Displaying 20 results from an estimated 27 matches for "idamp".
Did you mean:
iamp
2017 Dec 01
2
idamp ad/rid
Rowland,
I found something related that you were doing.
"[PATCH] samba-tool: Easily edit a users object in AD"
Did you finish the script?
On Fri, Dec 1, 2017 at 3:24 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Fri, 1 Dec 2017 15:00:39 -0200
> Elias Pereira <empbilly at gmail.com> wrote:
>
> > Thanks Rowland for the quick answer!! :)
2017 Dec 01
2
idamp ad/rid
Can you share with me? :)
On Fri, Dec 1, 2017 at 4:43 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Fri, 1 Dec 2017 16:27:11 -0200
> Elias Pereira <empbilly at gmail.com> wrote:
>
> > Rowland,
> >
> > I found something related that you were doing.
> >
> > "[PATCH] samba-tool: Easily edit a users object in AD"
>
2017 Dec 02
0
idamp ad/rid
Correcting! :)
#!/bin/bash
#
GROUP=ADM
GUID=10000 # Domain Users
UID=10000 # get the next ID ?
for USER in $(samba-tool group listmembers $GROUP)
do
samba-tool user edit $USER --nis-domain=samdom \
--unix-home=/home/$USER \
--uid-number=${NEXTID} \
--login-shell=/sbin/nologin \
--gid-number=$GUID
done
Of course that script is very simple, but is a beginning. :)
2017 Dec 02
0
idamp ad/rid
>
> Sorry, but that isn't going to work with 'samba-tool user edit'
> You would need to write an 'editor' script to do what you would need to
> do.
Ok.
Bit busy, just now, give me some time, I have a script somewhere that
> should do what you want.
Of course Rowland. Work on what you're working on. I do not want to disturb
you. :)
I'll give a
2017 Dec 01
2
idamp ad/rid
Hello friends,
My doubts are as follows. In an environment where we have, for example,
1000 users, I believe that rid would be the best choice in a fileserver
environment, because we don't need to manually configure via RSAT a unix
attribute for each user.
Is that more or less the thought, or am I wrong?
--
Elias Pereira
2017 Dec 02
2
idamp ad/rid
Found it! :)
I thought in make a script more or less that way.
#!/bin/bash
#
GROUP=ADM
GUID=10000 # Domain Users
UID=10000 # get the next ID ?
for USER in $(samba-tool group listmembers $GROUP)
do
samba-tool user edit $USER -H ldap://samdom.example.com \
-U administrato --nis-domain=samdom \
--unix-home=/home/$USER \
--uid-number=${NEXTID} \
2017 Dec 01
2
idamp ad/rid
Thanks Rowland for the quick answer!! :)
If you are going to use more
> than one Unix domain member as a fileserver, then you will probably be
> better off using the winbind ad backend, this way you can ensure your
> users and groups have the same ID everywhere.
Maybe in the near future I'll set up a new fileserver. That way, I believe
that ad as a backend is the best choice.
I
2017 Dec 02
1
idamp ad/rid
On Sat, 2 Dec 2017 12:13:08 -0200
Elias Pereira via samba <samba at lists.samba.org> wrote:
> >
> > Sorry, but that isn't going to work with 'samba-tool user edit'
> > You would need to write an 'editor' script to do what you would
> > need to do.
>
>
> Ok.
>
> Bit busy, just now, give me some time, I have a script somewhere that
2017 Dec 02
2
idamp ad/rid
On Sat, 2 Dec 2017 10:21:07 -0200
Elias Pereira <empbilly at gmail.com> wrote:
> Correcting! :)
>
> #!/bin/bash
> #
> GROUP=ADM
> GUID=10000 # Domain Users
> UID=10000 # get the next ID ?
>
> for USER in $(samba-tool group listmembers $GROUP)
> do
> samba-tool user edit $USER --nis-domain=samdom \
> --unix-home=/home/$USER \
>
2016 Oct 05
3
winbindd losing track of RFC2307 UIDs
...conf matter at all?
>
> _Rob
>
>
Hi Rob,
You can try to use tdbtool to delete the offending key with uid 2020.
https://www.samba.org/samba/docs/man/manpages-3/tdbtool.8.html
I'd stop samba make an backup of winbind_idmap.tdb and give it a try.
In my case deleting the mappings from idamp.tdb fixed the issue of
changing uid's.
achim~
2014 Dec 31
2
Fwd: Re: Samba4 and sssd, keytab file expires?
...= srvfile
reset on zero vc = yes
server string =
encrypt passwords = yes
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
idmap config *:backend = tdb
idmap config *:range = 10000-20000
idmap config DOMAIN:backend = ad
idamp config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 0-40000
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind offline logon = false
vfs objects = acl...
2016 Oct 06
1
winbindd losing track of RFC2307 UIDs
...Hi Rob,
>>
>> You can try to use tdbtool to delete the offending key with uid 2020.
