Displaying 20 results from an estimated 1000 matches similar to: "Winbind + machine account + non-anonymous access (RestrictAnonymous)"
2002 Nov 05
0
Winbind + machine account
hi everybody
i am quite in the same situation as ingmar koecher
http://samba.cadcamlab.org/lists/samba/Jun2002/00117.html
Joined the NT domain with "smbpasswd -j OURDOMAIN -r thepdc" - OK.
Then I start "winbindd -d 10 -i" in a terminal window
Then I issue "wbinfo -u" and voila, all the users are being listed.
Then I issue "wbinfo -t" and it says: -- Secret
2002 Jul 11
0
Winbind: unknown request fn number
Hi List.
I've got two systems:
1) Suse Linux 8 with standard Samba 2.2.3a installed
2) Suse Linux 8 with acl+ea patched Kernel and Samba 2.2.5 with acl
and pam compiled
Everything works fine, joining Win2k domain, starting nmbd, smbd,
winbind... Logs and config-files are nearly equal on system 1 and 2.
Trying a wbinfo -t is ok on system 1. On system 2 it gives me a "Could
not
2005 Apr 15
3
Unable to join samba server to a NT4 style domain/Sam ba-Guide feedback
John,
The restrictanonymous setting was the primary culprit
in Ash's issue. I think he's using basically the same
setup as I am; no winbind/LDAP involved. I'm thinking
there's some initial handshaking that requires an
anonymous connection to PDC, and it's being blocked
if the restrictanonymous setting is too high.
I sent a note to Ash (& the list) asking for the
2006 Jul 14
0
Authenticate users through an AD trust
I've recently connected a Samba server to our domain
(ourdomain.dom) and configured it to send
authentication requests to AD. I can successfully
authenticate ourdomain.com users from the Samba
server.
ourdomain.com has a trust with a sister company
(theirdomain.com). With this trust we can assign NTFS
permissions to users within theirdomain.com to, for
example, file servers on ourdomain.com.
2005 Feb 16
0
Samba 3.0.11 as Domain member with ADS W2K
I've been following the forums on this subject. I am
still having problems implimenting this at my site. I
am trying to replace a Novell 5 file server doing
single server signon(workstation manager) with a
linux/samba server and a W2K ADS server.
I tried this with slackware 10.0, samba 3.0.10, MIT
krb5 v 3.1 5, openldap-2.1.22 and got it pretty close
(could login wihtout password) but had
2005 Feb 11
0
Can't map group domain share from ADS
I've set up the following and can open a home share
for me (sylveg). I've created a group on W2KADS and on
OURSAMBALINUX called oadmin and added me as a member
in both. I created a samba share called o_drive (see
smb.conf below) w/ the linux dir /home/o_drive and
valid users = %D+oadmnin. The /home dir is:
drwxr-xr-x 2 root root 4096 2004-09-03 15:16
ftp/
drwx------ 2 root root
2005 Jan 21
0
Cisco 7960 can't make/receive calls
I've got three 7960s running v6 SIP firmware. My Asterisk setup has
worked fine with grandstream devices, and basically, we're just
upgrading to use nicer phones.
Whilst I can make/receive calls from the 7960 to/from gossiptel).
When I try to place a call, I get the following
Jan 21 11:09:23 NOTICE[19688]: chan_sip.c:7271 handle_request: Failed to
authenticate user "30"
2019 Mar 28
0
configuring Dovecot with wforced and auth_policy_server_url with https results in assertion failed
>>>> Set
>>>>
>>>> ssl_client_ca_file=/path/to/cacert.pem to validate the certificate
>>>
>>> Can this be the Lets Encrypt cert that we already have? In other words we have:
>>> ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
>>> ssl_key = </etc/pki/dovecot/private/dovecot.pem
>>>
>>> Can those be
2005 Feb 17
0
W2k ADS Samba 3.0.11 and krb5
Am still having problems getting Samba/W2K ADS to work
w/MIT-KRB5. Fresh install of following:
Slackware 10.1
Openldap 2.2.23
MIT krb5 1.4
Samba 3.0.11 (with clitar patch)
Following
"http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member"
I get to:
kinit administrator@OURORG.OURDOMAIN.ORG
(comes back to prompt after password, no error.
klist -e gives:
2016 Aug 23
7
virtual users, mailer daemon send mails to non existant recipient and dovecot store it
Hello,
Sometime when we receive a spam or virus that is detected as it, mailer
daemon send a reply to the sender to inform that the message is a spam
or content viruses.
