similar to: samba3 - On-the-Fly Machine Accounts - domain admin group?

> -----Original Message----- > From: G?mes G?za [mailto:geza@kzsdabas.sulinet.hu] > > I've configured for testing pruposes an other PDC with tdbsam backend, > and found, that with this backend win9x clients could get > user and group > list, while with ldapsam I had no success in it. Quite strange in my > opinion:-( Same problem here too. In 9x the userlist is

Hi, -----Original Message----- From: John H Terpstra [mailto:jht@samba.org] > "domain admin group" removed > > Because you now have something much more powerful that provides real NT > Groups to your NT/200x/XP clients. But if I use LDAP for both Samba and system auth. The groups, what I added with base.ldif (idealx) exist in samba and system. for example "getent

hi all, Here is the situation. We are currently upgrading our infrastructure to use LDAP as our authentication mechanism and I intend to also have Samba look at LDAP. I had this working in a test case using 2.2 as a PDC awhile ago. Should I be using 3.0 or 2.2 for this implementation? I realize that 3.0 is still quite alpha-quailty, but I've also read one or two interview with the

Hi, I want to achieve, that the IT staff could add machines (2000/XP) to samba-3 (LDAP backend) on the fly. Creating a new machine account to LDAP requires special access to samba (uid=0). In samba-2.2.x was a great parameter called "domain admin group". So everyone, who belonged to the specified group and root (uid=0) could modify LDAP. Others got message - "cannot access LDAP

I keep getting errors in my logs about can not bind to address *.*.*.*:53 address in use.. what did i do wrong in the setup of my server or domain? attached logs and smb.conf along with the output from my provision command. Jeffrey D. Means meaje at meanspc.com Owner / CIO for MeansPC http://www.meanspc.com/ Custom Web Development For Your Needs. (970)308-1298 - The

Hi ! I was just wondering if that piece of code was important (for security and such), because I had to comment it in smbldap.c before compiling samba-3.0; otherwise, I would have errors like: "(Insufficient access)smbldap_open: cannot access LDAP when not root" #ifndef NO_LDAP_SECURITY if (geteuid() != 0) { DEBUG(0, ("smbldap_open: cannot access LDAP

I have quite a few entries in /var/log/messages for connection attempts. Is there anything other than ignoring them I can do? Example is below. Aug 21 15:48:19 machine sshd(pam_unix)[17903]: check pass; user unknown Aug 21 15:48:19 machine sshd(pam_unix)[17903]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=wsip-24-234-149-156.lv.lv.cox.net THanks, Jerry

Hi, I've a samba-3.0.2a running perfectly on redhat-8. Filesystem is EXT3 with ACL support. I can't upgrade the PDC to 3.0.3 or 3.0.4, because shares are only read-only. In 3.0.3 only home share and temp share are writable. All other shares are in read-only mode. Users can see the files/directories, but can't save anything or create new items. When trying to create a new item -

add to each share writeable = yes or read-only = no This Helps! Rauno -----Original Message----- From: werner maes [mailto:werner.maes@cc.kuleuven.ac.be] Sent: 11. mai 2004. a. 16:19 To: samba@samba.org Subject: [Samba] BUG: Vfs audit module & samba 3.0.4 ==> share unaccessible Hello Maybe there's a bug in samba-3.0.4. The following configuration does NO longer work. It did

Hi, In smbldap-useradd.pl is a pice of code, which find the first unused uid starting from $UID_START (for example 1000). if (!defined($userUidNumber)) { # find first unused uid starting from $UID_START while (defined(getpwuid($UID_START))) { $UID_START++; } I've over 500 UID's in use (maximum UID is 1547). It works well, until you delete an user. After deleting an user,

> -----Original Message----- > From: Andrew Bartlett [mailto:abartlet@samba.org] > > passdb backend = ldapsam:"ldaps://ldap1 ldaps://ldap2" > is what you want. This helped me a little bit forward. I suggest to add this line also to samba-pdc help. But still I ran into problems. I fixed the passdb lines on PDC and BDC. If the second server (on PDC slave-ldap and on BDC

Hi, Samba-3 with LDAP backend is capable in this. I'm using it and it works. All you have to do, is to use LDAP and set proper account policies: $ pdbedit -P "bad lockout attempt" -C 5 (after 5 wrong password, user account will be locked out - samba sets password hashes to ***NOPASSWORD*** and user is unable to logon). $ pdbedit -P "min password length" -C 9 # password

Well... It worked for me. Only thing I had to do was to add writeable = yes for each share. IMHO there is a slight difference since 3.0.3, not 1.9 ;) It would be nice to mention it in changelog too. Rauno -----Original Message----- From: Gerald (Jerry) Carter [mailto:jerry@samba.org] Jeff Umbach wrote: | They changed the read only default to "yes" in | versions 3.0.3 and 3.0.4.

hi, I ran also into the home share problem, as discussed earlier in this list (http://lists.samba.org/archive/samba/2004-February/080593.html). But so far I haven't seen any solution. In samba 3.0.2 changelog is a line: "BUG 977: Don't create a homes share for a user if a static share already exists by the same name." I don't know what was changed, but it affected the

I am having problems with putting users into LDAP I am getting a message about 'parent does not exist'. Does anyone know what this means?? --- Debug Level 10 output of 'smbpasswd -a -m jeff-w$' --- [root@bast samba]# bin/smbpasswd -a -m jeff-w$ -D 10 Netbios name list:- my_netbios_names[0]="BAST" Trying to load: ldapsam:ldap://bast.picotech.net/ Attempting to register

Hello, Ever since adding Internet access to my cable account, I can no longer access several Samba servers on the Internet that I routinely accessed using my dialup account. I've tried using both the inetd server (with my cable IP address in the hosts.allow file. I can telnet, etc no problem, so I know it's working) and running smbd and smbd as daemons. When I try to access the Samba

Hello, I am also triing to set up a interdomain relationship with a NT domain and I can't create the user, I execute the following command and I get this. smbpasswd -a -i xxx New SMB password: Retype new SMB password: Failed initialise SAM_ACCOUNT for user xxx$. Failed to modify password entry for user xxx$ I have samba set up so that I can set up users and machine automatically, so I am

I just installed Red Hat v. 6.2 and would like to configure SAMBA. I was wondering if you could point me to some good documentation sites that can lead me step by step through setup and configuration of SAMBA. I'll be experimenting with it in the meantime but your help will be extremely helpfull. Thank you, Jerry Lawson MCSE, MCP +Internet

I've got a Samba 2.2.7a domain with an LDAP backend. It's been working for nearly 3 months now without much bother. By the way: Great work and thanks for all of the effort! I have been missing one minor thing from the setup since I moved away from NT 4: Password Expiration. In the past I have posted questions about this on the list and I've gotten two answers: "Wait for

I have been trying for 2 months to get my samba server to add machine accounts 'on the fly" I have added both of these to my smb.conf add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false Neither of these seems to do anything. I have around 250 computers to add, so adding the machine