search for: testadmin

...rds (just hit enter), I get passwd: Authentication > token manipulation error passwd: password unchanged > ? > So, I'm a little puzzled. > ? > -Greg > ? I asked because before I replied to your post, I tried to create a user and got this: adminuser at tmpdc1:~ $ sudo adduser testadmin Adding user `testadmin' ... Adding new group `testadmin' (1001) ... Adding new user `testadmin' (1001) with group `testadmin (1001)' ... Creating home directory `/home/testadmin' ... Copying files from `/etc/skel' ... New password: Retype new password: passwd: password upd...

> adminuser at tmpdc1:~ $ sudo adduser testadmin > Adding user `testadmin' ... > Adding new group `testadmin' (1001) ... > Adding new user `testadmin' (1001) with group `testadmin (1001)' ... > Creating home directory `/home/testadmin' ... > Copying files from `/etc/skel' ... ? It's at this point I get t...

...results below; Queried against Samba 4.11.4 (query is for OU=Business but response is from OU=Test): $ldapsearch -D username at internal.xxx.yy -w password -H ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" # extended LDIF # # LDAPv3 # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel # filter: (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) # requesting: ALL # # Test Admin, Test, internal.xxx.yy dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=y...

...ferently for the same query. Indeed. > This is how it looks when I run a query (I redacted the domain and > account names a bit): > > ldapsearch -D username at internal.xxx.yy -w password -H ldaps://<samba DC> > -s one -b ou=business,dc=internal,dc=xxx,dc=yy samaccountname=testadmin > # extended LDIF > # > # LDAPv3 > # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel > # filter: samaccountname=testadmin > # requesting: ALL > # This is a worry. Can you file a bug? I've sent you an invite to our bugzilla. It seems we have an issu...

> On Mon, 13 May 2024 17:10:20 -0700 > Gregory Sloop via samba <samba at lists.samba.org> wrote: >> I feel like this should be super easy, and that I must be doing >> something dumb, but I need to create another sudo user for the VM's >> the DC's are running on. >> I've created a "domain admin" equivalent user in AD - and perhaps >>

...ried against Samba 4.11.4 (query is for OU=Business but response is > from OU=Test): > $ldapsearch -D username at internal.xxx.yy -w password -H > ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy > "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" > # extended LDIF > # > # LDAPv3 > # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel > # filter: > (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) > # requesting: ALL > # > > # Test Admin, Test, internal.xxx.yy...

...ds (it took me a while to figure out that I needed "tls verify peer = no_check" and "ldap server require strong auth = no" to be able to run the query): samba-4.11.0$ /usr/local/samba/bin/ldbsearch -H ldaps://dc01 -s one -b ou=business,dc=internal,dc=xxx,dc=yy samaccountname=testadmin -Uusername Password for [XXX\username]: # record 1 dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy <snip> distinguishedName: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy # returned 1 records # 1 entries # 0 referrals samba-4.11.0$ sudo /usr/local/samba/bin/ldbsearch -H ldb:///usr/loc...

...s Great, that rules out some odd client-specific (eg ASN.1 parsing) issues and makes it a little easier for me to test. > > samba-4.11.0$ sudo /usr/local/samba/bin/ldbsearch -H > ldb:///usr/local/samba/private/sam.ldb -s one -b > ou=business,dc=internal,dc=xxx,dc=yy samaccountname=testadmin > -Uusername > # record 1 > dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy > <snip> > distinguishedName: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy > > # returned 1 records > # 1 entries > # 0 referrals > > > Also, it seems that I was wrong about...

...gt;> >> This is how it looks when I run a query (I redacted the domain and >> account names a bit): >> >> ldapsearch -D username at internal.xxx.yy -w password -H ldaps://<samba >> DC> -s one -b ou=business,dc=internal,dc=xxx,dc=yy >> samaccountname=testadmin >> # extended LDIF >> # >> # LDAPv3 >> # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel >> # filter: samaccountname=testadmin >> # requesting: ALL >> # >> >> # Test Admin, Test, internal.xxx.yy >> dn: CN=Test Admin,...

