similar to: Question on LDAP+Samba+PDC

Hy, I just install OpenLDAP 2.0 and Samba 3.0. (both from RPM). I used tools from idealx (found in src from Samba 3.0) to populate the ldap tree. My ldap is empty when i start, i just added index and samba.schema in slapd.conf. I used net rpc getsid to generate my domain SID and put in the smbldap_conf.pm with others options (dc, ou, dn etc.) I didn't get any error with this tool, it create

Hi, The Problem: I have a samba domain using LDAP as the backend, complete with the IdealX LDAP scripts. Most of my Unix boxes (certainly anything which does any Samba stuff) authenticates against the same LDAP backend, using it for groups and users. I need to grant some people sufficient priviliges to add workstations to the domain, but I don't want to give them the root password in

dn: cn=Domain Admins,ou=groups,dc=mydomain objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 512 cn: Domain Admins description: Netbios Domain Administrators sambaSID: S-1-5-21-3936576374-1604348213-1812465911-512 sambaGroupType: 2 displayName: Domain Admins memberUid: root memberUid: sadmin dn: cn=Domain Users,ou=groups,dc=mydomain objectClass: top objectClass:

I can NOT find any information on how to get the following into the LDAP tr= ee (and where they should be located) from the documentation. I am definite= ly an LDAP beginner and assembling the tree from reading schema's is still = over my head. I am able to connect to samba using only LDAP authentication = and can add users, but that is all I can successfully do, "net groupmap add=

Hello all, I could not find anything in the discussion groups or documentation about using LDAP and Unix group mappings. The documentation states that in order to map unix groups to samba groups, you need to use the net group add command. However, I have an ldap backend and all my groups, that I care about are in LDAP. So I have a group called mainwdev. dn:

-- John H Terpstra Email: jht@samba.org ---------- Forwarded message ---------- Date: Tue, 30 Dec 2003 04:33:24 +0000 (GMT) From: John H Terpstra <jht@samba.org> To: Sundaram Ramasamy <sun@percipia.com> Cc: samba@lists.samba.org Subject: Re: [Samba] suse 8.2 Samba 3 LDAP Domain Join Error : Logon failure: unknown user name or bad password On Mon, 29 Dec 2003, Sundaram Ramasamy

This is probably pretty simple. The following error appears in my logs since upgrading from version 2.2.8 to 3.0.1: [2003/12/25 14:44:09, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [testuser] is not a Domain group! get_domain_user_groups: You should fix it, NT doesn't like that I'm guessing that my user's primary group

Hi,all: I'm working on populating an OpenLDAP server (Dapper) for pam authentication. I'm having trouble import LDIFs for my groups. The following is and example: (this imports on CentOS 5.3 i386, openldap version is 2.3.43-3.el5 ) # org.X.admins dn: cn=admins,dc=X,dc=org changetype: add objectClass: groupOfNames objectClass: top objectClass: posixGroup cn: admins gidNumber: 1001

Hi Gruss, Had to ditch the VM and start again. Here is the info: tdbdump secrets.tdb |egrep -v '^data|^}|^{' key(21) = "SECRETS/SID/mydomain" key(18) = "SECRETS/SID/sam3dc" key(42) = "SECRETS/LDAP_BIND_PW/cn=admin,dc=mydomain" key(25) = "SECRETS/DOMGUID/mydomain" key(42) = "SECRETS/MACHINE_SEC_CHANNEL_TYPE/mydomain" key(42) =

Stephanie, Thank you for your help. I tryed what you suggest but no luck.. I get this: root@lnxsrvr2:~# /usr/local/samba/bin/net groupmap add ntgroup="Domain Admins" unixgroup="Domain Admins" rid=512 Can't lookup UNIX group Domain Admins Is there something with initial compiling samba 3.0.0 that would disable this? All the documentation that I've seen makes it look so

On 28/07/16 11:53, mathias dufresne wrote: > > > 2016-07-28 12:27 GMT+02:00 Rowland penny <rpenny at samba.org > <mailto:rpenny at samba.org>>: > > On 28/07/16 10:32, mathias dufresne wrote: > > Can you explain why it would be an issue giving GID to "Domain > Admins" group? > > > This is because Domain Admins has to

samba 3.0.2 smbldap-tools 0.8.4 RH 9 nss_ldap configured pam_ldap NOT configured LDAP passwd backend winxp pro domain member Hello, i've configured smbldap-tools in smb.conf to manage users from usrmgr.exe. It works at group creation but have a strange behavior in user creation. In the LDAP there are two manually created accounts; Administrador & invitado, both posixAccount and

Hopefully I can write this out so someone understands it. We are currently running a number of Solaris servers, to which windows computers need to connect. Currently they connect via NFS using hummingbird's NFS client. This requires them to have a separate unix account along with their windows account. Our idea is to implement samba 3.0.0 to eliminate that NFS client. My current

Hello, I am doing a samba pdc with ldap. When I try to login to the domain, or access some shares I get this in my ldap logs: Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SRCH base="ou=People,dc=test,dc=org" scope=1 filter="(&(objectClass=posixAccount)(uid=DOMAIN\5CTD))" Mar 7 16:46:16 localhost slapd[3588]: conn=25 op=4 SEARCH RESULT tag=101 err=0 text= My

OK, I had this working a few days ago, but have evidently changed something that I cannot locate. Someone hit me with their 2x4. Samba 3.0.22, Fedora Core 4, ldapsam (OpenLDAP 2.3.24). smbd will not start, with the "ERROR: failed to setup guest info" error (I have "guest account = guest", which is a valid user with correct info in LDAP): ldap_connect_system: Binding to ldap

Hi, Thanks for your information. Now I was not able to login as domain user. I am getting following error message. The system cannot log you on now because domain TECHGROUP is not available. Here is my ldap log message:- Dec 28 00:31:08 rishi slapd[1753]: conn=93 fd=17 ACCEPT from IP=::1 1230 (IP=:: 389) Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=0 BIND

I have tried to create a samba domain with a ldap backend. This is how my ldap structure looks like. # example.com dn: dc=example,dc=com objectClass: dcObject objectClass: organization o: example dc: example # groups, example.com dn: ou=groups,dc=example,dc=com objectClass: organizationalUnit ou: groups # Domain Admins, groups, example.com dn: cn=Domain Admins,ou=groups,dc=example,dc=com

Hi I got a problem with groupmapping. It doesn't work correct: Wilma2:/home/root # net groupmap list | grep 512 Domain Admins (S-1-5-21-3371203057-3264423045-2392767973-512) -> domadm ldapsearch -x cn=domadm: # domadm, groups, wms-hn.de dn: cn=domadm,ou=groups,dc=my-domain objectClass: posixGroup objectClass: sambaGroupMapping cn: domadm gidNumber: 65669 memberUid: tilo sambaSID:

List, documenters; I'd like to exchange notes about the official Samba 3 LDAP doco. I'd like to do this off list, since doing it on list would simply confuse and confound users wit perfectly working systems. Background: Me, Samba relative newbie, though I can get *everything* Samba-orientated to work simply by using umpteen years Unix experience. Many years as Openldap admin. With

I am having the same problem as well. This is just an educated guess, but I think the problem has to do with the "in-memory krb5 keytab support" Anyone have any workarounds? -Jim