Displaying 20 results from an estimated 2000 matches similar to: "win2k domain-less client failing to authenticate when security=domain"
2001 Apr 23
1
win2k domain-less client failing to authenticate when securit y=domain
Hi Jonathan,
Yep, samba sends the domain name as well as the username to the domain
controller, and what I think happens is the NT controller sees that the
domainname passed is NOT his domain, checks his list of trusted domains,
doesn't find it, and says sayonara buddy... I am assuming that 'SATURN' is
the netbios name of the win2k client machine? I'm not real clear on how
this
2006 Feb 10
0
problem using 'winbind nss info =' statement
When winbind is configured without the 'winbind nss info =' statement
(i.e. such that winbind maintains its own local map of SIDs -> UID/GIDs),
the following works fine:
# cd ~detertj
# getent passwd detertj
detertj:x:10008:10000:detertj:/home/MSOE/detertj:/bin/bash
but when i try to make winbind use sfu for the mapping of SID ->
UID/GID, username lookups are
2006 Jan 20
0
can't map drive to WinXP client from v3.0.21 w. security=ads
new installation of samba v3.0.21 on debian. Joined the samba box to an
ActiveDirectory domain.
Can enumerate users/groups with wbinfo run locally on the samba box.
Can connect remotely to samba box via smbclient Version 3.0.10-Ubuntu linux.
Can create new files via 'put' cmd within smbclient.
Can login remotely to samba box with ssh client on linux box.
Can _NOT_ map a drive to samba
2006 Feb 08
1
winbind can see some groups but not others
Hello,
I followed the steps at
http://www.enterprisenetworkingplanet.com/netos/article.php/3487081
for adding a v3.0.21a samba and winbindd server to a MsAD domain and
configuring nsswitch.conf to find passwd and group info from winbind.
This seems to have worked out fine, except that I can't 'see' or
'recognize' certain groups via getent or via wbinfo -g.
E.g. I can see the
2006 Apr 27
2
winbind nss info = sfu is not so much working
with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind for authentication as well as for the source of nss info.
When winbind is configured to use its own local id maps, everything
works fine.
But when i configure winbind to use 'ad' as the source of nss info,
authentication fails, 'getent' commands return no results, and
'wbinfo -r
2006 Aug 10
1
winbind: group name doesn't map to a SID, but gid does
I'm using winbind v3.0.22 on Debian Linux as a source for nss info.
I have a group that was once known by winbind, but is no more:
------ beging shell except ------
# ls -ld ./
drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15:41 ./
#
------ end shell except ------
It must have been known, as I was the one who chgrp'ed the dir
originally.
I know what the group name is
2006 Nov 13
0
apache, apache's mod-auth-pam, and pam_winbind : no nested groups
this problem might be more to do with apache than winbind, but I'll
start here anyway...
Problem: can't get apache httpauth to work with nested groups, though
ssh auth (also using pam) to same box does
Config:
--------------------------------------------------------
software: apache 2.0.55, libapache2-mod-auth-pam 1.1.1, and winbind 3.0.22
pertinent apache config:
2008 Apr 17
0
winbind can get uid and gid from sfu, but not homedir or loginshell
I have winbind v3.0.26a running on ubuntu server v7.10 (gutsy).
I intend to get user & group info from MsActiveDirectory.
However, when I type:
getent passwd somerandomuser
I get the uid and gid for the user, as recorded in the msad schema by
virtue of sfu, but the homedir and loginshell that are returned are like
what "winbind nss info = template" would return by default:
2006 Jan 18
1
ADS valid users can't map a share to 3.0.21
I've got samba v3.0.21 on server 'RELIANT' with security=ADS
I want MsWin XP clients, that have logged into Microsoft AD domain
'MYDOMAIN' to be able to map a drive to 'RELIANT', and to do so without
having to authenticate again. I haven't been able to do so. Here's
what happens:
the XP client doesn't prompt for authentication (which is good,
2006 Jan 31
1
windbind, 'template homedir', and macros
I am currently using Mssfu, nss_ldap, and pam_ldap to enable my linux boxes
to auth against MsA.D. and get all their user info from MsA.D.
I recently discovered that winbind can accomplish the same without
Mssfu, as long as I'm content to be limitted by the winbind config
directives 'template shell' and 'template homedir'. I'd like to drop
sfu if I can.