On Wed, 12 Jun 2024 09:00:47 +0200 Christian Naumer via samba <samba at lists.samba.org> wrote: > Am 11.06.24 um 19:37 schrieb Luis Peromarta via samba: > > Correct, and I have done so and explained extensively at the > > beginning to this thread. > > > > Question is: > > > > Should we stop telling people to provision with idmap_ldb:use > >

....11.4 (query is for OU=Business but response is > > from OU=Test): > > $ldapsearch -D username at internal.xxx.yy -w password -H > > ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy > > "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" > > # extended LDIF > > # > > # LDAPv3 > > # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel > > # filter: > > (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) > > # requesting: ALL > > # > &...

...ese are all VMs I am working on. I have tried it on several different "test" VMs. Blew away VMs and created new ones, still does not work. It takes me a little time to type the info from the directories because I cannot copy/past due to network separation. Contents below: /etc/hostname testadmin /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 localhost6.localdomain6 IPADDR testadmin.mydomain.com testadmin IPADDR DC1.mydomain.com DC1 /etc/resolv.conf search mydomain.com nameserver "ipa...

...Domain Administrators (S-1-5-21-1079125125-2089603153-60846589-512) -> Domain Admins Domain Users (S-1-5-21-1079125125-2089603153-60846589-513) -> Domain Users Domain Guests (S-1-5-21-1079125125-2089603153-60846589-514) -> Domain Guests Domain Admins has a few members; among them, account testadmin has UID 0, and account printsetup has UID 12632. Domain Admins has the following rights: net rpc rights list "Domain Admins" SeMachineAccountPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeRemoteShutdownPrivilege SeDiskOperatorPrivilege "Domain Admins" members have no...

...e joined, what does this produce: net ads testjoin > > It takes me a little time to type the info from the directories > because I cannot copy/past due to network separation. Can you explain 'network separation' ? > > Contents below: > > /etc/hostname > testadmin Nothing wrong there. > > /etc/hosts > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 IPADDR  testadmin.mydomain.com   testadmin > IPADDR DC1.mydomain.com            DC1...

...is for OU=Business but response is >>> from OU=Test): >>> $ldapsearch -D username at internal.xxx.yy -w password -H >>> ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy >>> "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" >>> # extended LDIF >>> # >>> # LDAPv3 >>> # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel >>> # filter: >>> (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) >>> # requesting: A...

...or Once joined, what does this produce: net ads testjoin > > It takes me a little time to type the info from the directories > because I cannot copy/past due to network separation. Can you explain 'network separation' ? > > Contents below: > > /etc/hostname > testadmin Nothing wrong there. > > /etc/hosts > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 IPADDR testadmin.mydomain.com testadmin > IPADDR DC1.mydomain.com DC1 Agai...

...t some odd client-specific (eg ASN.1 parsing) > issues and makes it a little easier for me to test. > >> >> samba-4.11.0$ sudo /usr/local/samba/bin/ldbsearch -H >> ldb:///usr/local/samba/private/sam.ldb -s one -b >> ou=business,dc=internal,dc=xxx,dc=yy samaccountname=testadmin >> -Uusername >> # record 1 >> dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy >> <snip> >> distinguishedName: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy >> >> # returned 1 records >> # 1 entries >> # 0 referrals >> >>...

...join > > > > > It takes me a little time to type the info from the directories > > because I cannot copy/past due to network separation. > > Can you explain 'network separation' ? > > > > > Contents below: > > > > /etc/hostname > > testadmin > > Nothing wrong there. > > > > > /etc/hosts > > 127.0.0.1 localhost localhost.localdomain localhost4 > > localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 > > localhost6.localdomain6 IPADDR testadmin.mydomain.com testadmin > > IP...

Yes global is there. testparm output shows everything is ok, no error. ROLE_DOMAIN_Member Then I can press enter and see a dump. yes, wbinfo produces output of mydomain\user I left the domain, rejoined, and still no such user. wbinfo outputs users and groups on command. On Thu, Mar 14, 2019 at 1:59 PM Rowland Penny via samba < samba at lists.samba.org> wrote: > On Thu, 14 Mar 2019

...join > > > > > It takes me a little time to type the info from the directories > > because I cannot copy/past due to network separation. > > Can you explain 'network separation' ? > > > > > Contents below: > > > > /etc/hostname > > testadmin > > Nothing wrong there. > > > > > /etc/hosts > > 127.0.0.1 localhost localhost.localdomain localhost4 > > localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 > > localhost6.localdomain6 IPADDR testadmin.mydomain.com testadmin > > IP...