search for: aea32

...to the LDAP server for user 'raines' is passed through to the AD server as authentication for user 'per2'. The issue was this did not work for Samba. The solution I came up with was to create a "username map = /etc/samba/users.map" with lines like raines = MYDOMAIN\per2 aea32 = MYDOMAIN\aea32 and then have in smb.conf workgroup = MYDOMAIN security = ads passdb backend = tdbsam realm = MYDOMAIN.ORG dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab preferred master = no encrypt...

...h to the AD server as authentication for user 'per2'. >> >> The issue was this did not work for Samba. The solution I came up >> with was to create a "username map = /etc/samba/users.map" with lines >> like >> >> raines = MYDOMAIN\per2 >> aea32 = MYDOMAIN\aea32 > > That's one way of doing it, it isn't how I would have done it. > Except for "extending AD" as above is there another way. All I want and need from corporate AD is password authentication. I don't want or need anything else, including user or gr...

...for the new account or unmounting, waiting 10 minutes changing nothing and then trying to mount again. In addition I think I run into the secondary group problem referenced in the thread I mentioned a few months ago. The share I was setting was using "valid users = +sysadm" and per2, aea32 and nmr27 are all in that group (but not their primary group). With [posters] path = /home/posters valid users = +sysadm writable = yes create mask = 664 force create mode = 664 directory mask = 2775 force directory mode = 2775 And the permissions on /home/pos...

...#39; is passed > through to the AD server as authentication for user 'per2'. > > The issue was this did not work for Samba. The solution I came up > with was to create a "username map = /etc/samba/users.map" with lines > like > > raines = MYDOMAIN\per2 > aea32 = MYDOMAIN\aea32 That's one way of doing it, it isn't how I would have done it. > > and then have in smb.conf > > workgroup = MYDOMAIN > security = ads > passdb backend = tdbsam > realm = MYDOMAIN.ORG > > dedicated keytab...

...s. I have a handful of users from > the early 2000s with UIDs in the 100-5000 range (predates me -- this > is before distros started enforcing user creation >500). It most > likely conflicts with system accounts they had created. > > >> raines = MYDOMAIN\per2 > >> aea32 = MYDOMAIN\aea32 > > > > That's one way of doing it, it isn't how I would have done it. > > > > Except for "extending AD" as above is there another way. > > All I want and need from corporate AD is password authentication. I > don't want or...