search for: smbmap

Hi list, I am experimenting with two member servers (both samba4). I am using following configuration: membersrv:/etc/samba/smb.conf: ========================== [...] username map = /etc/samba/smbmap [...] membersrv:/etc/samba/smbmap: ========================= !root = MYDOM\johndoe MYDOM\foo MYDOM\bar MYDOM\Administrator Administrator So the domain users from my AD called "John Doe", "Foo" and "Bar" as well as the default samba4 AD "Administrator" accou...

> Comment from Rowland: > [...]an AD user without a uidNumber is merely a windows user Hi Rowland, just for my understanding, I have a question. If a domain user in my samba4 AD domain does not have been assigned with a "uid" on the [UNIX Attribute] tab of my ADUC tool, that user in general *cannot* access any of the shares of that particular member server? Is that correct? My

...---------- > ????Rowland Penny > ?????2014-11-28 17:59:18 > ?????? > ???samba > ???Re: [Samba] Setup_a_Samba_AD_Member_Server can get the id of user. > > On 28/11/14 01:33, ?? wrote: >> Rowland Penny,??: >> I had test to setup >> username map = /etc/samba/smbmap >> and I got the same error >> >> winbindd -V >> Version 4.1.11-Ubuntu >> >> >> ------------------ >> ?? >> 2014-11-28 >> >> ------------------------------------------------------------- >> ????Rowland Penny >> ?????2...

Hello, I am running Samba 4.1.12/Sernet on Debian Wheezy 64bit and I am about to setup my member server. The DC was provisioned with rfc2307 and extended attributes. I have assigned to the domain group called "Domain Users" the GID=10000. My member server was prepared with ACL+user_xattr and winbind support. My /etc/nsswitch.conf is using "winbind" for passwd+group, and

...c:1397(switch_message) switch message SMBtrans2 (pid 1122) conn 0xb8f54520 [2013/08/24 18:43:24.798960, 3] ../source3/smbd/trans2.c:5291(call_trans2qfilepathinfo) file server: [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = secrets and keytab username map = /home/steve/smbmap log level = 3 [users] path = /home/users read only = No smbmap: !Administrator = HH3\Administrator Client: [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = system keytab Tested with sssd and nslcd. (yes, it's the same with winbind) Why is smbd looking for files wh...

I have seen mentioned in other posts that when joining a DC with your linux client there is a way to do it and NOT use Powerbroker Open (new name for Likewise-Open). Where do I find this procedure? -- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] "Everyone deserves an award!!" Links: ------ [1]

I am facing an issue which I cannot explain myself. The roaming profiles don't work for users that are members of the group "Domain Admins". The [profiles] share on the member server was configured exactly as explained on the wiki for roaming profiles. It works like a charm for all domain users, *BUT*: if a user is member of the group "Domain Admins" it *doesn't* :-(

...---------- > ????Rowland Penny > ?????2014-11-28 17:59:18 > ?????? > ???samba > ???Re: [Samba] Setup_a_Samba_AD_Member_Server can get the id of user. > > On 28/11/14 01:33, ?? wrote: >> Rowland Penny,??: >> I had test to setup >> username map = /etc/samba/smbmap >> and I got the same error >> >> winbindd -V >> Version 4.1.11-Ubuntu >> >> >> ------------------ >> ?? >> 2014-11-28 >> >> ------------------------------------------------------------- >> ????Rowland Penny >> ?????2...

...---------- > ????Rowland Penny > ?????2014-11-28 17:59:18 > ?????? > ???samba > ???Re: [Samba] Setup_a_Samba_AD_Member_Server can get the id of user. > > On 28/11/14 01:33, ?? wrote: >> Rowland Penny,??: >> I had test to setup >> username map = /etc/samba/smbmap >> and I got the same error >> >> winbindd -V >> Version 4.1.11-Ubuntu >> >> >> ------------------ >> ?? >> 2014-11-28 >> >> ------------------------------------------------------------- >> ????Rowland Penny >> ?????2...

