search for: admpwd

Hi, I am trying to get the Microsoft LAPS working in my samba-4 AD environment. Microsoft LAPS requires us to extend the schema and add two attributes "ms-Mcs-AdmPwd" (Stores the password in plain text) and "ms-Mcs-AdmPwdExpirationTime" (Stores the time to reset the password). I have added the Group Policy part of Microsoft LAPS to Windows RSAT (on Windows Server 208 R2) and also been able to extend the samba-4 schema by adding the two attrib...

Hi, I just did this a view days agon. These where the ldifs I used. laps_1.ldif dn: CN=ms-MCS-AdmPwd,CN=Schema,cn=configuration,DC=X changetype: add objectClass: attributeSchema ldapDisplayName: ms-MCS-AdmPwd adminDisplayName: ms-MCS-AdmPwd adminDescription: Stores password of local Administrator account on workstation attributeId: 1.2.840.113556.1.8000.2554.50051.45980.28112.18903.35903.6685103.1...

Am 01.07.19 um 07:48 schrieb Stefan G. Weichinger via samba: > Am 23.11.18 um 03:33 schrieb Ardos via samba: >> Hi, >> >> Thank you very much for your support. >> >> With your ldif, one of the attributes got added to computer container. >> Second one is having a trouble. The modification command is reporting it >> is not able to find the attribute

...AM, Andrew Bartlett wrote: > On Thu, 2018-11-22 at 09:58 +0530, Ardos via samba wrote: >> Hi, >> >> I am trying to get the Microsoft LAPS working in my samba-4 AD >> environment. Microsoft LAPS requires us to extend the schema and add two >> attributes "ms-Mcs-AdmPwd" (Stores the password in plain text) and >> "ms-Mcs-AdmPwdExpirationTime" (Stores the time to reset the password). >> >> I have added the Group Policy part of Microsoft LAPS to Windows RSAT (on >> Windows Server 208 R2) and also been able to extend the samba-4...

Hello Samba Team, We have AD controller with opened ldap ports (389/636). Problem is that users can connect by application like Apache DIrectory Studio and they see all ldap tree. Is it any solution to: - block view for all users without specific ACL, - block same attribute like uidNumber ? I'm lokking something like ACL in OpenLdap for Samba AD. Maybe somebody can help ? Best regards,

On Thu, 2018-11-22 at 09:58 +0530, Ardos via samba wrote: > Hi, > > I am trying to get the Microsoft LAPS working in my samba-4 AD > environment. Microsoft LAPS requires us to extend the schema and add two > attributes "ms-Mcs-AdmPwd" (Stores the password in plain text) and > "ms-Mcs-AdmPwdExpirationTime" (Stores the time to reset the password). > > I have added the Group Policy part of Microsoft LAPS to Windows RSAT (on > Windows Server 208 R2) and also been able to extend the samba-4 schema >...

...able to add these attributes to computers class. > > Hence looking for help to create the ldif file to add these two > attributes to computer class. You need another ldif: dn: CN=Computer,CN=Schema,CN=Configuration,DC=sample,DC=com changetype: modify add: mayContain mayContain: ms-Mcs-AdmPwdExpirationTime - add: mayContain mayContain: ms-Mcs-AdmPwd Rowland

...ters class. >> >> Hence looking for help to create the ldif file to add these two >> attributes to computer class. > You need another ldif: > > dn: CN=Computer,CN=Schema,CN=Configuration,DC=sample,DC=com > changetype: modify > add: mayContain > mayContain: ms-Mcs-AdmPwdExpirationTime > - > add: mayContain > mayContain: ms-Mcs-AdmPwd > > Rowland >