similar to: Clash between multiple authentication databases (security problem?)

Hi, I've noticed a discrepancy between Samba Version 3.0.28a and Version 3.0.24 in relation to Winbind rid idmap and trusted domains behaviour. I have an environment with 2 domains linked via a trust, an Active Directory domain and an NT4 domain. On 3.0.24 the rid backend seems to work fine, but on 3.0.28a it shows OTHERDOMAIN\domain admins instead of the primary domain's domain

Dear all, We recently upgraded an old samba 3.0.10 to 3.4.6 due to broken quota when moving from Veritas to NFS mounts from a Cellera EMC. Anyway, Our samba passwd backend is a smbpasswd file. This file is generated from a database. Recently we see that some PC clients manage to change the LANMAN field in the smbpasswd file. e.g.

Thanks Rowland, I have removed from options, and amended the forwarders. [global] workgroup = <MYDOMAIN> realm = <MYDOMAIN>.CORP netbios name = <HOSTNAME> server role = active directory domain controller idmap_ldb:use rfc2307 = yes idmap config * : range = 3000-7999 ----------> If I remove the portion I get errors -> idmap

So if this is done, is edns configure also ? ? in resolv.conf add: options edns0 ? and, name.conf test these. ? ??????? //?The forwarded zone to the AD-DC DNS use these also. ????????//dnssec-must-be-secure?internal.domain.tld no; ????????//dnssec-must-be-secure 168.192.in-addr.arpa no; ????????// listen-on-v6 { ::1; };? // test what works best, if not all?ipv6 is disabled also?enable this

Hi, I recently upgraded my servers from 3.0.28 to 3.0.31 trying to solve the winbind issue previously reported (Bug# 5551) but the issue is still happening in my servers. I have an ftp server (vsftpd), configured to use pam_winbind with krb5_auth and I see some random disconnects and my users cant login. My samba servers are member of a Windows 2003 domain. The relevant lines on my

There is a samba compiled without winbind support, with the following options configured: workgroup = MYDOMAIN security = domain allow trusted domains = yes add user script = /usr/sbin/pw useradd %u -m -Y -M 755 When a Windows user MYDOMAIN\john connects to the samba server, he is mapped to the Unix user john. If there is no Unix user "john", it is created by the add user script. How

Hi *, besides my dovecot maildir structure, that has been migrated from an Exchange server, I have an even older mail structure in an ancient uucp style. The program named CrossPoint I used for this isn't wideley known, but it used so called mpuffer files in a plain text format. It is the program I still use to write for example this mail. I wonder if there already exists a program or script

samba version is 3.0.28a-1ubuntu4.7 -- I created users on both samba and the linux system, and created 3 groups on the system. Each of these groups own a specific directory, the directory on the filesystem belongs to root.groupfoo. On my smb.conf I gave each of these groups write access to its directory (@groupfoo to the share /groupfoo). So now every linux user belonging to groupfoo can write

I'm finding this a little strange. I'm putting together a mail server that will (someday, hopefully) serve a lot of email addresses for a lot of domains. To make life easy, each account name is the full mail name ... i.e "joe at domain.com" instead of just "joe" Mail is stored in Maildirs, and the user account information is all in MySQL. Delivery is handled by

Hi there We have a bunch of Samba 3.0.10+ CentOS4.4 servers that are working 100% fine when connected to from users who are members of the same ADS domain our Samba servers are members of. However, users from other ADS domains (we are all W2K3-based) on our network cannot connect - they get NT_STATUS_ACCESS_DENIED. The shares they are trying to connect to have no share-level permission checks -

Hi all!!! I am trying to stablish a interdomain relationship, but i am having serious problem making samba and nt seeing domains in another network segments. Which is the best and easier way to configure samba to stablish relashionships between domains in differents network segments? For example i have domain A in network 192.168.101.0 and domain B in network 192.168.120.0. They are both under

I need helping again implementing samba4 ad and dns: Actually we have a dnsmasq server with dhcp/dns services for users on the lan, if we start to using the internal samba4 dns server to resolv names on the zone of DC server example mydomain.test.com we can use the actual dnsmasq to server another domains that we need ?, for example otherdomain.testing.com.ar If that is correct we need to

I have spent a long time looking into this and can't find the answer I'm looking for, so I'm asking here. I'm cutting the example down to just the bare minimums. This is NOT my actual configuration, but is sufficient for asking this question: How can I use dovecot's deliver LDA to deliver to virtual users, but then have unknown virtual users fall back to catch-all

Hello, I use both ser/asterisk . In fact i wish asterisk to forward all the sip requests which are not handled by domain=domain.tld in sip.conf Here is a diagram: The sip agents use the Sip proxy as an outbound sip proxy and domain=domain.tld . When the sip agents dial sip:user@otherdomain.tld so the request is sent to sip proxy and so to Asterisk. I wish Asterisk to Look up the

I have a network where the domain controllers do not connect on port 139 Is there a way to have smbpasswd change the password without this? I am able to change the password using an ldap method in php ldap_connect ldap_bind ldap_modify_batch full source code here http://forums.fedoraforum.org/showthread.php?t=313554 however this does not allow the password to be set if it has expired.

Hello. I'm facing an seemingly unsolvable problem on the Samba servers I administer (on Debian stable). Those servers are registered on a AD domain. They only serve files and are not registered as domain controllers. For some idendified users (always the same), Winbind periodically (but unpredicably) becomes unable to resolve their names, making their shares unavailable. A "net cache

Hi, I have a Mandrake 8.2 server with samba 2.2.5 installed. My server has ftp and the files some users upload I move them to another structure, this structure is shared via Samba with other users. I am in a W2k Domain.(We are in the process to migrate to linux). So, I have some users that move the files uploaded to their servers. A few days ago, a user reported me he couldn?t see the files in

Ow and i forgot.. If the server is firewalled, make sure you allow udp AND tcp on port 53. > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: vrijdag 28 februari 2020 10:39 > Aan: sambalist > Onderwerp: Re: [Samba] Samba Bind DLZ Slow queries > > On 28/02/2020 09:21, Eben Victor

Hai Eben (victor), ? Great to hear that, you opened TCP 53 ? edns?tcp/53?packet size 4096. dns??? udp/53 packet size 512? ? having that right helps?a lot, but only that is often not enough.? This is why i add the options also to resolv.conf and?bind.? ? test a bit, and see what works best for you. ? Great weekend. ? Greetz, ? Louis Van: Eben Victor [mailto:eben.victor at gmail.com]

Dear list, I want to define two concurrent rules : 1. I want to flag an e-mail containing the word "cloud" in the body 2. I want to move mail sent explicitly to me (as opposed to mail sent to an alias I am part of) going to "INOBX.I must answere this" If I put rule (1) first, everything works as expected. If put rule (2) first, only that rule applies. Here's a small test