>> https://www.samba.org/samba/docs/man/manpages-3/tdbtool.8.html
>> I'd stop samba make an backup of winbind_idmap.tdb and give it a try.
>> In my case deleting the mappings from idamp.tdb fixed the issue of changing
>> uid's.
>>
>> achim~
>>
>>
> Did the uid change from 2018 to 2020 or is this an different user or member
> server? If it changed editing winbindd_idmap.tdb might not fix your problem.
It didn't change, it was my cop...
2017 Dec 06
3
MMC issue
...to 'root'.
>
> If I run mmc.dsc on the win7 PC and connect to the share, everything
> works for me.
I actually have the same problem. The Security tab works as expected.
Only "Sessions" and "Open Files" do not work. On an DM but work on a DC.
This is with the idamp AD backend not rid and Administrator does not
have an uid assigned.
In the logs I see this:
Successful AuthZ: [srvsvc,ncacn_np] user [BRAIN-02]\[Administrator]
[S-1-22-1-0] at [Mi, 06 Dez 2017 10:00:22.032080 CET] Remote host
[ipv4:x.x.x.x:35170] local host [NULL]
Dec 6 10:00:22 lx-sv-03 smbd_a...
2014 Dec 31
0
Fwd: Re: Samba4 and sssd, keytab file expires?
...erver string =
> encrypt passwords = yes
>
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> idmap config *:backend = tdb
> idmap config *:range = 10000-20000
> idmap config DOMAIN:backend = ad
> idamp config DOMAIN:schema_mode = rfc2307
> idmap config DOMAIN:range = 0-40000
>
> winbind nss info = rfc2307
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
> winbind offline logo...
2016 Oct 05
0
winbindd losing track of RFC2307 UIDs
...t;>
>>
> Hi Rob,
>
> You can try to use tdbtool to delete the offending key with uid 2020.
> https://www.samba.org/samba/docs/man/manpages-3/tdbtool.8.html
> I'd stop samba make an backup of winbind_idmap.tdb and give it a try.
> In my case deleting the mappings from idamp.tdb fixed the issue of
> changing uid's.
>
> achim~
>
>
Did the uid change from 2018 to 2020 or is this an different user or
member server? If it changed editing winbindd_idmap.tdb might not fix
your problem.
2004 Oct 09
0
winbind doesn't follow updateref in replica ldap server
...n the ldap database. But when
I do "su <some ads user>" on the secondary the uid of <some ads user>
is stored in the ldap database of the secondary when the uid
hasn't been seen before on the primary. When I do
"su - <another ads user>" on the primary the idamp is stored
in the ldap database of the primary and replicated to the
secondary correctly.
There are no log messages the indicate a problem or a hint
for a solution. I have seen a message on this list concerning
the same problem but no answer, so I thought I give you a little
more information on th...
2013 Sep 05
0
Winbindd IDMAP SID-to-UNIX-IDs problem
IDAMP cache somehow ends up with an unmapped SID2UID entry (i.e value = -1) and the SID2GID entry expires. At this stage winbindd returns unmapped for a SID-to-UNIX-IDs request. This results in smbd giving incorrect group memberships and incorrect resource access, until the SID2UID entry expires. This...
2014 Dec 31
2
Fwd: Re: Samba4 and sssd, keytab file expires?
...= yes
>>
>> load printers = no
>> printing = bsd
>> printcap name = /dev/null
>> disable spoolss = yes
>>
>> idmap config *:backend = tdb
>> idmap config *:range = 10000-20000
>> idmap config DOMAIN:backend = ad
>> idamp config DOMAIN:schema_mode = rfc2307
>> idmap config DOMAIN:range = 0-40000
>>
>> winbind nss info = rfc2307
>> winbind trusted domains only = no
>> winbind use default domain = yes
>> winbind enum users = yes
>> winbind enum groups = yes...
2018 May 11
1
wbinfo -r 'username' displays inconsistent results across DC's
Hello,
Looking up a users group membership I'm showing different results
on each DC. UID and GID mapping appears consistent but not all group
membership is displayed. I've verified idmap.ldb is backup up and copied
over to the other DC's. I do notice when taking a hot backup of
idmap.ldb, the file size is dramatically smaller than the original.
Using Microsoft RSAT to view
2023 Jun 23
1
[EXTERNAL] Re: Unable to authenticate to share using UPN
...line logon = Yes
winbind refresh tickets = Yes
winbind use default domain = Yes
workgroup = ADDOM
fruit:nfs_aces = no
idmap config * : range = 1-999
idmap config addom : unix_primary_group = yes
idmap config addom : unix_nss_info = yes
idamp config addom : schema_mode = rfc2307
idmap config addom : backend = ad
idmap config addom : range = 1000-999999999
idmap config * : backend = tdb
acl group control = Yes
create mask = 0664
directory mask = 0775
dos filemode = Yes
force...