search for: tovey

...d the Samba database files in /var/lib/samba and rejoined the domain when I switched), and still the same. If the account exists locally I can authenticate against AD and map the share. No local account and it fails. -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of John Yocum Sent: Friday, October 9, 2015 1...

...in AD. And it still will not allow the testuser account to map the share unless the account exists in the local passwd file. It is getting the password from AD, but only if the account exists in the local system too. -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 ________________________________________________________________ -----Original Message----- From: samba [mailto:samba-bounces at lists.s...

...LOPMENT\smbgrp And the contents of the users.map file: appacct = @DEVELOPMENT\smbgrp I am using Samba 4.0.0 on an OEL 6.5 server (RHEL 6.5 equivalent). And help will be greatly appreciated. Thanks, -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi<http://www.go2uti.com/> | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com<mailto:MTovey at go2uti.com> | O / C +1 503 953-1389

...unt.” The guest account is set to “nobody” and it does exist in the passwd file, but the mapping does not seem to be occurring. Am I misunderstanding the meaning here? Or perhaps how the guest account functions? -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny Sent: Friday, October 9,...

On 09/10/15 20:57, Tovey, Mark wrote: > No joy. I added winbind to the passwd, shadow, and group lines and it is still not working. I also switched back to ad instead of rid (I deleted the Samba database files in /var/lib/samba and rejoined the domain when I switched), and still the same. If the account exists l...

...tches what I am encountering. I think this is what I am up against now. So, I guess I just have to put the user accounts into both systems until the patch can be rolled into the vendor released version I am using. -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny Sent: Friday, October 9, 201...

On 13/10/15 20:47, Tovey, Mark wrote: > I downloaded the source code for Samba 4.0.0, the same as is distributed with my OS. I applied the patch as described in Bug 9862, compiled and installed the code, and now it works as expected. Having the user account in AD only is sufficient, I no longer have to have the a...

...g as outlined in bug 9862. I will open a ticket with the OS vendor and request that they update their distribution. This will likely ripple upstream through all the rest of the OS vendors and into the Samba base. -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Tovey, Mark Sent: Saturday, October 10, 20...

On 09/10/15 18:54, Tovey, Mark wrote: > > Got it. I changed that section as follows: > > idmap config *:backend = tdb > > idmap config *:range = 5000-29999 > > idmap config DEVELOPMENT:backend = ad > > idmap config DEVELOPMENT:schema_mode = rfc2307 > &gt...

...amba won't know that it is using AD in the background and will just be using local authentication mechanisms. Does anyone have any experience using Samba in conjunction with SSSD and can offer any advice there? -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny Sent: Friday, October 9, 201...

...evtst-corp.go2uti.com = DEVTST-CORP.GO2UTI.COM [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } net ads testjoin: Join is OK ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 Until you can get 'getent passwd username' to return the users info, it will never work and I can assure it will work if every...

On 10/09/2015 12:31 PM, Tovey, Mark wrote: > The only way it seems to work is if I do have both the local and AD user with the same name. But my goal here is to not require that, to have the AD account only. > I have applied Unix attributes to the users. testuser uidNumber = 30089 and gidNumber = 100. However,...

...ears old too. Maybe this will help make them push out an updated version of Samba. They have Samba 4.1 in the OEL7 release, which is still a bit behind, but better. Perhaps they will make that available to OEL6 too. -Mark ________________________________________________________________ Mark Tovey - UNIX Engineer | Service Strategy & Design UTi | 400 SW Sixth Ave, Suite 1100 | Portland | Oregon | 97204 | USA MTovey at go2uti.com | O / C +1 503 953-1389 -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny Sent: Tuesday, October 13, 2...

...admit that I haven't done an exhaustive search yet, but in looking over the documentation I haven't seen any mention of anything that needs to be done to migrate an existing directory to the new schema. Are there any tools that will aid in the migration? Thanks /dwight -- Dwight N. Tovey email: dwight@dtovey.net web: http://www.dtovey.net/~dwight ----------- The greatest griefs are those we cause ourselves - Sophocles

...just be changed without any problems and the SID is just carried forward? Apologies if this is covered in the books or the archives. I've looked around, but sometimes with a flood of information it's easy to miss the little specific details that I'm after. /dwight -- Dwight N. Tovey email: dtovey@emergecore.com --------- Work to Live : Live to Ride : Ride to Work

...me as was set by my script. Do I need to have my script set the 'sambaNTPassword' attribute? If so, what to I set it to? Or maybe I need to have it exit with some value? I'm obviously missing some little detail. Any pointers would be greatly appreciated. /dwight -- Dwight N. Tovey email: dtovey@emergecore.com --------- Work to Live : Live to Ride : Ride to Work

...chroot jail with a minimal passwd file. It's a bit of a pain to set up the chroot, but unless I have missed some other option (highly likely), this seems like the best way to tighten up the system again. So, what obvious configuration option did I completely miss? /dwight -- Dwight N. Tovey email: dtovey@emergecore.com --------- Work to Live : Live to Ride : Ride to Work

On 08/10/15 23:20, Tovey, Mark wrote: > I have a requirement where I need to make a directory tree on a Linux system available to a group of users that authenticate against an AD system. I have successfully joined my system to our AD domain and I am able to manage access to a share with a security group in AD, so...

Is there a trick to append an additional directory level onto the defauly behavior of a [homes] share looking in /etc/passwd to find the users Linux home dir? It would offer a bit of protection if Windows clients ended up in say the WinHome directory within their Linux home directory when logging in from Windows so they are not tempted to tamper with their desktop settings files for Linux from

On 09/10/15 22:22, Tovey, Mark wrote: > So I made the primary group for the testuser account be smbgrp, and it's gidNumber is 30124. Still nothing. "getent passwd testuser" returns nothing unless testuser is in the local passwd file, and then it returns the attributes that are in the passwd file, no...