Displaying 16 results from an estimated 16 matches for "acasta".
2014 Nov 19
1
Cannot bind to AD using nslcd
...4 AD.
Simplistically, I'm trying initially to SSH into my AD server (working)
using nslcd.
I've tried method #1 from
https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns
lcd
My simple config is:
uid nslcd
gid nslcd
uri ldap://127.0.0.1:389
base cn=Users,dc=acasta,dc=intra
binddn cn=nslcd-connect,cn=Users, dc=acasta,dc=intra
bindpw xxxxx
filter passwd (objectClass=user)
filter group (objectClass=group)
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos...
2014 Nov 14
2
Samba4 UNIX password sync
...ember_Server"
doesn't work on my Debian Wheezy box - I don't see libnss_winbind.so on
my system. And 'apt-get install winbind' says I'm already on the
latest version...
Anyone any pointers on the best approach?
smb.conf:
# Global parameters
[global]
workgroup = ACASTA
realm = ACASTA.INTRA
netbios name = KEPLER
server role = active directory domain controller
dns forwarder = 192.168.100.1
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /var/lib/samba/sysvol/acasta.intra/scripts
read only = No
[sysvol]...
2018 Nov 26
5
Adding a new DC - ID Mappings
Hi Rowland - thank you for replying. I have now demoted and removed the temporary DC with the intention of repeating the exercise from scratch later this week. It was a Ubuntu Server 18.04.1 and the smb.conf was very vanilla:
[global]
workgroup = ACASTA
realm = ACASTA.INTRA
netbios name = UBUNTU
server role = active directory domain controller
dns forwarder - 192.168.200.3
idmap_ldb:use rfc2307 = yes
The join worked successfully. DNS checked out. Kerberos checked out. I could see everything in my RSAT tools. Everything appeared to be working, ex...
2018 Dec 02
1
Domain Admins default ownership is BUILTIN\Administrators
...drwxr-xr-x 7 JohnDoe Domain Users 4.0K Aug 24 20:47 ./
drwxr-xr-x 11 root root 4.0K Dec 1 16:50 ../
-rw-r--r-- 1 JohnDoe Domain Users 439K Aug 14 2013 Book.xlsx
-rw-r--r-- 1 JohnDoe Domain Users 30K Mar 4 2012 planner.xls
-rwxr-xr-x+ 1 3000000 Domain Users 4.2M Feb 10 2017 acasta.ics*
Any ideas how to fix this?
--
Rob Mason
07770 578764
From: Rob Mason
Sent: 30 November 2018 18:28
To: 'samba at lists.samba.org' <samba at lists.samba.org>
Subject: Domain Admins default ownership is BUILTIN\Administrators
I've now spun up a second DC ready for a migratio...
2019 Jan 03
1
idmap problems
> On Wed, 2 Jan 2019 14:42:39 +0000
> Rob Mason <rob at acasta.co.uk<mailto:rob at acasta.co.uk>>> wrote:
>
>> Many thanks Rowland. Yes, I don't understand idmaps, but I _think_
>> I'm getting it. I have added the gid of 60002 for Domain Admins and
>> undertaken some 'chgrp' tasks. I've now got a domain...
2018 Nov 26
2
Adding a new DC - ID Mappings
...create the passwd/group entries on my new DC in order to gain the old uid/gid values? I’ve copied the idmap.ldb as suggested in the text, and whilst wbinfo returns the domain users, getent doesn’t show the domain accounts, only the local passwd entries.
Have I missed something obvious??
thanks
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
Registered in England 6619191. 42 Pitt Street, Barnsley, S70 1BB. VAT Registered 934 6797 75.
2015 Dec 04
1
setproctitle Errors
...ddir=/var/run/samba
--with-pammodulesdir=/lib/x86_64-linux-gnu/security
--libdir=/usr/lib/x86_64-linux-gnu
--with-modulesdir=/usr/lib/x86_64-linux-gnu/samba --datadir=/usr/share
--with-lockdir=/var/run/samba --with-statedir=/var/lib/samba
--with-cachedir=/var/cache/samba
Thanks
--
Rob Mason
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
The original of this email was scanned by the Acasta SMTP mail relay for known viruses at 17:38 on 04/12/2015 and was found to be virus free - ClamAV 0.98.7/21134/Fri Dec 4 13:36:45 2015.
