search for: bcbsnc

I have aix with 3.0.21c samba with the following smb.conf: [global] workgroup = MYDOMAIN realm = MYDOMAIN.COM server string = User management Server security = ADS password server = ad.mydomain.com idmap backend = rid:MYDOMAIN=100000-200000 allow trusted domains = No log level = 0 log file = /usr/local/samba/var/log.%m

...his email a couple of things changed. the above commands no longer display the domain as part of the info. I cannot get into my home directory which is shared but with a valid user of "valid users = %S" in the smb.conf. -----Original Message----- From: David Shapiro [mailto:David.Shapiro@bcbsnc.com] Sent: Wednesday, March 01, 2006 12:32 PM To: Guillermo Gutierrez Subject: Re: [Samba] samba as a domain member Is the getent passwd returning users? Does wbinfo -u and wbinfo -g return users and groups? David David Shapiro Unix Team Lead 919-765-2011 >>> "Guillermo Guti...

I could not get wbinfo -g/u to work and was seeing a bunch of errors related to to not being able to enumerate groups. I saw somebody use idmap backend = ad and added this since I have been struggling to get ad working (still not working). Now, when I run wbinfo -g/-u, I am getting groups and users, but the domain it shows is different than what I expected. My domain I was using for workgroup

...users = yes winbind gid = 10000-20000 os level = 20 winbind enum groups = yes winbind separator = / encrypt passwords = yes server string = User management Server security = ADS realm = MYREALM.COM password server = myadsserver.bcbsnc.com preferred master = no log file = /usr/local/samba/var/log.%m log level = 0 max log size = 50 local master = No dns proxy = No wins server = wins01 wins02 wins proxy = no name resolve order = wins hosts lmhosts bcast...

...M >>> David, Please post your smb.conf / nsswitch.conf/krb5.conf What are you trying to achieve? Joining a samba server to a Windows AD domain? Please provide some more information. Thx. Regards, Nico ----- Original Message ----- From: "David Shapiro" <David.Shapiro@bcbsnc.com> To: <samba@lists.samba.org> Sent: Friday, February 03, 2006 3:49 PM Subject: [Samba] Confused about what I am seeing with domain names >I could not get wbinfo -g/u to work and was seeing a bunch of errors > related to to not being able to enumerate groups. I saw somebody use...

Hello, I have samba set up using winbind so that I can ssh into the box with my DOMAIN\mylogin. That's great...kind of. How do I control which users can login to the box? As it stands now, all users in DOMAIN can log in, which is not desireable. Do I need to map domain groups to unix groups? Do I need to map domain users to the box some how? Even if I do that, how do I then set it up

Hello, I am new to this list but I have been learning to use linux/bsd and samba for the past year. so far I have been able to learn enough on my own to be able to successfully set up a functional samba server on FreeBSD and Gentoo Linux boxes. I am trying to learn how to integrate them into an Active Directory windows 2003 server domain. So far I have verified that Kerberos and ldap and winbind

I've just installed Samba 3.0.21c on SLES9 box. I've configured kerberos and my smb.conf file to a tee. When I try to join my active directory domain by typing the following: "net ads join -U administrator" after I type the password, I get this error: "Segmentation fault" I can successfully get a ticket from AD when invoking: "kinit user" Is there

I got net ads join to finally work, but I cannot get samba to authenticate a user to a share. [global] workgroup = DOMAIN netbios name = svcanimp socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 idmap uid = 10000-20000 idmap gid = 10000-20000 idmap backend = ad use kerberos keytab = yes # os level = 65 winbind

Sigh, Someday i will get samba to work on aix. Now I rebuild samba because I discovered that you needed to request it to build idmap_rid.so or it will not make it. After the rebuild I moved over the smb.conf again and net ads joined again. When I try to start samba, however, it panics with this information: smb_register_idmap: Successfully added idmap backend 'tdb' [2006/02/07

I tried to use the samba share that I was able to access this morning, but now I cannot get to it. The error in the client's log is: Doing spnego session setup [2006/02/09 13:14:02, 3] ../smbd/sesssetup.c:reply_sesssetup_and_X_spnego(664) NativeOS=[Windows 2002 Service Pack 1 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2006/02/09 13:14:02, 10]

Hmm, I am not sure why this worked, but I moved my WINBIND stanza in /usr/lib/security/methods.cfg up in the file prior to the PAM stanza, and save it. After this, I was able to load the module. Any ideas on why this worked? David David Shapiro Unix Team Lead 919-765-2011 >>> David Shapiro 2/10/2006 9:32:14 AM >>> I cannot load WINBIND for some reason anymore since some

Okay, winbind works and I can su - DOMAIN+user now. When I try to log in with ssh (pam enabled), however, I see in the log it accepts my password, but then the session closes. My pam.conf has; su auth sufficient /usr/lib/security/pam_winbind.so login auth sufficient /usr/lib/security/pam_winbind.so debug sshd auth sufficient

Hello, Well, it looks pretty cool. I can ssh in as DOMAIN+username. I could not find a pam_mkhomedir for aix, but I am using a preexec to make the home directories and templates to get around that for now. The question is: how do I make it so some "domain users" can login in, but other users cannot? I am not real familiar with ad by the way. Do I need to make organizational units

Hello, User can ssh into the box fine, but the directories I groupmapped are not translating (maybe they are not supposed to?) I have, for example, a share called Share_Dfsroot_pvcs-cdw_C that I used net groupmap to map to a unix directory called cdw. I set the group id to match what Share_Dfsroot_pvcs_cdw_C uses in /etc/group. I chgrp cdw on a directory. When the user logs into the server,

During configure, it is running xlc -version for some reason, and xlc does not have a --version option, so it is showing usage information instead. How do you compile with xlc 6.0? David David Shapiro Unix Team Lead 919-765-2011

hello, I have samba 3.0.21c on an aix 5.2.0.7 server configured to use active directory authentication. However, I need to do something a little funky: The server with samba I will call: sambaserver A server with a user's home directory that is automounted on a few other servers: homeserver The user has on homeserver his files that he works on that he conveniently has automounted on

My long sojourn to get some configuration set up that will then allow me to set a uid of an ad user to whatever unix uid I want (nfs reasons), is still going. I set my backend to ad and added the winbind nss info = sfu. Nothing happened initially in the log.winbindd-idmap, but after lunch I saw some new things in there: 83390]: sid to uid S-1-5-21-54348060-1989963526-242692186-2762 [2006/08/25

I am still trying to resolve an issue where I need the ad user's home directory to have a specific uid so that when I nfs its home somewhere the user can access his files. I found wbuser.pl out there at http://www.occam.com/tools/: Mapping Active Directory Users to Existing UNIX UIDsUse this procedure on systems where AD user accounts should correspond to UNIX user accounts on other

I changed the separator to + from / and now when I use users=DOMAIN+mylogin, I get access to a share finally. However, when I run chown DOMAIN+mylogin testdir, testdir is not set to DOMAIN+mylogin, it is set to tempfn (temporary id is what the gecos/description says). In aix land, what do I need to do to get it to use WINBIND to set the diretory ownership now? My /usr/lib/security/methods.cfg