search for: groupofnames

...n Controllers", you would have to keep a duplicate record using a different objectClass. Oh, yes and if you know a better way, I am always looking for better ways to get things done. :-) How I did it was like this: 1. I set up a new OU called "Access Groups". 2. I created a new groupOfNames object in that OU called "Domain Controllers" For the "member" attribute, use the dn of the host record for your primary DC. 3. Using gq, I added simpleSecurityObject to the host record so that it would have a password. Note: Probably can't use the machine account ins...

...m working on populating an OpenLDAP server (Dapper) for pam authentication. I'm having trouble import LDIFs for my groups. The following is and example: (this imports on CentOS 5.3 i386, openldap version is 2.3.43-3.el5 ) # org.X.admins dn: cn=admins,dc=X,dc=org changetype: add objectClass: groupOfNames objectClass: top objectClass: posixGroup cn: admins gidNumber: 1001 member: cn=admin,dc=X,dc=org I get the following error: adding new entry "cn=admins,dc=X,dc=org" ldap_add: Object class violation (65) additional info: invalid structural object class chain (groupOfNames/posixGroup) No...

...imperfect implementation. Because they do not leverage the Samba group objectclass they are hampering Samba's ability. The method they've used to implement groups does not allow those groups to be used by Samba. I'm no expert on LDAP, but I believe the addition of an attribute on their groupOfNames style of group may be all that is needed - I'm spinning up an OpenLDAP instance to confirm. Now to try to convince them of this fact in the hopes of future improvements. On Thu, Dec 21, 2017 at 2:17 PM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Thu, 21 Dec 2017...

...ctFlags: [U] sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX and my groups ldif is like (I'm using rfc2307bis schema for this with compatible nss-ldap): dn: cn=group1,ou=Groups,dc=xxxx,dc=xxxx objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: group1 gidNumber: 1000 member: uid=userx,ou=xxxxx,dc=xxxx,dc=xxxx member: uid=usery,ou=xxxxx,dc=xxxx,dc=xxxx memberUid: userx memberUid: usery dn: cn=group2,ou=Groups,dc=xxxx,dc=xxxx objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: group2 gidNum...

...#39;m trying to create a grou of users: # Grupos do TIM dn: ou=futebol,ou=accounts,dc=telbit,dc=pt objectClass: organizationalUnit description: Grupo de Futebol ou: futebol # Grupo do futebol dn: uid=futeboladas,ou=futebol,ou=accounts,dc=telbit,dc=pt objectClass: top uid: futeboladas objectClass: groupOfNames cn: Futeboladas member: uid=mgamito,ou=tim,ou=accounts,dc=telbit,dc=pt member: uid=alopes,ou=tim,ou=accounts,dc=telbit,dc=pt member: uid=tmarto,ou=tim,ou=accounts,dc=telbit,dc=pt cn: Futebol as it is, with "uid: futeboladas" i get the error: "adding new entry "uid=futeboladas,o...

...main Users, and user that belongs to that group will log to the Domain? I am trying this on a Virtual Machine, but my Windows 7 machine died, and I havent being able to test this. Having an group on my ldap like this dn: cn=Grupo de Prueba,cn=Domain Users,ou=Group,dc=mydomain,dc=com objectClass: groupOfNames objectClass: top cn: Grupo de Prueba member: uid=prueba,ou=People,dc=mydomain,dc=com Will the user prueba be able to log on to the samba Domain? Or the user has to be part of the Domain Users directly in order to log on to the Domain. Thanks, Juan Diego

...pping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 # password_header = "{clear}" # password_attribute = userPassword # groupname_attribute = cn # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" # groupmembership_attribute = radiusGroupName timeout = 4 timelimit = 3 net_timeout = 1 # compare_check_items = yes...

Hi list, After reading a lot in the mailing list and the official Samba 3 howto, i am still unable to give domain admin rights to a user, so that he gets admin rights on all workstations in the domain. Here is what i have: - Samba 3.08 PDC, config: [global] workgroup = ANT netbios name = ANTSRV netbios aliases = RUN KITS HOMES LIB PRINTERS server string = ANT Samba

Hi. I'm trying to convert from s3 to s4 using classic upgrade. I have LDAP backend and i'm getting this error: Ignoring group 'pgrd' S-1-5-21-511255529-1355219746-1726288727-3007 listed but then not found: Unable to enumerate group members, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION) The problem is that this group is valid and almost all our users are in this group, so i

...l authentication (only few users ), squid proxy authentication, logon authentication to our linux servers, logon authentication to our enterasys switches via freeradius The objectClasses we need are objectClass: account objectClass: dcObject objectClass: device objectClass: domain objectClass: groupOfNames objectClass: hordePerson objectClass: hostObject objectClass: inetOrgPerson objectClass: ipHost objectClass: ipNetwork objectClass: orclNetService objectClass: orcluser objectClass: organizationalPerson objectClass: organizationalUnit objectClass: person objectClass: posixAccount objectClass: posix...

Hi, I have setup samba 3.0.7 with LDAP and NetApps Filers as our file store. We are going to lots of departmental shares, firstly we want only people from their own dept to have access to their department share, but users from other departments may need access to other dept shares, i would like to set up permissions on each dept share so a group is applied, then every user is added to the

...cn=user1,ou=dovecot,ou=users,dc=kapott,dc=org cn=user2,ou=not_dovecot,ou=users,dc=kapott,dc=org So my question: are there any plans to support group-based LDAP authentication? For several other application, I have something like this: dn:cn=dovecot,ou=groups,dc=kapott,dc=org objectclass:groupOfNames member:cn=user1,ou=users,dc=kapott,dc=org So I can define groups of user accounts - one group per application. A nice solution for this in dovecot would be, if I could "mix" password lookup and authentication bind: First, a search query should be used to find a valid DN to bind as. In...

I'm not seeing my LDAP groups listed when I use Windows file sharing tools to modify ACLs on a share. I see all of the LDAP users. Ubuntu 16.04, hosted LDAP ("in the cloud", although I hate that term, provided by JumpCloud.com), no AD. I'm able to assign LDAP users to ACLs. The groups are of objectClass 'groupsOfNames'. Is this expected behavior?

Hi all Need Urgent Help :( I' m new to this List... I'm trying to setup a new Samba 3 PDC + OpenLDAP on a Mandrake 10.0 to replace an older server... Cause I need an LDAP Backend for a BDC planned on a remote site, and Samba 3 came along. So I'm following this Doc http://au1.samba.org/samba/docs/man/guide/happy.html 1. I fail once I get to this step 18 of initialization and creation

We are looking for a replacement enterprise file system to handle storage needs for our campus. For the past 10 years, we have been happily using DFS (the distributed file system component of DCE), but unfortunately IBM killed off that product and we have been running without support for over a year now. We have looked at a variety of possible options, none of which have proven fruitful. We are

Hi everybody, I made a pretty complete howto for samba on debian servers. This howto covers samba + ldap + cups + recycle bin + samba-vscan + phpldapadmin + ACL + Extended Attributes. this howto is also based on the idealx howto If you do this setup, you should be able to use the NT4 Usermanager, setup Point en Print Printing. set rights from explorer etc. other nice tools is ldapadmin (