.
./source4/setup/provision --realm=hh3.site --domain=HH1
--adminpass=SOMEPASSWORD --server-role='domain controller'
The wiki howto is for DNS seems to be
2012 Jan 20
1
Samba 4 Cannot contact any KDC for requested realm
Version 4.0.0alpha18-GIT-957ec28
After starting samba -i -d3,
wbinfo -i someuser
gives this:
ldb_wrap open of secrets.ldb
using SPNEGO
Selected protocol [8][NT LANMAN 1.0]
Cannot reach a KDC we require to contact cifs/hh3.site at SITE : kinit for
HH3$@SITE failed (Cannot contact any KDC for requested realm)
SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS
ldb_wrap open of
2012 Jan 23
1
Samba 4 GSSAPI problem
Hi
Same checkout, same provision, same machine.
openSUSE
samba --version
Version 4.0.0alpha18-GIT-c3a7573
hh3:/home/steve # ldapsearch -H ldap://192.168.1.3 cn=steve2 -b
"dc=hh3,dc=site" -Y GSSAPI
SASL/GSSAPI authentication started
<snip>
and all is OK.
Ubuntu
samba --version
Version 4.0.0alpha18-GIT-c3a7573
root at hh3:/tmp# ldapsearch -H ldap://192.168.1.3 cn=steve2 -b
2014 Oct 14
2
nslcd samba 4.1 and FreeBSD 10
Hello list-
As a FreeBSD shop we've used Samba 3.x quite well for a couple years. With version 3.6 due to expire in due time, we've been experimenting with version 4.1 using winbindd with very limited success. We find that if we use the TDB backend instead of either RID or AD, we are able to enumerate our AD users via getent. I cannot enumerate AD users via either the AD or the RID