similar to: invalid credential using openldap

Hi, I have been trying to set up Apache2, Postfix, Dovecot, openLDAP and squirrelmail on my Ubuntu Server 10.04 machine. The idea is to make use of the LDAP to authenticate users to login to squirrelmail to send/receive emails. I have been using the link - https://help.ubuntu.com/community/Postfix/DovecotLDAP, as a guide to get it all set up. I have checked the status for postfix and dovecot,

Hello, I have a central repository of users/groups based on OpenLDAP which is working on a remote LAN (servers share users credentials and mount their home directories via NFS). They use non-encrypted ldap restricted to the local network. Now, I have a few servers in our local office and I would like them to authenticate from the remote LDAP server using encryption via ldaps://. (at this stage,

Hi experts I have a trouble in access rights I am running Samba 3.0.31 on Solaris 10 x86 64 bits as member server of an Active Directory 2003 R2 domain (MYDOMAIN) using Identity Management for Unix I set rights to access a sub folder of a Samba share. On Solaris the user "toto" jdoe can write a new file. From Windows, the same user can't. Itlooks like OK when the primary group

Hi All, I want to know thoughts on if I am being to paranoid/security conscious. CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day. What I am seeing is

Hi, I'm resending this to the list since I cannot see it on the archive, for some reason... I recently upgraded two (running stable) systems from Debian Wheezy to Jessie. Samba version has not changed since on Wheezy I was using the one from wheezy-backports (v4.1.17), same as on jessie. These are 2 basic DCs without any additional config. Since the upgrade, every day at either at 10 PM or 8

Hi, I'm trying to set up NFSv4 on two boxes (centos 5.5) and have it authenticate against our Windows 2008R2 AD server acting as the KDC. (samba/winbind is running ok with "idmap config MYCOMPANY: backend = rid" so we have identical ids across the servers.) I can mount my test directory fine via NFSv4 *without* the sec=krb5 option. However, once I put the sec=krb5 option in,

You did change : the DLZ option from 9.8 to 9.9 ? check your bind options. this .. dlz "AD DNS Zone" { # For BIND 9.8.x # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so"; # For BIND 9.9.x database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so"; # For BIND 9.10.x # database "dlopen

Thank you, Louis, for your reply. By simply asking me to provide outputs of the aforementioned files, I found the cause of my first problem (auth failing). It was my /etc/hosts file on dc1. All of them should look like this, and indeed DC2 and DC3's *did* look like this: # cat /etc/hosts > 127.0.0.1 ? ? ? localhost.samdom.mycompany.net ?localhost > 192.168.3.201

And, BTW, right now, I am able to see my problem via the following 3 ways... 1) Through Windows DNS Manager, I cannot add, change or delete any DNS records from: mycompany.loc samdom.mycompany.net mycompany.net I *can* add, change and delete DNS records from: _msdcs.samdom.mycompany.net mycompany.com 7.168.192.in-addr.arpa 5.168.192.in-addr.arpa 3.168.192.in-addr.arpa

No, this is not needed. Solution here in this is simple. search primary.domain.tld # optional extra search domains after the primary. nameserver IP_AD-DC_OF_THIS_SERVER_FIRST nameserver IP_AD-DC_others Run : samba_upgradedns --dns-backend=BIND9_DLZ And your done, all needed records are fixed/updated. This goes wrong if the IP of the running server isnt the first and/or if search is setup

Louis, I appreciate your efforts with my predicament. I'm very sorry to say that your advice hasn't gotten me to a solution. After updating my /etc/network/interfaces to put my localhost IP address first (192.168.3.201, for example), saving, restarting services, rebooting, running "samba_upgradedns --dns-backend=BIND9_DLZ", saving, rebooting, etc., I still cannot add, edit or

Hi everyone, I'm relatively new to Samba - at least for more in-depth installations. Big Thank-You from my company to the brilliant developers responsible for this software. We have our Samba server integrated with our Windows 2003 AD domain users via Winbind - a working installation with some issues described below. getent passwd works as the many docs show (one entry below):

Hi, I'm not a seasoned samba user but I do have a little experience with it (mostly small setups with plain smbpasswd file and a few workstations). I also have some experience with OpenLDAP and I've even written some objectclasses and attributes when the standard ones weren't enough However, I'm trying to set up a midsized network using LDAP for SSO and I can't make samba

Hi, We did a classicupgrade of our Ubuntu Server (4.3.11, TDB), the server DC5 also host shares. Post the migration we are seeing some permission issues. When trying to give permission to a domain group/user to folder/file we get the following chown "LIN\\myadmin:LIN\\adgroup" adtest/ chown: invalid user: 'LIN\\myadmin:LIN\\adgroup' wbinfo --ping-dc : checking the NETLOGON

Hello everybody, I am not sure which DNS setup will fit best for my suites. I can imagine, that there are a lot of users out there using also BIND9 servers in their environment and can share their experience. In my case I am running following setup: I have two existing hosts running with DNS and DHCP services. I have setup a DHCP-Cluster with isc-dhcp-server on both machines, that means I have a

Thank you, Louis, for your reply. By simply asking me to provide outputs of the aforementioned files, I found the cause of my first problem (auth failing). It was my /etc/hosts file on dc1. All of them should look like this, and indeed DC2 and DC3's *did* look like this: # cat /etc/hosts > 127.0.0.1 ? ? ? localhost.samdom.mycompany.net ?localhost > 192.168.3.201

> > Hello everyone. > > Well, I have been working very hard lately, trying to get a > server up to > act as our Samba PDC with LDAP. So far, everything seems to > be working > well. I've been able to get samba 2.2.8 and openldap 2.0.27 > installed with > no problems. I've setup my config files (ldap.conf, > slapd.conf, smb.conf) > as well as

We recently switched our win2k domain to a native mode. We upgraded our Solaris 9 samba server from 2.2.8 to version 3.0.2a and configured MIT Kerberos version 1.3.2 I was able to join to machine as a domain member without any problems: ./net ads join -U moshe moshe password: [2004/03/30 13:26:46, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for shark already exists - modifying old

I've been working on this problem for a few hours. Here are some updates: Many of the domains I listed are duplicates of domains managed by other DNS servers on my network. There was no point in having them in Samba AD, so I deleted the zones in Windows DNS Manager and created slaves in my named.conf.local folder, so that they'd pull the records from my authoritative BIND DNS server,

Hello, all. Alas, another convoluted question. All the simple things are, well, simple so I suppose we only need to trouble the list with squirrely problems! We've noticed a call history problem when using Asterisk where the call history on the Snom phones (with which we are very pleased) reflects the number of the PBX extension used by the B2BUA to dial the end point. I assume the same