search for: domain_groups

. DOMAIN_ADMIN_PASSWD.sh echo ${PASSWD} | kinit ${ADMIN}@${DOMAIN} echo -n > /etc/ntfs-3g.usermap for DOMAIN_USER in $(wbinfo -u);do RPCLOOKUPID=$(rpcclient -P -c "lookupnames ${DOMAIN_USER}" ${DOMAIN}) if [ "${RPCLOOKUPID:0:7}" != "ERROR: " ] && [ "${RPCLOOKUPID:0:7}" != "Failed " ];then SID=$(echo ${RPCLOOKUPID}|awk '{print

On Sat, 4 Nov 2017 18:42:36 -0600 Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > I decided to continue trying the ldap route as well > > littlehex2int() > { > hex=$1 > hex_chunk=$(echo ${hex}|cut -c$2-$3) > little=$(echo ${hex_chunk}|awk '{print > substr($0,7,2)substr($0,5,2)substr($0,3,2)substr($0,1,2)}') > echo "ibase=16; ${little}" |

I have winbindd running. I run wbinfo -a userXYZ%pass and it succeeds Now I want to know if userXYZ is in group "monkeys", but I dont want to have to have to map anything. Is this possible? Is there a way to just say "give me the windows group names that userXYZ is in?" or "is userXYZ in windows group name 'monkeys'?" Thanks! - Jeremiah

I decided to continue trying the ldap route as well littlehex2int() { hex=$1 hex_chunk=$(echo ${hex}|cut -c$2-$3) little=$(echo ${hex_chunk}|awk '{print substr($0,7,2)substr($0,5,2)substr($0,3,2)substr($0,1,2)}') echo "ibase=16; ${little}" | bc } base64_to_sid() { OBJECTSID="$1" hex=$(echo ${OBJECTSID}|base64 -d|od -A n -x -w28 --endian=big|sed 's/

Not bad but I wanted an ldap version because I was having issues running ldbsearch as a normal user. I created the following functions to get it in and out of base64 and hex swap_endian() { local input=$1 local output="" while [ "${input}" != "" ];do output="${input:0:2}${output}" input=${input:2} done echo $output } base64_to_hex() { echo $(echo

That looks easier I was working on ldap to convert but I'll try ldb-tools I was off on a bash mission here is what I had so far it isn't correct so I'll keep working on it #!/bin/bash if [ "$(echo $1|wc -c)" = "41" ];then hex=$(echo $1|base64 -d| od -x -w28 --endian=big|head -n1|sed 's/^0000000 //'|sed 's/ //g') echo ${hex} hex_chunk=$(echo

Hello List, currently we have Samba 3.0.7 running on SLES8 systems with AD integration. We?re using the SerNet RPM?s (ftp.sernet.de) Everything works fine so far, we just have a problem with resolving domain groups. wbinfo -g works fine, the domain groups are correctly resolved. But when inserting a "valid users = @AD_DOMAIN_GROUP" statement in the smb.conf we get the following error:

I'm trying to build a hack to add/modify a groupmap entry in the group_mapping.tdb file by hand. What I'd like to do is to manually perform something like this: echo -e "open group_mapping.tdb\ninsert my_key my_value\nq" | tdbtool In this attempt, I expect to add a new group map entry in the tdb file. The key I'm using is the same as samba uses: domain_group/SID. I'm

I have Windows server 2003 AD controller and Samba 3 (3.5.11 or 3.6.3) member server running on FreeBSD 8.2/9.0. I don't use MS Services for Unix and my setup relies on Winbindd for idmapping. I can see all users / groups with wbinfo -g, wbinfo -u, getent group, getent passwd. I can see all user's group with id <username>. I had to solve more complicated tasks including ACLs and

OS Solaris 5.9 (9) Generic_122300-13 (clean build) nscd daemon has been disabled and is not running No NIS or NISPLUS Samba Version 3.0.26a Complied using the following options --with-acl-support -with-winbind -with-pam smbd, nmbd & winbind daemons are all started [global] workgroup = MTCB2 security = domain log level = 3 log file =