search for: userdn

...t would be appreciated. #!/usr/bin/perl # # ldap-adduser.pl - Script to add users to an OpenLDAP backend # # takes one argument -u use Getopt::Long; $HOST = "127.0.0.1"; $BASEDN = "dc=dcscorp,dc=net"; $ADMINDN = "cn=admin,$BASEDN"; $ADMINPASS = 'xxxxxxxx'; $USERDN = "ou=People"; $GROUPDN = "ou=Groups"; $COMPUTERDN = "ou=Computers"; $LDAPADD = "/usr/bin/ldapadd"; $LDAPDELETE = "/usr/bin/ldapdelete"; $LDAPMODIFY = "/usr/bin/ldapmodify"; $LDAPSEARCH = "/usr/bin/ldapsearch"; $HOMEDIR = "/...

...imap, and want to bring a special problem to your attention: I would like to use auth_bind and prefetch, b/c due to data security restriction the user information is only visible to the user himself. From http://wiki.dovecot.org/AuthDatabase/LDAP I found out that pass_attrs only works if no userdn template is set. But when unsetting userdn, dovecot-auth still tries to find the information from pass_attrs before binding. I'm no coding expert so here is my question: would it be possible to make pass_attrs work with userdn? If yes, even prefetch would work. right now, when using userd...

All, I'm not sure if I sent this in yet or not. Basically it works like this: if you set "fast_bind = yes" it overrides auth_bind. And requires that you set userdn. Example config: fast_bind = yes userdn = cn=%u,ou=people,o=dovecot I'm using the patch right now on the cvs head branch. Comments are welcome. Geff -------------- next part -------------- A non-text attachment was scrubbed... Name: patch.dovecot.fastbind Type: application/octet-stream Siz...

...My scenario: I have a file server which hosts need to access public folders and private folders.OS: Centos7Samba version: 4.2.3  | 11.el7_2Selinux DisabledFirewalld disabled smb.conf[global]workgroup = WORKGROUP server string = Samba Server %v netbios name = centossecurity = usermap to guest = bad userdns proxy = no#============================ Share Definitions ==============================[Anonymous]path = /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only = noguest only = yescreate mode = 0777directory mode = 0777 folder permissionsdrwxrwxrwx. 2 nobody nobody 6 Jan 18 20...

...rmap ldap_connections_number = 5 # password_header = "{clear}" # password_attribute = userPassword # groupname_attribute = cn # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" # groupmembership_attribute = radiusGroupName timeout = 4 timelimit = 3 net_timeout = 1 # compare_check_items = yes # access_...

...* File "/usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py", line 845, in upgrade_from_samba3* * result.names.domaindn, result.lp, use_ntvfs)* * File "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", line 1693, in setsysvolacl* * userdn = '<SID={}-{}>'.format(domainsid, security.DOMAIN_RID_ADMINISTRATOR)* I don't recall seeing this during my testing with 4.8.X, but I decided to do my actual upgrade with 4.9. But I'm also not sure it isn't just related to a new account or setting we made between testing a...

...e for change user's own password by user. Password change must be on main server. I try login by user to main server, and i can't change own password. Added that ACL (via centos-idm-console): (targetattr = "userPassword") (version 3.0; acl "ChangePass"; allow (write) (userdn = "ldap:///self") and (dns="*.neyvabank.ru") ;) No effect. How i can give rights to users for change passwords? -- Stanislav

Hello, I am currently migrating from OpenLDAP to Samba 4 PDC, and I have a webpage (PHP/Apache) available for users so that they can change their password on the existing LDAP server. I attempted to adjust that script to change the password on the Samba 4 AD controller, but I get a "cannot connect" error to LDAP. The web server the password script is running on is not on the same

...s/samba/upgrade.py", > > line 845, in upgrade_from_samba3* > > * result.names.domaindn, result.lp, use_ntvfs)* > > * File > > "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", > > line 1693, in setsysvolacl* > > * userdn = '<SID={}-{}>'.format(domainsid, > > security.DOMAIN_RID_ADMINISTRATOR)* > > The answer is staring you in the face ;-) python2.6 isn't new enough for: '<SID={}-{}>'.format(domainsid,security.DOMAIN_RID_ADMINISTRATOR) It would have to be: '<SI...

Hi, We are tying to integrate NextCloud like applications with Samba-AD for authentication purposes. We are receiving the error message, "Cannot Connect to Active Directory". The settings used for establishing connection are as follows: Server Name : dc.example.com UserDN : CN=Administrator,CN=Users,DC=example,DC=com Password = ************ BaseDN = DC=example,DC=com. NextCloud server is able to detect the port as 389. But cannot detect the BaseDN. However the same setting works perfectly with AD on Windows Server 2008 R2 or Windows Server 2012 R2. Our smb.conf...

