search for: greyfish

Hello Rowland and Christian Thanks for your replies... Yes ONEVISION and MYDOM are the very same here. Copy/Paste. "Christian Naumer" <christian.naumer at greyfish.net> wrote on 18.04.2023 20:12:35: > Am 18. April 2023 14:29:29 MESZ schrieb Roland Schwingel via samba > <samba at lists.samba.org>: > >Hi... > > > >We are still using NT4 classic domain with a couple of samba server but > >want to upgrade step by step t...

Thanks for the suggestions. I tried them without success. Strange that wbinfo works but getent does not. On Wed, May 31, 2023 at 10:55?AM Christian Naumer < christian.naumer at greyfish.net> wrote: > It works for us with Rocky Linux 8.8 and Samba 4.17.5. DCs are Samba > 4.18.2. > > > Looking at your conf I see this: > > I do _not_ have this: > > idmap config DOMAIN:unix_primary_group = yes > > I have and you don't: > > disable netbios...

On 11.06.24 18:52, Rowland Penny via samba wrote: > Can you please expand on that. From my testing (and others) the > wikipage: > https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs > > Says: Only users and groups having the SeDiskOperatorPrivilege > privilege granted can configure share permissions. > > The only problem is, that statement doesn't

...I deleted before, its granted by default to BUILTIN\Administrators?) So: a) The privilege is needed to change??the Permission Tab b) The privilege is granted to BUILTIN\Administrators by default. Can someone confirm ? LP On Jun 11, 2024 at 18:58 +0100, Christian Naumer <christian.naumer at greyfish.net>, wrote: > > Maybe the other tap when configuring shares is meant? The "share > permissions" Tap? > > Not the security one?

It works for us with Rocky Linux 8.8 and Samba 4.17.5. DCs are Samba 4.18.2. Looking at your conf I see this: I do _not_ have this: idmap config DOMAIN:unix_primary_group = yes I have and you don't: disable netbios = yes smb ports = 445 server min protocol = SMB2 client min protocol = SMB2 Different: kerberos method = secrets and keytab And this is deprecated: winbind nss info =

...ulation, but this "piling up" of ACL information doesn't happen either on a native Windows file server or with vfs_acl_xattr. And at least partially this may be the reason why using POSIX ACLs with SaMBa is deprecated :-( Best regards, Tam?s Christian Naumer <christian.naumer at greyfish.net> ezt ?rta (id?pont: 2023. j?n. 15., Cs, 8:42): > Am Mittwoch, dem 14.06.2023 um 18:48 +0200 schrieb Tam?s N?meth via samba: > > # file: newfile.docx #This file has a (probably > > unnecessary) POSIX ACL > > # owner: user_1 > > # group: domain\...

Am 18. April 2023 14:29:29 MESZ schrieb Roland Schwingel via samba <samba at lists.samba.org>: >Hi... > >We are still using NT4 classic domain with a couple of samba server but >want to upgrade step by step to AD as a distant goal. >We tried to upgrade to samba 4.17.7 as in intermediate step and keep LDAP >for now but fail as we could not find a suitable >example for

Hi everyone, we are running Samba version 4.19.3 on Rocky Linux 8.9. Recently we have been seeing errors like these for all Linux hosts in our network. Jan 11 15:36:55 dc4.REALM.COM samba[4339]: [2024/01/11 15:36:55.080863, 2] ../../auth/auth_log.c:876(log_authentication_event_human_readable) Jan 11 15:36:55 dc4.REALM.COM samba[4339]: Auth: [Kerberos KDC,ENC-TS Pre-authentication] user

Hi everyone, we are running Samba version 4.19.3 on Rocky Linux 8.9. Recently we have been getting errors when using the RSAT DNS Administration tool in Windows. Two (of 10) of the reverse zones can not be displayed. The following error is shown: "The DNS server has detected an error when loading the zone. The zone data may not be available in Active Directory or the zone data may be

Am 28.05.24 um 07:34 schrieb Bestattungen Vitt - Thomas Reitelbach via samba: > > Christian Naumer said, I can get Nextcloud to work without this insecure > parameter - I'll have to figure out how I could acceppt a self-signed > certificate on the side of apache2/php-ldap module. I checked our installation and found this in the Nextcloud Doku

Am 29.07.24 um 13:20 schrieb Zhuchenko Valery via samba: > hi, samba team and other, > > client software calls samba and samba reads /etc/samba/smb.conf where > some parameter contains variable %i (client ip address), but when samba > calls samba-dcerpcd, it again reads /etc/samba/smb.conf where some > parameter contains variable %i and at that moment %i is not client ip

Am 29.07.24 um 13:48 schrieb Zhuchenko Valery via samba: > "hosts allow" about access to browseable share, I need different shares > lists How about "access based share enum" as a Machine is also just a user you could use the "valid users" option.

Am 25.07.24 um 22:15 schrieb Mark Foley via samba: > As it stands, users can change their passwords at any time, so long as it's not > expired or their account is not marked "User must change password at next > login". If a user let's his/her password expire, I have to change it manually > via ADUC or samba-tool. > > Other thoughts? I suppose this could be a

Am 29.07.24 um 14:35 schrieb Zhuchenko Valery via samba: > user may be same, but from client ip1 this user can't see shares, which > can see from client ip2. > need share enumeration by client ip Have you checked if "hosts allow" in combination with "access based share enum" does what you want?

Am 14.04.23 um 18:02 schrieb Daniel Lakeland via samba: > Any help would be appreciated. I'm beginning to suspect this > functionality was lost. There where some people that posted here with the same Problem. I have never done this. So everything from here is just "having an educated guess". If you look at the link I posted, there is a smb.conf given. I would take that as

Am 11.06.24 um 19:37 schrieb Luis Peromarta via samba: > Correct, and I have done so and explained extensively at the beginning to this thread. > > Question is: > > Should we stop telling people to provision with idmap_ldb:use rfc2307 = yes ? As one who uses that option I would say no. However, I see that it is very confusing for someone new to Samba. It is the same for the ID

Hi, I have been looking at this thread a while now. First I think what Rowland and myself misunderstood is that you are not using a DC as a Fileserver ( in the beginning I thought you did. That you have a sysvol share on a domain member confused me) so I think so e of the comments from Rowland do not apply here. Second, if I reread the thread and look at the description of your problem I think