...= 10000-999999 > idmap config EXAMPLE:schema_mode = rfc2307 > printcap name = cups > cups options = raw > usershare allow guests = yes > domain master = no > local master = no > preferred master = no > os level = 20 > map to guest = bad user > username map = /etc/samba/smbmap > > create /etc/samba/smbmap > > !root = EXAMPLEAdministrator Administrator admionistrator > > edit /etc/krb5.conf > > [libdefaults] > default_realm = EXAMPLE.COM > dns_lookup_realm = false > dns_lookup_kdc = true > ticket_lifetime = 24h > forwardable = ye...

...p config SAMBA:schema_mode = rfc2307 printcap name = cups cups options = raw usershare allow guests = no domain master = no local master = no preferred master = no os level = 20 map to guest = bad user username map = /etc/samba/smbmap vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes server max protocol = SMB3 client max protocol = SMB3 # Home Shares [home] comment = my share description path = /srv/samba/myshare read only = no -- -James

...MPLE:schema_mode = rfc2307 printcap name = cups cups options = raw usershare allow guests = yes domain master = no local master = no preferred master = no os level = 20 map to guest = bad user username map = /etc/samba/smbmap create /etc/samba/smbmap !root = EXAMPLE\Administrator Administrator admionistrator edit /etc/krb5.conf [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes make sure that /etc/resolv.conf...

...with a Windows server. Here is the Global portion of my current smb.conf file: [global] workgroup = NA realm = NA.MYCOMPANY.COM server string = forge security = ADS map to guest = Bad User passdb backend = smbpasswd username map = /packages/smbmap/smbnames unix password sync = Yes client NTLMv2 auth = Yes log level = 3 log file = /var/log/samba/%m.log max log size = 0 printcap name = cups domain master = No wins server = 10.180.32.4 idmap uid = 10000-20000 idmap...

...curity = DOMAIN encrypt passwords = Yes obey pam restrictions = Yes password server = * pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* username map = /packages/smbmap/smbnames unix password sync = Yes log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No wins server = IP ADDRESS printing = cups My current smb.conf looks like this: [global] workgroup = MYWORKGROUP realm = MYWORKGROUP...

...; usershare allow guests = no > >> domain master = no > >> local master = no > >> preferred master = no > >> os level = 20 > >> map to guest = bad user > >> username map = /etc/samba/smbmap > >> vfs objects = acl_xattr > >> map acl inherit = Yes > >> store dos attributes = Yes > >> server max protocol = SMB3 > >> client max protocol = SMB3 > >> > >> # Home Shares > >> [...

...idmap config *:range = 70001-80000 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes template shell = /bin/false username map = /etc/samba/smbmap vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes ================================================== I am irritated at the moment because of a strange behaviour I never realized before... I am creating a new share on linux prompt with "mkdir -p...

Hello all, I have really strange problem with Samba 4.1.0 - regarding only one user - Administrator. There are 2 servers: NAS (which is DC) and CHEETAH (Which is domain member). Have spent long time in efforts to sync UID/GID across servers (these are used both from Linux over NFS and from Windows) - and finally wrote the scripts to make all users/groups (even including the builtin one, like

...t has one big disadvantage ==> the directory .\johndoe on the given share is created with the owner name of the user that is logged-in and using the ADUC tool. In that example, the owner of the directory "\\membersrv1\home\it-admin1" is "it-admin1". If I would have used "smbmap" feauture and thus would have mapped it-admin1 to the root account, the owner of that new automatically created directory would be "root". In conclusion, that is very normal and I did expect that behaviour. ADUC provides this feauture, but I would like to have the "owner = johnd...

...onfig EXAMPLE:schema_mode = rfc2307 printcap name = cups cups options = raw usershare allow guests = yes domain master = no local master = no preferred master = no os level = 20 map to guest = bad user username map = /etc/samba/smbmap vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes # Home Shares #[home] # comment = Home Shares # path = /srv/samba/users # read only = no # Folder Redirection [users$] comment = Folder Redirect path = /srv/samba/re...

...ntcap name = cups > cups options = raw > usershare allow guests = no > domain master = no > local master = no > preferred master = no > os level = 20 > map to guest = bad user > username map = /etc/samba/smbmap > vfs objects = acl_xattr > map acl inherit = Yes > store dos attributes = Yes > server max protocol = SMB3 > client max protocol = SMB3 > > # Home Shares > [home] > comment = my share description > path =...