The 'template
2008 Apr 15
1
how to make 'winbind nss info = sfu' work in v >= 3.0.26a
There is an instance of Ms.Active Directory that has had the 'Services
For Unix' applied.
I use winbind v3.0.24 to get user/group info from that Ms.Active directory
instance like so:
-------- begin smb.conf snippet: ------------
security = ADS
realm = mydomain.com
workgroup = MYDOMAIN
winbind enum groups = yes
winbind enum users = yes
winbind nested groups = yes
winbind nss info = sfu
2006 Apr 28
1
smb.conf(5) manpage suggestion re. idmap backend
suggestion for minor improvement of the smb.conf manpage in the context
of the 'idmap backend' parameter. At least as of v3.0.22 the manpage says:
Finally, using the idmap_ad module, the UID and GID can directly be
retrieved from an Active Directory LDAP Server that supports an
RFC2307 compliant LDAP schema. idmap_ad supports "Services for Unix"
2006 Jul 18
1
winbind periodically does 44 extraneous lookups, causing 10-15 second lag
The setting is Debian with winbind v3.0.22. The pertinent bit of
winbind configuration is as follows:
winbind nss info = sfu
idmap backend = ad
winbind enum groups = yes
winbind cache time = 1800
The problem is that once in a while, typically when either:
a) an ls command is given for the 1st time in a login shell
session
or
2020 Feb 10
0
New DNS-Records not aviable
Funny you should post this now. I was just cleaning up some DNS records
and the following happend.
I had to PTR records with an empty timestamp. I deleted them and wanted
to recreate them.
My reverse Zones are
0.168.192.in-addr.arpa
and
2.168.192.in-addr.arpa
both of the records I delted were in the "0" zone.
The first i recreated with:
samba-tool dns add dc1
2020 Feb 10
3
New DNS-Records not aviable
hi again.
after some tests, (on my operational domain and on a new testdomain) i
detected this behavior:
on samba 4.11.6 sometimes the new DNS-records finisches on a wrong dns
zone.
the problem occurs, if more then 5 records are created with the same
name in more then one domain zone
for example:
testa1.jupiter.mydom.org
testa2.jupiter.mydom.org
testa3.jupiter.mydom.org
2020 Feb 10
4
New DNS-Records not aviable
Hai Christian,
> Can someone reproduce this?
No, tried, but sorry, works fine for me on my 4.11.6 server.
And what is you try it like this.
samba-tool dns add dc1.zone1.domain.de 0.168.192.in-addr.arpa 157 PTR zone1.domain.de -U Administrator
samba-tool dns add dc1.zone1.domain.de 1.168.192.in-addr.arpa 157 PTR zone2.domain.de -U Administrator
I tested on my production where i have 6
2008 Apr 28
0
winbind v3.0.26a w. nss info = sfu; wbinfo fine, getent not
wbinfo can turn names into sids, sids into names, and sids into uids.
However, getent passwd only finds users in the local /etc/passwd file.
Same for getent group. /etc/nsswitch.conf says this:
passwd: files winbind
group: files winbind
shadow: compat
I strace'd the getent command. It said it couldn't find /lib/libnss_winbind.so.2,
so I made that a symlink to
2008 Apr 23
0
Re: winbind v3.0.26a w. nss info = sfu; wbinfo fine, getent not
wbinfo can turn names into sids, sids into names, and sids into uids.
However, getent passwd only finds users in the local /etc/passwd file.
Same for getent group. /etc/nsswitch.conf says this:
passwd: files winbind
group: files winbind
shadow: compat
I strace'd the getent command. It said it couldn't find /lib/libnss_winbind.so.2,
so I made that a symlink to
2005 Oct 07
3
Performance issues
List,
I apologize for the "newbie" nature of this post; I am sure there is
an easy answer somewhere, but I've tried all the search terms I can
think up and can't find it.
I have some video archived on a White Box 4 machine. I watch it on a
Windows XP box in the other room by mapping a drive to a Samba share.
Seemingly at random, my video stream will halt due to an inability to
2012 Aug 15
2
how best to rollback from a yum update?
Suppose I want to upgrade a bunch of packages on a system, but in case the upgrade produces unexpected, undesired results, I want to be able to rollback the system to its original state. What is the best way to do that?
Often, I won't have, or be able to find, packages for the current installed versions. I.e. If I haven't upgraded postgres for 2 years, it may be that I can no longer