search for: dominiocsa

...wed this guide[?] to reconfigure again the PC using winbind instead of SSSD. All seems to works until 8,2 Using Domain Accounts and Groups in Operating System. In other words winbind can find users and groups but getent doesn't shows user or group information. For example getent group "DOMINIOCSA\\Domain Users" show nothing. This is the smb.conf: > [global] > dedicated keytab file = /etc/krb5.keytab > disable spoolss = Yes > kerberos method = secrets and keytab > load printers = No > log file = /var/log/samba/%m.log > printcap name = /dev/null > realm =...

Per chi vuole guardare il log generato aggiungo una piccola legenda: ZIZI (192.168.70.3) ? il server samba, win7pro-v01 (192.168.64.12) ? il client win7; inoltre il dominio AD si chiama CSATEST mentre il dominio NT (anche se non compare nei logs) si chiama DOMINIOCSA. Piviul

...ol = NT1 > > in smb.conf ok, the samba server I'm using as test has samba 4.5.16-Debian installed and these are the global parameters of the smb.conf (after adding the client/server min protocol): > # Global parameters > [global] > server string = %h server > workgroup = DOMINIOCSA > log file = /var/log/samba/log.%m > max log size = 1000 > allow insecure wide links = Yes > panic action = /usr/share/samba/panic-action %d > printcap name = cups > client min protocol = NT1 > server min protocol = NT1 > unix extensions = No > allow trusted doma...

...bug report[¹] where you can find more details. > > Any one have the same problem? > > Piviul > > [¹] https://bugzilla.samba.org/show_bug.cgi?id=10455 > Hi Piviul, I have read that bug report and sorry but your smb.conf is incorrect. try this one: [global] workgroup = DOMINIOCSA security = ADS realm = <UPPERCASE_WHATEVER_YOUR_DNS_DOMAIN_IS> server string = Samba 4 Client %h winbind use default domain = yes winbind expand groups = 2 winbind refresh tickets = Yes winbind offline logon = yes idmap config *:backend = tdb idmap config...

...ok, the samba server I'm using as test has samba 4.5.16-Debian > installed and these are the global parameters of the smb.conf (after > adding the client/server min protocol): >> # Global parameters >> [global] >> ????server string = %h server >> ????workgroup = DOMINIOCSA >> ????log file = /var/log/samba/log.%m >> ????max log size = 1000 >> ????allow insecure wide links = Yes >> ????panic action = /usr/share/samba/panic-action %d >> ????printcap name = cups >> ????client min protocol = NT1 >> ????server min protocol = NT1 &g...

Hi all, I have a problem in libpam-winbind: offline logon doesn't seems to work. The first version of samba in which I have found the problem is 4.1 and the last is 4.7 but I fear that newer version are affected too. Hopefully there is a workaround: you have to remove krb5_ccache_type=FILE from /etc/pam.d/common-auth I have opened a bug report[¹] where you can find more details. Any one

Il 16/02/19 18:15, Rowland Penny via samba ha scritto: > On Thu, 14 Feb 2019 09:30:00 +0100 > [...] > Hi Piviul, I have read that bug report and sorry but your smb.conf is > incorrect. > > try this one: > > [global] > workgroup = DOMINIOCSA > security = ADS from man smb.conf: SECURITY = ADS In this mode, Samba will act as a domain member in an ADS realm. but I have no ADS realm in my network: my domain is an old samba3 domain. Have a great day Piviul

Mandi! Rowland penny via samba In chel di` si favelave... > You have 'allow trusted domains = No' in 'global' and from 'man smb.conf': I've had not noted that. I can confirm that my working setup had NOT 'allow trusted domains = No'. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia''

Mandi! Rowland penny via samba In chel di` si favelave... > Even though your users may have the same username in AD as in the NT4-style > domain, they are different users, so a few thoughts. You have 'map to guest > = bad user', so I take it you must have 'guest ok = yes' set in the shares > (you haven't shown us the shares), so try changing 'bad user' to

Rowland penny via samba ha scritto il 25/08/20 alle 18:20: > [...] > Even though your users may have the same username in AD as in the > NT4-style domain, they are different users, so a few thoughts. You have > 'map to guest = bad user', so I take it you must have 'guest ok = yes' > set in the shares (you haven't shown us the shares), in effect there is no

...SAGE Signature : 'NTLMSSP' MessageType : NtLmChallenge (0x2) TargetNameLen : 0x0014 (20) TargetNameMaxLen : 0x0014 (20) TargetName : * TargetName : 'DOMINIOCSA' NegotiateFlags : 0xe2898215 (3800662549) 1: NTLMSSP_NEGOTIATE_UNICODE 0: NTLMSSP_NEGOTIATE_OEM 1: NTLMSSP_REQUEST_TARGET 1: NTLMSSP_NEGOTIATE_SIGN 0: NTLMSSP_NEGOTIATE_SEAL...

...o, then attempts to connect ?????????? to a resource from a domain or workgroup other than the one which ?????????? smbd is running in will fail, even if that domain is trusted by the ?????????? remote server doing the authentication. You also have shares that can only be written to by '@DOMINIOCSA\domain admins' Rowland > > :( > > Piviul >

Mandi! Rowland penny via samba In chel di` si favelave... > Who was this 'someone' ? [...] > Yes, stop listening to spurious people who have never done the upgrade and > follow our documentation ;-) I'm 'someone'! ;-) And, as you know, i've correctly migrated/merged 4 NT domains in an AD domain some year ago, following also hint from this list. ;-) > I

...n > > Per chi vuole guardare il log generato aggiungo una piccola legenda: > ZIZI (192.168.70.3) ? il server samba, win7pro-v01 > (192.168.64.12) ? il > client win7; inoltre il dominio AD si chiama CSATEST mentre > il dominio > NT (anche se non compare nei logs) si chiama DOMINIOCSA. > > Piviul > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >