search for: sambasidentries

I am looking at my computer accounts that were created using smbldap-useradd.pl -w workstationname. And I see the following objectClasses: top inetOrgPerson posixAccount sambaSamAccount I understand I need one structural objectClass, but don't understand why inetOrgPerson is being used. Couldn't I use sambaSidEntry instead? sambaSidEntry is structural, and only requires sambaSID.

Hi, I have a question about sambaGroupType attribute on a Samba 3.2 PDC with LDAP backend (and nss_ldap + nss_winbind). What should be the value for Administrators builtin group ? If i use smbldap-populate from smbldap-tools, the value of sambaGroupType is 5 (and the LDAP entry for this group is a posixGroup and a sambaGroupMapping). I've also noticed that "wbinfo -g" doesn't

Hi all, I have Samba server joined Active Directory domain based on win2008r2, using LDAP as idmap backend. Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4). Now I constantly observe those messages in log: [2011/02/03 09:10:25.696896, 0] winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping) ldap_set_mapping_internals: Failed to add S-1-5-21-3807515285-1394671770-2144936185-513

I am sure that I don't quite have LDAP setup with the proper Samba entries, but I only need a "bread crumb" to get me pointed in the right direction. Where do I find some information on how and where to place the sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically created?), and sambaSidEntry in the LDAP tree. Could someone just give me a little hint as to where the

Hi all, I'm not able to create localgroups as described in "docs/man/Samba-HOWTO-Collection/groupmapping.html" I have tested Samba 3.2.5 and 3.2.6 on Debian lenny. As usual I am using openldap as backend. First I have tested with smbldap-tools, then I have switched to ldapsam:editposix = yes ldapsam:trusted = yes and removed all the script entries from smb.conf.

Hello guys! I'm using samba 3.2.4 (binaries from samba.org) on SLES9+sp3. I am building a PDC with LDAP support (i am attaching my config files), I'm also using ldapsam:trusted and ldapsam:editposix. Although I am setting the account lock after 3 failed tries in usrmgr, and verified that the parameters are actually set in the LDAP, no locking occurs. I started thinking that it was my

I can NOT find any information on how to get the following into the LDAP tr= ee (and where they should be located) from the documentation. I am definite= ly an LDAP beginner and assembling the tree from reading schema's is still = over my head. I am able to connect to samba using only LDAP authentication = and can add users, but that is all I can successfully do, "net groupmap add=

I am running Samba 3.4.7on Fedora Core 11 Linux. This is a domain member. My PDC is Samba 3.4.9 on Solaris 10. I have LDAP as a backend (Sun/Oracle Directory Server 6.) I have an OU for user accounts, and an OU for idmap entries. The PDC has already populated some idmap entries. An idmap entry looks like dn: sambaSID=S-1-5-21-xxxxxxxxxxxxxxx-1121,ou=mydomain,ou =idmap,o=mycomany.com

Thanks for your help in adance !!! I work with SAMBA HEAD since alpha24. I have running a BDC, PDC, Printserver on 3 separate pc's. In my domain is integrated a nativ w2k Fileserver ( Dell Nas PowerVault 725 ) for fileserving. Passwords are held in LDAP on every (Linux) machine pam-ldap works. Every thing was fine before the last update to BETA 3. Problem : I was updating from BETA 2 to

I am still trying to troubleshoot my problem of not being able to join computers to the domain. I have found this comment by John Terpstra:- >Newsgroups: linux.samba >From: John H Terpstra <j...@samba.org> - Find messages by this author >Date: Wed, 14 Jan 2004 00:00:17 +0100 >Curtis, >Do not set the UID of Administrator to 0, it will break winbind use. >Instead, use the

...First, the account database is there (typically, in sambaSamAccounts under ou={People,Computers},dc=example,dc=com, and in sambaGroupMappings under ou=Groups,dc=example,dc=com). Second, the mapping between SIDs, uids and gids is stored under ou=Idmap,dc=example,dc=com in sambaIdmapEntries and sambaSidEntries. Right? However, it also looks possible to store posix account information in posixAccounts under ou={People,Computers},dc=example,dc=com, as in fact many tools (LAM and those from IDEALX) do. Does it really work in a PDC + BDC setup? Are those two methods of storing uids and gids really mutua...

Hi, I'm having some problems in the following situation: - a SLES9 PDC (Samba/OpenLDAP) - a IBM NAS500 Gateway, supposed to be a storage with SMB features, but Samba is far better than that I've got Samba 3.0.23 working, and i can see my LDAP users/groups (through aix native ldap client -- i mean, the "id" command returns every user found in the base). However, i'm not

hi, can somebody explain, how the idmap backend with ldap works exactly. sorry for that stupid questions, but the docu is not clear for me. http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ idmapper.html#id2588292 i understand the idmap topic/difficulty, why i need this, but how the ldap get filled with idmap entries? automatically/dynamically if winbind is running? or

Hello, I recently switched an environment from Samba 2.x to 3.0 without any major problems. LDAP database was converted and everything worked fine, _including_ chaning passwords with smbpasswd. However, I now had to create a new account, which failed. I created an LDAP entry first, because I use LDAP for Unix-Authentification as well. Afterwards, I wanted to add the Samba-specific attributes

Using Samba 3.0.2pre1 under SuSE 8.2. I have seen several references now in this list noting that the browse for machine accounts in Samba 3 is broken, and 'People' should be used instead. I changed smb.conf to 'ldp machine suffix = ou=People' and I changed smbldap_conf.pm to '$computersou=(People). I then cleared ldap, ran smbldap-populate.pl, and changed the uid of

Dear samba users, I have very strange problem. I have Samba PDC up and running, but only thing is missing. I cannot see any Domain Groups at all. Here is my config: Debian Squeeze: ii samba 2:3.5.6~dfsg-3squeeze8 SMB/CIFS file, print, and login server for Unix ii samba-common 2:3.5.6~dfsg-3squeeze8 common files used by both the Samba

hi list, i recently recognized, that winbind on my fileserver (needed for allocating SID->UIDs when setting ACL's from windows box) adds ldap attributes although the SID already exists !!??!?! example i have a user "install" # install, users, eva.mpg.de dn: uid=install,ou=users,dc=eva,dc=mpg,dc=de objectClass: posixAccount objectClass: person objectClass: sambaSamAccount cn:

Hi I have a little problem with my ldap authorization of samba against Novel LDAP server. This is the log output from the Novel Ldap server: ---------------------------------------------------------------------------------------------------- New TCP connection 0xcb1e3980, monitor = 0x1bf, index = 2 (0xcb1e3980:0x0001:0x60) DoBind on connection 0xcb1e3980 (0xcb1e3980:0x0001:0x60) DoBind: name =

I am setting up a Samba 3 server with ldap support- packages from Debian backports.org- but have run into a problem setting up the samba attributes. If there is a user existing in the local /etc/passwd file then smbpasswd -a correctly sets up the samba user in the ldap directory. However, if I preload the posixAccount and other data for a user using an ldif import then attempt to use smbpasswd to

Hi All, The bundled "samba-schema-netscapeds5.x" file provides the schema for Samba 2.2.x attributes not 3.x. I have successfully imported this schema into the iPlanet directory server, and then run the smbldap-migrate-accounts.pl script. This created posixAccount objects but not sambaAccount objects. I later learned that the script calls smbldap-useradd.pl which is designed to create