similar to: posixGroup LDIF problem

OK, just went through the research on how to set up scalable LDAP backends. By scaleable I mean without having Samba use the root dn to access ldap. This way, if you are going through the logs, you will be able to tell which domain controller is doing what. As far as I know, it *HAS* to be done this way because the posixGroup schema is way out of date (it wont take a dn as a member). This

Hi, I'm using OpenLDAP in CentOS 4.4 I'm trying to create a grou of users: # Grupos do TIM dn: ou=futebol,ou=accounts,dc=telbit,dc=pt objectClass: organizationalUnit description: Grupo de Futebol ou: futebol # Grupo do futebol dn: uid=futeboladas,ou=futebol,ou=accounts,dc=telbit,dc=pt objectClass: top uid: futeboladas objectClass: groupOfNames cn: Futeboladas member:

As I enter this in the command line: ldapadd -x -h localhost -D "cn=manager,dc=EAGLES,dc=com" -f base.ldif -W I get the message: ldapadd: update failed: dc=EAGLES,dc=com ldap_add: Already exists (68) Is that a bad thing? Here is my whole "base.ldif" file under /root/LDIF/: dn: dc=EAGLES,dc=com objectClass: domain dc: EAGLES dn: ou=Groups,dc=EAGLES,dc=com

Thank you, those links were indeed helpful. It appears to me that while JumpCloud.com touts it's Samba compatibility (including "Samba Schema support"), their's is an imperfect implementation. Because they do not leverage the Samba group objectclass they are hampering Samba's ability. The method they've used to implement groups does not allow those groups to be used by

On 28/07/16 13:59, Jim Seymour wrote: > On Thu, 28 Jul 2016 13:15:43 +0100 > Rowland penny <rpenny at samba.org> wrote: > > [snip] >> Yes it does sound strange, but, on windows, groups can and do own >> directories & files. An xidNumber is just that, a number, it is the >> context in how that number is used that is important. If you give >> Domain

Hi, I have setup samba 3.0.7 with LDAP and NetApps Filers as our file store. We are going to lots of departmental shares, firstly we want only people from their own dept to have access to their department share, but users from other departments may need access to other dept shares, i would like to set up permissions on each dept share so a group is applied, then every user is added to the

On 28/07/16 11:53, mathias dufresne wrote: > > > 2016-07-28 12:27 GMT+02:00 Rowland penny <rpenny at samba.org > <mailto:rpenny at samba.org>>: > > On 28/07/16 10:32, mathias dufresne wrote: > > Can you explain why it would be an issue giving GID to "Domain > Admins" group? > > > This is because Domain Admins has to

Hi, I have samba 3.0.24 installed and running on my linux (debian alike) system as a (PDC) Standalone Server with an LDAP backend. The problem that I'm facing is that I want to have users belonging to multiple (LDAP) groups. My LDAP user ldif is like: # user1, People, local.loc dn: uid=user1,ou=xxxxx,dc=xxxxx objectClass: top objectClass: inetOrgPerson objectClass: posixAccount

dn: cn=Domain Admins,ou=groups,dc=mydomain objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 512 cn: Domain Admins description: Netbios Domain Administrators sambaSID: S-1-5-21-3936576374-1604348213-1812465911-512 sambaGroupType: 2 displayName: Domain Admins memberUid: root memberUid: sadmin dn: cn=Domain Users,ou=groups,dc=mydomain objectClass: top objectClass:

Hi Gruss, Had to ditch the VM and start again. Here is the info: tdbdump secrets.tdb |egrep -v '^data|^}|^{' key(21) = "SECRETS/SID/mydomain" key(18) = "SECRETS/SID/sam3dc" key(42) = "SECRETS/LDAP_BIND_PW/cn=admin,dc=mydomain" key(25) = "SECRETS/DOMGUID/mydomain" key(42) = "SECRETS/MACHINE_SEC_CHANNEL_TYPE/mydomain" key(42) =

Hi I've created a Samba 4 group called suseusers and mixed in posixGroup and gidNumber using samba-tool group add as a basis. It works, e.g. when I added an existing user to the group: getent group suseusers suseusers:*:2000: and getent passwd steve4 steve4:x:3000019:2000:steve4:/home/CACTUS/steve4:/bin/bash and id uid=3000019(steve4) gid=2000(suseusers) groups=2000(suseusers) but there

Stephanie, Thank you for your help. I tryed what you suggest but no luck.. I get this: root@lnxsrvr2:~# /usr/local/samba/bin/net groupmap add ntgroup="Domain Admins" unixgroup="Domain Admins" rid=512 Can't lookup UNIX group Domain Admins Is there something with initial compiling samba 3.0.0 that would disable this? All the documentation that I've seen makes it look so

Hello everyone. Well, I have been working very hard lately, trying to get a server up to act as our Samba PDC with LDAP. So far, everything seems to be working well. I've been able to get samba 2.2.8 and openldap 2.0.27 installed with no problems. I've setup my config files (ldap.conf, slapd.conf, smb.conf) as well as added some initial entries to the LDAP directory. I've been

Hello, I am doing a samba pdc with ldap. When I try to login to the domain, or access some shares I get this in my ldap logs: Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SRCH base="ou=People,dc=test,dc=org" scope=1 filter="(&(objectClass=posixAccount)(uid=DOMAIN\5CTD))" Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SEARCH RESULT tag=101 err=0 text= My

Hi list, After reading a lot in the mailing list and the official Samba 3 howto, i am still unable to give domain admin rights to a user, so that he gets admin rights on all workstations in the domain. Here is what i have: - Samba 3.08 PDC, config: [global] workgroup = ANT netbios name = ANTSRV netbios aliases = RUN KITS HOMES LIB PRINTERS server string = ANT Samba

I'm not seeing my LDAP groups listed when I use Windows file sharing tools to modify ACLs on a share. I see all of the LDAP users. Ubuntu 16.04, hosted LDAP ("in the cloud", although I hate that term, provided by JumpCloud.com), no AD. I'm able to assign LDAP users to ACLs. The groups are of objectClass 'groupsOfNames'. Is this expected behavior?

Hello All, I am trying to setup Samba PDC with LDAP. I installed samba-2.2.8a and openldap-2.1.19. I am using smbldap-tool that bundles with samba-2.2.8a source, for adding user, group and computer name. I was able to add username in ldap using smbldap-useradd.pl, but i find problem in adding machine name. When i try to add machine name i got following error ./smbldap-useradd.pl -w test$

Hello all, I could not find anything in the discussion groups or documentation about using LDAP and Unix group mappings. The documentation states that in order to map unix groups to samba groups, you need to use the net group add command. However, I have an ldap backend and all my groups, that I care about are in LDAP. So I have a group called mainwdev. dn:

OK, I had this working a few days ago, but have evidently changed something that I cannot locate. Someone hit me with their 2x4. Samba 3.0.22, Fedora Core 4, ldapsam (OpenLDAP 2.3.24). smbd will not start, with the "ERROR: failed to setup guest info" error (I have "guest account = guest", which is a valid user with correct info in LDAP): ldap_connect_system: Binding to ldap

Hi There seems to be a discrepancy in the s4 schema concerning security groups. Domain Users comes with gidNumber: 100. This is however contrary to what the schema allows. You can show this as follows: Create a new group. samba-tool group add mygroup. Use phpldapadmin to add the gidNumber attribute. There is an error because gidNumber is provided by the posixGroup class and that objectclass is