similar to: Samba4 AD delegation to read userPassword attribute

Dear Samba users and developers, we had the idea of storing S/MIME certificates in the Samba 4 LDAP. In the Windows Active Directory Users and Computers tool I can use the "Published Certificates" tab to add a certificate to a user account. As Mozilla Thunderbird requests the "userCertificate;binary" attribute of a user when sending encrypted mail, the LDAP response is empty.

On 30.10.2015 22:13, Jeremy Allison wrote: > On Fri, Oct 30, 2015 at 11:27:55AM +0100, Stefan Pietsch wrote: >> Dear Samba users and developers, >> >> we had the idea of storing S/MIME certificates in the Samba 4 LDAP. >> In the Windows Active Directory Users and Computers tool I can use the >> "Published Certificates" tab to add a certificate to a user

Samba team, I'm having some problems to have a client Windows XP, I believe all systems could have the same issue, using Ldap authentication with Samba. This is a native OpenFiler configuration with a local LDAP server for Samba shares. The problem is that sharing is never authenticated where my suspicious is about sambaSID. Basically I create a test user called "rlvcosta". This

On 05.11.2015 09:18, Andrew Bartlett wrote: > On Tue, 2015-11-03 at 10:21 +0100, Stefan Pietsch wrote: >> On 30.10.2015 22:13, Jeremy Allison wrote: >>> On Fri, Oct 30, 2015 at 11:27:55AM +0100, Stefan Pietsch wrote: >>>> Dear Samba users and developers, >>>> >>>> we had the idea of storing S/MIME certificates in the Samba 4 >>>>

On Tue, 2015-11-03 at 10:21 +0100, Stefan Pietsch wrote: > On 30.10.2015 22:13, Jeremy Allison wrote: > > On Fri, Oct 30, 2015 at 11:27:55AM +0100, Stefan Pietsch wrote: > > > Dear Samba users and developers, > > > > > > we had the idea of storing S/MIME certificates in the Samba 4 > > > LDAP. > > > In the Windows Active Directory Users and

Hi Rowland, Sorry to inform that none of thus packages solve my problem. But today, with some Tranquil.it helps, I have some news: - Upgrade from 4.11.14 -> 4.12.9 is OK - Upgrade from 4.12.9 -> 4.13.2 : problem is present with Tranquil.it AND Louis package - Fresh install + member join with 4.13.2 is OK (Centos AND Buster packages) Problem only occur when upgrading member to 4.13.2 with

Mandi! Andrew Bartlett via samba In chel di` si favelave... > > This mean that the printer try to auth in LDAP 'plain' (no SSL, no > > TLS), and so samba refuse that? > No, it means that Samba is refusing to accept a NTLM or Kerberos > authenticated connection without SIGN or SEAL negotiated, as an > attacker could take over an unprotected network connection and do

Mandi! Andrew Bartlett via samba In chel di` si favelave... Ok, i coma back to an old thread, because vendor finally reply. Little fast-rewind: i own some Konica-Minolta BizHub multifunction printers/copiers, and i need to ''bind'' it to my new AD domain. But authentication does not work, seems bacause that printer try to use SASL over plain LDAP (no SSL nor TLS). After

Hi, If I understand the MS documentation right a Windows desktop uses DNS (or WINS) to determine a DC and then connects to the ldap udp port 389 to get further details about the DC. I do not want to run a full DC but only a "simple" Heimdal or MIT kdc for Browser Negotiate authentication. Does Samba include such a standalone ldap service which just returns the only supported

Hi, we want to access our Amazon/AWS Console using users from our internal samba4 directory service. So we tried to connect to our samba4 via the AWS AD Connector.  Connection (bind) is ok, but no users/groups are found.  Via tcpdump/wireshark we found this query/answer pair: Query from AD Connector LDAPMessage searchRequest(5) “dc=companyname,dc=com" wholeSubtree Filter:

Hello, I have a customer that complains that Samba (as DC member) uses UDP during? AD authentication when clients mount a share. I have run a test and traced network packet and it seems UDP is used by the CLDAP (Samba server is 10.50.50.35, AD is 10.50.50.85) Frame 1: 133 bytes on wire (1064 bits), 133 bytes captured (1064 bits) on interface vmxnet3s0, id 0 Ethernet II, Src:

Mandi! Andrew Bartlett via samba In chel di` si favelave... > > There's some way to ''tight'' that configuration , eg permit 'ldap server require strong auth = > > no' only by some hosts? > > Or some other smb.conf options that i've missed? > Nothing at this stage. Ok. > The issue is that they need to do fully signed or sealed Kerberos

I am experiencing an odd problem while attempting to mount and access a directory with smbfs. smbclient does not exhibit the same behavior. I have created a directory /mnt/smb-test and am attempting to mount a volume from a NetApp Filer running OnTap 7 with NTFS security mode. An Active Directory DC handles security for the share. The Linux machine shows as registered in AD and I can use

Hi I'm experiencing some odd behaviour when trying to change passwords. I have Samba 4.1.6-Ubuntu configured as an AD-DC on Ubuntu 14.04LTS. When I change a password (either from a Win10 Pro client, or using smbpasswd on the machine itself) it all reports that things have worked. I can then login to Samba using the new password. However, when I now try to login to Linux using the new

On 16/02/16 08:38, Rowland penny wrote: > You are not going to like this, but I am going to say it anyway: > > *Remove* any users that are in AD from /etc/passwd (the same goes for > groups) > > All your users & groups should now only exist in AD, you do not need > or can have, users & groups in AD *and* /etc/passwd & /etc/group. > > Your users will only have

Hi List, I have an appliance ("the client") which mounts a CIFS share from a Samba server - the Samba server usually runs on an Ubuntu system. Within the client, the root user executes a mount command like this: mount.cifs \\UBUNTUSERVER\archive /tmp/Default \ -o noserverino,user='someuser',pass='somepassword',uid='50',gid='7' That uid/gid pair

> > I can't recall but are you able to get a packet trace? This may > help further troubleshoot. I'll look into this. However, Rowland stated that bind9 will be the only solution. > > Just to recap you do you both servers listed as available DNS servers > on your workstations? As well as your member server? Yes, of course. For member servers, this is the

On Thu, 2018-05-10 at 15:48 +0200, Marco Gaiarin via samba wrote: > Mandi! Andrew Bartlett via samba > In chel di` si favelave... > > Ok, i coma back to an old thread, because vendor finally reply. Thanks! > > Little fast-rewind: i own some Konica-Minolta BizHub multifunction > printers/copiers, and i need to ''bind'' it to my new AD domain. > >

to my knowlidge, konica = xerox. and this works fine imo but im not able to look this up now. i did have xerox connected to my ldapS addc’s. i can check this monday. Greetz, Louis > Op 11 mei 2018 om 04:09 heeft Andrew Bartlett via samba <samba at lists.samba.org> het volgende geschreven: > >> On Thu, 2018-05-10 at 15:48 +0200, Marco Gaiarin via samba wrote: >> Mandi!

Dovecot version dovecot-1.0.rc14-7 (opensuse) Postfix is using Dovecot LDA. I'm getting this error message, and I guess it's going to be a problem on my next task, which is to set up sieve scripts. Is there something wrong/contraditory on my config or I forgot something? I want: /var/dovecot-tests/: where user's inbox resides /var/dovecot-tests/home/: home dir (users will not be