The problem is that the sender of the spam as something like
voicemail at ourdomain.fr ( the user voicemail doesn't exist in our database )
And sometimes dovecot create the directory and store the reply 's mail...
2011 Mar 24
0
Need urgent help. trust relationship problem during authentication
We have an urgent problem that we've been spending hours on to no avail.
We have a RHEL 5.2 server that is running Samba 3.2.8 and was set up
for domain authentication against our PDC. It was running fine until
I decided to try and change it to "ads" authentication. I then
realized that we needed to keep it on "domain" because of the version
of Clearcase we have on the
2011 Mar 24
0
RESOLVED: Need urgent help. trust relationship problem during authentication
I am not sure if this first post made it to the list, but I wanted to
post the resolution, which was very simple and something I had
documented but buried and I had forgotten about it.
All these problems went away when I joined the domain using Samba's
version of "net", not Redhat's. If you use Redhat's version, it looks
like it joins the domain but it really doesn't
2015 Mar 24
1
Debugging Samba 4 AD Setup
Hi Louis,
answers are inline ...
On 03/24/2015 03:48 PM, L.P.H. van Belle wrote:
> Realm is advices to use UPPERCASE.. not obligated. ( but very advices yes )
I changed the config to uppercase and rebooted, no change in the logfiles.
>
> check the following outputs and post them back in the list ( if needed anonymized )
>
> hostname -i
192.168.1.235
> hostname -s
the-ad-hostname
2024 Apr 15
1
Status of LDAPS port 636 with Winbind idmap backend ad in 2024?
Dear Samba community,
We run two Samba server in a CTDB cluster in a small group withing a bigger company.
We use Winbind to authenicate and authorize against a company-wide active directory
(using `security = ads` and `idmap config OURDOMAIN : backend = ad`, resp., among others).
So, if I understand this correctly authentication is done via Kerberos and authorization via LDAP.
Unfortunately (but
2010 Jun 10
2
Peculiar Samba permission denied error
Hello,
I've been trying to figure this out for some time and can't quite nail it
down, despite searching the internet, and a couple of samba books. Here
goes:
I'm running "Version 3.4.3-3.3.1-2341-SUSE-SL11.2" of Samba on OpenSUSE
11.2.
Here are some relevant excerpts from my smb.conf file:
[global]
...
security = ADS
...
winbind separator = +
...
log level = 2
...
2010 Jun 07
0
Peculiar permission denied error.
Hello,
I've been trying to figure this out for some time and can't quite nail it
down, despite searching the internet, and a couple of samba books. Here
goes:
I'm running "Version 3.4.3-3.3.1-2341-SUSE-SL11.2" of Samba on OpenSUSE
11.2.
Here are some relevant excerpts from my smb.conf file:
[global]
...
security = ADS
...
winbind separator = +
...
log level = 2
...
2019 Jan 15
0
AIX issue
On Tue, 15 Jan 2019 17:09:00 +0000
Howard Coles <hcoles at dollargeneral.com> wrote:
> Here is the smb.conf made generic to pass on. The share I’m
> concerned with at the moment is the "appprt" share, it's simple
> enough but it's not recognizing that primary local group.:
>
> # Samba config file created using SWAT
> # Date: 2007/09/26 11:03:44
>
2017 Jan 25
2
Windind (Samba 4.2.*, 4.5.2) recurring resolving failure for some specific users
Hello.
I'm facing an seemingly unsolvable problem on the Samba servers I
administer (on Debian stable). Those servers are registered on a
AD domain. They only serve files and are not registered as domain
controllers. For some idendified users (always the same), Winbind
periodically (but unpredicably) becomes unable to resolve their names,
making their shares unavailable. A "net cache
2015 Mar 27
0
Replication error after trying to sync sysvol
Found the problem. There is a DNS Problem on one machine. This happend
because I was testing some samba AD settings in a virtual machine,
without knowing that NAT isn't shielding this properly - this vm
propagated the "new" IP to one of the dcs.
DC04> ping DC03
gives wrong IP!
This should be fixable with the samba-tool dns update?
On 03/27/2015 01:14 PM, Johannes Amorosa |
2006 Feb 10
0
Help w/ winbind & re-bind after error Referral
Hi, we've got a samba-3.0.21a-1 systems that's set up w/ winbind to
query AD to authenticate users w/out Unix accts. The system is also set
up to support our LDAP'd UNIX accts.
After setting the [global] section like this:
[global]
realm = WIN.OURDOMAIN.COM
security = ads
password server = thebes balsam
encrypt passwords = yes
log file = /var/log/samba/log.%m