search for: ldap_base_dn

...dmap information already stored in an LDAP location. smb.conf snippets are below. I'm not getting this to work. What I see, reading log.winbindd-idmap at log level 10 is that search for Idmap entries seems to use the "ldap suffix" parameter instead of the idmap config <DOMAIN>:ldap_base_dn as a search base, i.e. it starts at ou=Trusting,ou=MyAccounts,o=Universitaet Marburg,c=DE while it should start at ou=Idmap,ou=Trusted,ou=MyAccounts,o=Universitaet Marburg,c=DE Any hints? regards, Wolfgang Ratzka ------------------------------------------- [global] (...) workgroup = TRUSTING...

...y = no #ldap time out default is 15 sec ldap timeout=30 # idmap domains = WINDOMAIN, TESTDOMAIN idmap domains = WINDOMAIN idmap config WINDOMAIN:backend = ldap idmap config WINDOMAIN:readonly = no idmap config WINDOMAIN:default=no idmap config WINDOMAIN:ldap_base_dn = ou=windomain,ou=idmap,o=mydomain.com idmap config WINDOMAIN:ldap_user_dn = cn=Directory Manager idmap config WINDOMAIN:ldap_url =ldap1.mydomain.com idmap config WINDOMAIN:range = 30000-39999 #idmap config TESTDOMAIN:backend = ldap #idmap config TESTDOMAIN:readonly = no...

...precated in 3.4 # idmap domains = DOMAIN_A DOMAIN_B DOMAIN_C # Next two lines restored in 3.4 - but prob don't need idmap uid = 30000-59999 idmap gid = 30000-59999 idmap config DOMAIN_A:backend = ldap idmap config DOMAIN_A:readonly = no idmap config DOMAIN_A:default=no idmap config DOMAIN_A:ldap_base_dn = ou=domain_a,ou=idmap,o=mydomain.com idmap config DOMAIN_A:ldap_user_dn = cn=Directory Manager idmap config DOMAIN_A:ldap_url = ldap://ldap1.domain.com idmap config DOMAIN_A:range = 30000-39999 idmap config DOMAIN_B:backend = ldap idmap config DOMAIN_B:readonly = no idmap config DOMAIN_B:default=...

...5 (EOL'ed) to 3.6; now, users from domain YYYYYYYY cannot access the PDC's shares. I used to have in smb.conf: > idmap backend=ldap:ldap://localhost/ > idmap alloc backend=ldap > idmap alloc config:ldap_url=ldap://localhost > idmap alloc config:ldap_base_dn=ou=idmap,dc=xxxxxxxx,dc=xx > idmap alloc config:ldap_user_dn=cn=root,dc=xxxxxxxx,dc=xx > idmap cache time=120 > idmap uid=150000-200000 > idmap gid=150000-200000 > template shell=/sbin/nologin > idmap config XXXXXXXX:backend=nss >...

...new idmap interface. Currently without much success. I have two samba domains, trusting each other. Each PDC using it's own LDAP server. I tried idmap domains = DOM1, DOM2 idmap config DOM1:default = yes idmap config DOM1:backend = ldap idmap config DOM1:ldap_base_dn = ou=Idmap,dc=dom1,dc=mydomain,dc=de idmap config DOM1:ldap_url = ldap://192.168.0.1 idmap config DOM1:range = 10000 - 20000 idmap alloc backend = ldap idmap config DOM2:default = no idmap config DOM2:backend = ldap idmap config DOM2:ldap_base...

...2: get rid of (all/most) idmap alloc parameters for idmap_ldap ? Hi, a second question about config-visible idmap changes I propose for samba 3.6: In my idmap rewrite, I kept the alloc related parameters for the LDAP idmap backend for now: - idmap alloc config : ldap_url - idmap alloc config : ldap_base_dn - idmap alloc config : ldap_user_dn and the related idmap alloc secret. I would like to get rid of these. Therefore, I am asking here, if there is anyone out there using these? I can not imagine a reason why one would want to use different server and/or user+password for storing the uid/gid coun...

Certainly: https://termbin.com/wr68 Thanks again! On 5/25/19 2:16 PM, Rowland penny via samba wrote: > On 25/05/2019 19:29, David Kowis via samba wrote: >> Hello! >> >> Running on FreeNAS 11 and my smb.conf (via testparm -v) is here >> https://termbin.com/v748 > > Do you want try again posting the smb.conf, but this time run 'testparm' > without the

...mputers ldap passwd sync = yes ldap suffix = dc=example,dc=com ldap user suffix = ou=People ldap debug level = 1 idmap config *:backend = ldap idmap config *:readonly = no idmap config *:range = 1000-1999999 idmap config *:ldap_url=ldap://localhost idmap config *:ldap_base_dn = cn=Manager,dc=example,dc=com idmap config MYDOMAIN:backend = ldap idmap config MYDOMAIN:readonly = no idmap config MYDOMAIN:range = 1000-1999999 idmap config MYDOMAIN:ldap_url=ldap://localhost idmap config MYDOMAIN:ldap_base_dn = cn=Manager,dc=example,dc=com idmap config M...

...um users = yes winbind enum groups = yes winbind uid = 10000-19999 winbind gid = 10000-19999 ldap ssl = no idmap backend = ldap:ldap://127.0.0.1 ldap idmap suffix = ou=idmap ldap password sync = yes idmap alloc backend = ldap idmap alloc config : ldap_url = ldap://127.0.0.1/ idmap alloc config : ldap_base_dn = ou=idmap,dc=seat,dc=massey,dc=ac,dc=nz idmap alloc config : ldap_user_dn = cn=admin,dc=seat,dc=massey,dc=ac,dc=nz idmap config SANDBOX : backend = ldap idmap config SANDBOX : range = 10000-19999 idmap config SANDBOX : ldap_url = ldap://127.0.0.1/ idmap config SANDBOX : ldap_base_dn = ou=idmap,dc=...

SNIP > > Hi people. > > I'm working on a trust relation between Samba 3.3.X and Windows 2003 > AD mixed mode. > > I have read the doc about this but for some reason wont work, my > PDC+LDAP is working but I still cannot make this 2 servers share > users. In my experience, it is fairly straightforward to get AD users trusted by the Samba controlled Domain, although

...fix = ou=idmap,dc=samba,dc=organizations ldap delete dn = yes encrypt passwords = true passdb backend = ldapsam ldapsam:trusted=yes ldapsam:editposix=yes idmap domains = MSHOME idmap config MSHOME:backend = ldap idmap config MSHOME:readonly = no idmap config MSHOME:default = yes idmap config MSHOME:ldap_base_dn = ou=idmap,dc=samba,dc=organizations,dc=my-domain,dc=com idmap config MSHOME:ldap_user_dn = cn=Manager,dc=my-domain,dc=com idmap config MSHOME:ldap_url = ldap://localhost idmap config MSHOME:range = 20000-500000 idmap alloc backend = ldap idmap alloc config:ldap_base_dn = ou=idmap,dc=samba,dc=organ...

...Yes panic action = /usr/share/samba/panic-action %d idmap alloc backend = ldap idmap uid = 90000-99999 idmap gid = 90000-99999 winbind enum users = Yes winbind enum groups = Yes idmap alloc config:range = 100000-500000 idmap alloc config:ldap_user_dn = cn=admin,cn=config idmap alloc config:ldap_base_dn = ou=idmap,o=mycompany idmap alloc config:ldap_url = ldap://ldap0.i.mycompany.org idmap config MYCOMPANY:range = 100000-500000 idmap config MYCOMPANY:default = yes idmap config MYCOMPANY:readonly = no idmap config MYCOMPANY:ldap_base_dn = ou=idmap,o=mycompany idmap config MYCOMPANY:ldap_user_...

...sfully* . pam password change = yes map to guest = bad user domain logons = yes logon path = logon script = login.bat admin users = root, Administrator, @Domain Admins, admin ;idmap uid = 10000-20000 ;idmap gid = 10000-20000 ;template shell = /bin/bash idmap alloc config:ldap_base_dn = ou=idmap,dc=foo idmap alloc config:ldap_user_dn = cn=admin,dc=foo idmap alloc config:ldap_url = ldapi:/// usershare allow guests = yes [homes] comment = Home Directories browseable = no read only = yes create mask = 0700 directory mask = 0700 valid users = %S [netlogo...

...idmap gid = 50000-500000 winbind enum users = Yes winbind enum groups = Yes idmap alloc config : range = 50000-500000 idmap alloc config : ldap_url = ldap://127.0.0.1/ idmap alloc config : ldap_user_dn = cn=root,dc=w3,dc=lan idmap alloc config : ldap_base_dn = ou=idmap,dc=w3,dc=lan idmap config BUILTIN : ldap_url = ldap://127.0.0.1/ idmap config BUILTIN : ldap_user_dn = cn=root,dc=w3,dc=lan idmap config BUILTIN : ldap_base_dn = ou=idmap,dc=w3,dc=lan idmap config BUILTIN : backend = ldap idmap config W3 : ldap_u...

...inname,dc=com idmap config DOMAINNAME:range = 100000 - 500000 idmap config DOMAINNAME:ldap_url = ldap://dal-dc1.domainname.com ldap://den-dc1.domainname.com idmap config DOMAINNAME:ldap_user_dn = cn=idmapmgr,cn=users,dc=domainname,dc=com idmap config DOMAINNAME:ldap_base_dn = ou=idmap,dc=sambaidmap,dc=domainname,dc=com idmap config DOMAINNAME:backend = ldap idmap config DOMAINNAME:default = yes hosts allow = (redacted) map acl inherit = No hide special files = Yes map archive = No map readonly = No...

...amp = No debug hires timestamp = No debug pid = Yes debug uid = Yes # # Winbind options # winbind enum users = Yes winbind enum groups = Yes idmap domains = TRUSTEDDOM idmap config TRUSTEDDOM:backend = ldap idmap config TRUSTEDDOM:default = Yes idmap config TRUSTEDDOM:ldap_base_dn = ou=TRUSTEDDOM,ou=Idmaps,dc=x-files,dc=fr idmap config TRUSTEDDOM:ldap_user_dn = cn=SambaAdmin,dc=x-files,dc=fr idmap config TRUSTEDDOM:ldap_url = ldap://localhost/ idmap config TRUSTEDDOM:range = 10000 - 10999 idmap alloc backend = ldap idmap alloc config:ldap_base_dn = ou=Idmaps...

...group suffix = ou=groups ldap idmap suffix = ou=idmap ldap machine suffix = ou=computers ldap passwd sync = Yes ldap suffix = <hidden> ldap delete dn = Yes ldap ssl = Off idmap config <hidden>:default = yes idmap config <hidden>:backend = ldap idmap config <hidden>:ldap_base_dn = ou=idmap,<hidden> idmap config <hidden>:ldap_user_dn = <hidden> idmap config ER.EMPIC.DE:ldap_url = ldap://localhost idmap config ER.EMPIC.DE:range = 10000 - 500000 idmap alloc backend = ldap idmap alloc config : ldap_base_dn = ou=idmap,<hidden> idmap alloc conf...

...p suffix = ou=c1,c=sv,o=Ferreteria EPA ldap user suffix = ou=people idmap domains = DEFAULT idmap alloc backend = ldap idmap alloc config:range = 10000-100000 idmap alloc config:ldap_url = ldap://127.0.0.1 idmap alloc config:ldap_user_dn = cn=Administrador,o=Ferreteria EPA idmap alloc config:ldap_base_dn = ou=idmap,ou=c1,c=sv,o=Ferreteria EPA idmap config DEFAULT:range = 10000-100000 idmap config DEFAULT:ldap_url = ldap://127.0.0.1 idmap config DEFAULT:ldap_user_dn = cn=Administrador,o=Ferreteria EPA idmap config DEFAULT:ldap_base_dn = ou=idmap,ou=c1,c=sv,o=Ferreteria EPA idmap config DEFAULT:...

...rd sync = yes >     ldapsam:trusted = yes >     ldapsam:editposix = yes >     idmap config *: backend = tdb >     idmap config *: range = 90000001-100000000 >     idmap config NOSGOTH: backend = ldap >     idmap config NOSGOTH: range = 10000-90000000 >     idmap config NOSGOTH: ldap_base_dn = ou=idmap,dc=dark,dc=kow,dc=is >     idmap config NOSGOTH: ldap_user_dn = cn=sambaadmin,dc=dark,dc=kow,dc=is >     idmap config NOSGOTH: ldap_url = ldap://pione.dark.kow.is > > When I tested creating a PDC some time ago, I could only get it working > with this: > >     passd...

...dap delete dn = yes ldap group suffix = ou=groups ldap machine suffix = ou=machines ldap user suffix = ou=users ldap suffix = dc=seat,dc=massey,dc=ac,dc=nz preload modules = /usr/lib/samba/idmap/ldap.so winbind enum users = yes winbind enum groups = yes idmap alloc backend = ldap idmap alloc config:ldap_base_dn = ou=idmap,dc=seat,dc=massey,dc=ac,dc=nz idmap alloc config:ldap_user_dn = cn=admin,dc=seat,dc=massey,dc=ac,dc=nz idmap alloc config:ldap_url = ldap://localhost idmap alloc config:range = 50000-500000 idmap config BUILTIN:backend = ldap idmap config BUILTIN:readonly = no idmap config BUILTIN:defaul...