...My scenario: I have a file server which hosts need to access public folders and private folders.OS: Centos7Samba version: 4.2.3  | 11.el7_2Selinux DisabledFirewalld disabled smb.conf[global]workgroup = WORKGROUP server string = Samba Server %v netbios name = centossecurity = usermap to guest = bad userdns proxy = no#============================ Share Definitions ==============================[Anonymous]path = /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only = noguest only = yescreate mode = 0777directory mode = 0777 folder permissionsdrwxrwxrwx. 2 nobody nobody 6 Jan 18 20...

...m_samba3* > > > > * result.names.domaindn, result.lp, use_ntvfs)* > > > > * File > > > > > > "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", > > > > line 1693, in setsysvolacl* > > > > * userdn = '<SID={}-{}>'.format(domainsid, > > > > security.DOMAIN_RID_ADMINISTRATOR)* > > > > > > > > The answer is staring you in the face ;-) > > > > python2.6 isn't new enough for: > > > > '<SID={}-{}>'.format(do...

...a file server which hosts need to access public > folders and private folders.OS: Centos7Samba version: 4.2.3  | > 11.el7_2Selinux DisabledFirewalld disabled smb.conf[global]workgroup = > WORKGROUP server string = Samba Server %v netbios name = centossecurity = > usermap to guest = bad userdns proxy = no#============================ > Share Definitions ==============================[Anonymous]path = > /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only > = noguest only = yescreate mode = 0777directory mode = 0777 > > folder permissionsdrwxrwxrwx. 2...

...le server which hosts need to access public > folders and private folders.OS: Centos7Samba version: 4.2.3  | > 11.el7_2Selinux DisabledFirewalld disabled > smb.conf[global]workgroup = WORKGROUP > server string = Samba Server %v > netbios name = centossecurity = usermap to guest = bad userdns proxy = > no#============================ Share Definitions > ==============================[Anonymous]path = > /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only > = noguest only = yescreate mode = 0777directory mode = 0777 > > folder permissionsdrwxrwxrw...

...My scenario: I have a file server which hosts need to access public folders and private folders.OS: Centos7Samba version: 4.2.3 | 11.el7_2Selinux DisabledFirewalld disabled smb.conf[global]workgroup = WORKGROUP server string = Samba Server %v netbios name = centossecurity = usermap to guest = bad userdns proxy = no#============================ Share Definitions ==============================[Anonymous]path = /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only = noguest only = yescreate mode = 0777directory mode = 0777 folder permissionsdrwxrwxrwx. 2 nobody nobody 6 Jan 18 20...

...have a file server which hosts need to access public folders and private folders.OS: Centos7Samba version: 4.2.3 | 11.el7_2Selinux DisabledFirewalld disabled > smb.conf[global]workgroup = WORKGROUP > server string = Samba Server %v > netbios name = centossecurity = usermap to guest = bad userdns proxy = no#============================ Share Definitions ==============================[Anonymous]path = /home/suporte/semsenhabrowsable =yeswritable = yesguest ok = yesread only = noguest only = yescreate mode = 0777directory mode = 0777 > > folder permissionsdrwxrwxrwx. 2 nobody nobody 6...

Any word on this patch? http://www.dovecot.org/list/dovecot/2004-June/003867.html If not, I'll take a stab at it. Geff

...a/lib64/python2.6/site-packages/samba/upgrade.py", > line 845, in upgrade_from_samba3* > * result.names.domaindn, result.lp, use_ntvfs)* > * File > "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", > line 1693, in setsysvolacl* > * userdn = '<SID={}-{}>'.format(domainsid, > security.DOMAIN_RID_ADMINISTRATOR)* > > I don't recall seeing this during my testing with 4.8.X, but I decided to > do my actual upgrade with 4.9. But I'm also not sure it isn't just related > to a new account or setting w...

...> line 845, in upgrade_from_samba3* > > > * result.names.domaindn, result.lp, use_ntvfs)* > > > * File > > > > "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", > > > line 1693, in setsysvolacl* > > > * userdn = '<SID={}-{}>'.format(domainsid, > > > security.DOMAIN_RID_ADMINISTRATOR)* > > > > > The answer is staring you in the face ;-) > > python2.6 isn't new enough for: > > '<SID={}-{}>'.format(domainsid,security.DOMAIN_RID_ADMINISTRATO...

...ase_dn = 'cn=users,dc=ds,dc=example,dc=com' user: filter = "(|(samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})(userprincipalname=%{User-Name}))" group: filter = "(objectClasse=group)" group: membership_filter = "(member:1.2.840.113556.1.4.1941:=%{control:Ldap-UserDn})" start_tls = yes ca_file = /etc/ssl/certs/ca-certificates.crt ``` ### 4.4 Configure EAP - add root.ca and services.ca to certificate store ```bash cp /home/dcadmin/root.ca.crt /usr/local/share/ca-certificates/ cp /home/dcadmin/service.ca.crt /usr/local/share/ca-certificates/ update-ca-cer...