Acasta Ltd. Registered in Engla...
2018 Nov 30
0
Adding a new DC - ID Mappings
...Subject: RE: [Samba] Adding a new DC - ID Mappings
Hi Rowland - thank you for replying. I have now demoted and removed the temporary DC with the intention of repeating the exercise from scratch later this week. It was a Ubuntu Server 18.04.1 and the smb.conf was very vanilla:
[global]
workgroup = ACASTA
realm = ACASTA.INTRA
netbios name = UBUNTU
server role = active directory domain controller dns forwarder - 192.168.200.3 idmap_ldb:use rfc2307 = yes
The join worked successfully. DNS checked out. Kerberos checked out. I could see everything in my RSAT tools. Everything appeared to be working, ex...
2018 Nov 30
0
Domain Admins default ownership is BUILTIN\Administrators
...workgroup = SAMDOM
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
[netlogon]
path = /var/lib/samba/sysvol/acasta.intra/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[data]
path = /data
read only = No
--
Rob Mason
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
Registered in England 6619191. 42 Pitt...
2011 Mar 13
2
XP not obeying Samba file perms
Hi List,
I have an unusual problem concerning the Windows XP "Rotate" image
explorer shell extension. I have a share called "Archives" defined with
a number of sub-directories. Whilst I have read/write permission to all
directories, I am unable to use the Windows XP "Rotate Clockwise" or
"Rotate Counter Clockwise" image command on JPG's contained
2019 Jan 02
1
idmap problems
...anges for users & groups.
If you do give a user a 'uidNumber' attribute, or a group a 'gidNumber'
attribute, these will be used on a DC instead of the 'xidNumber'
attributes, though you will probably need to run 'net cache flush'
Rowland
--
Rob Mason
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
Registered in England 6619191. 42 Pitt Street, Barnsley, S70 1BB. VAT Registered 934 6797 75.
2018 Nov 30
0
Adding a new DC - ID Mappings
...on? Therefore, I must replicate
> my old DC sysvol to the new DC before transferring FMSO roles and
> demoting the old DC??
You still need to manually sync Sysvol between DCs and you should
also sync idmap.ldb from the DC holding the 'PdcEmulation' FSMO role to
all other DCs
Rowland
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
Registered in England 6619191. 42 Pitt Street, Barnsley, S70 1BB. VAT Registered 934 6797 75.
2019 Jan 04
1
idmap problems
<snip>
> > > I do hope you are not thinking of using GPO's, you have just stopped
> >
> > > Domain Admins from owning things in Sysvol.
> >
> > >
> >
> > > Rowland
> >
> > <facepalm/> Thanks Rowland - you must be getting pretty tired of my
> > dumb questions...
>
> The only dumb question is the one
2018 Dec 06
3
Samba4 Kerberos Authentication Error
On 12/6/2018 3:40 AM, Rowland Penny via samba wrote:
> On Wed, 5 Dec 2018 17:36:43 -0500
> Marco Shmerykowsky PE via samba <samba at lists.samba.org> wrote:
>
>>
>> On 12/5/2018 3:10 PM, Rowland Penny via samba wrote:
>>>>
>>>> That sucks. I'm assuming Centos has the same problems?
>>>
>>> No, Centos has an even bigger
2019 Jan 02
1
idmap problems
...n users:x:60001:
I don't see Domain Admins or other groups and builtin users on the member server. This means I cannot grant Domain admins ownership of directories when I create shares. Does this mean I will have to manually re-map the uid/gid attributes in the AD DC???
Thanks
--
Rob Mason
Acasta Ltd - A Crown Commercial Service Supplier. CyberEssentials Certified QGCE013.
Registered in England 6619191. 42 Pitt Street, Barnsley, S70 1BB. VAT Registered 934 6797 75.
2019 Jan 08
5
idmap problems
<snip>
Hi Rowland - I've spent the past few days going over the wiki and mailing lists. I think I've got the hang of idmaps. May I clarify a couple of things:
~ I have two DC's and one large fileserver (member). I'm using the 'ad' backend.
~ The only only windows group that needs a gidNumber attribute is Domain Users to map this across to the member server.
~ Other