similar to: group mappings pitfalls in samba 3

Displaying 20 results from an estimated 1000 matches similar to: "group mappings pitfalls in samba 3"

2003 Dec 12
1
adding machines to the domain with Samba 3.0.0
Is there something special I need to do to let root add computers to the domain in 3.0? When I try to add the workstation I get an error about 'user not found' even though I can logon to a workstation joined to the domain as 'root'. I was able to add computers to the domain with 2.2.8 with an 'add user command' entry and 'domain admin group = root' in my
2003 Dec 09
2
adding printers from netlogon script
While this doesn't relate specifically to Samba, I need to do this in a netlogon .bat file in a Samba domain. In my network, I have a printer hooked to a JetDirect so that it is a TCP/IP printer. Is there a way I can automatically have this printer mapped/added when the user is logged on? -- Andrew Gaffney
2004 Jan 13
1
adding printers from netlogon script
I don't know the final answer BUT if you have something simmilar to a cyber-cafe LAN (I mean, users use all the computers, and maybe some users come back to login with the same name) then you have to install a printer only once in a computer, loging as the administrator and installing drivers. Then what users will have to do is JUST add the printer without installing. I know that it's
2005 Nov 21
1
does a pdc need to be in the domain itself?
Hello List, we have installed samba Version 3.0.20-0.1-SUSE. when I'm entering > net getlocalsid I get > SID for domain <netbios name> is: S-1-5-21-4166838278-3756557259-2095403906 entering > net getlocalsid <domain name> returns > SID for domain <domain name> is: S-1-5-21-2018781741-1218799122-1862565094 Does this mean that the pdc itself is not in the domain
2004 Feb 09
0
Help with making samba-3.0.0 PDC and adding a XP/Pro client (and domain user accounts)
I would like to understand how to make my samba-3.0.0 (-15, from Fedora Core 1) a PDC and how to make a XP/Pro box member of that domain and to add a domain user account, and eventually to ad a few more linux boxen as domain members into that domain. This is the output of the PDC box testparm (the PDC box has two eth interfaces, only eth1 (192.168.1.* and 127.0.0.1 should access the PDC):
2003 Dec 09
2
netlogon script generation
Can anyone point me to a doc or a script that shows how to generate netlogon script on the fly and supports users having multiple groups? I tried the Perl script referenced at <http://us2.samba.org/samba/docs/man/AdvancedNetworkManagement.html> but I believe it only supports the user being a member of one group. -- Andrew Gaffney
2005 Apr 15
1
The conflicting domain portions are not supported
Hi, maybe I didn't explained myself well. What i meant is that the user can't have the SID S-1-5-21-528226156-890416033-2029241632 but MUST have a sid like S-1-5-21-528226156-890416033-2029241632-xxxx ( where x is usually assigned automatically by the add user's script) Best Regards, Bruno Guerreiro -----Original Message----- From: Jos? M. Fandi?o [mailto:samba@fadesa.es] Sent:
2005 Apr 15
1
The conflicting domain portions are not supported for NETLOGON calls
Hello list, When I try to log in a samba 3.0.13 server from a XP Pro machine, I get this error: [2005/04/15 10:57:00, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(766) _net_sam_logon: user BETA\usuario1 has user sid S-1-5-21-528226156-890416033-2029241632 but group sid S-1-5-21-528226156-890416033-2029241632-513. The conflicting domain portions are not supported for NETLOGON calls What
2005 Mar 15
0
trouble with groupmap
Samba Version 3.0.9-1.3E.2 installed on Vanilla installation of CentOS Users who log in are unable to install printers via a script like they do in all of our other domains. The drivers have been installed properly an rpcclient enumdrivers confirms this. When the user logs in, they are assigned guest privileges, and I believe that this is what's preventing the print install. A quick tail
2011 Feb 03
1
POSIX ACLs vs. EA security.NTACLs
This might be more inclusive if I said, Linux Permissions vs POSIX ACLs vs vfs_xattr. I have recently begun to discover the power and flexibility of using POSIX ACLs (by mounting my EXT3/4 filesystems with the acl option). This solved alot of security permissions issues between Samba and Linux groups of users. As I have delved into this deeper and begun using the VFS object, vfs_xattr, things
2003 Dec 05
0
Samba 3.0.1pre3/ldap - Strange gid mappings server side
Good day, I'm running some tests with Samba 3.0.1pre3 with an LDAP sam. LDAP has been, to the best of my abilities, properly populated with the needed group mappings. The "net groupmap list" command indeed shows the following: [root@box bin]# ./net groupmap list Domain Admins (S-1-5-21-2009448231-1530593524-1969381020-512) -> domadm Domain Users
2012 Oct 10
2
samba4, classicupgrade: set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER
Hello, I'm testing samba4. I've setup a small samba3+ldap pdc, and then I tried a classicupgrade, but I can't pass step 4 of the howto. ubuntu at samba4:~/samba4$ /usr/local/samba/sbin/samba -V Version 4.1.0pre1-GIT-899cdc4 ubuntu at samba4:~/samba4$ sudo /usr/local/samba/bin/samba-tool domain classicupgrade --realm=example.com --dbdir=/root/samba /root/samba/smb.conf Reading
2003 Jan 22
0
Re: Can't add Machine account ( LDAP ) ... (solved)
> Message: 1 > Date: Tue, 21 Jan 2003 19:08:07 +0200 > From: "C.Lee Taylor" <leet@leenx.co.za> > Organization: LeeNX > To: samba@lists.samba.org > Subject: [Samba] Re: Can't add Machine account ( LDAP ) ... > > Just got bitten in the ass by not been able to join the domain with > 2.2.7a > > Correct me if I am wrong, Jerry did give
2004 Apr 14
1
samba-latest and tdbsam - unable to logon to domain?
Dear list members, I am unable to logon to the domain. I have created the tdbsam using the "smbpasswd -a root" command. I also added User Administrator as unix and samba account. I also mapped groups "Domain Admins", "Domain users" and "Domain Guests" to unix groups domadmins, domusers and domguests using the "net groupmap modify" command. But is
2010 Oct 27
0
cannot set right file's group after group mapping?
Hi All, when i did testing with group mapping, i mapped a Unix Group(domadm) with Windows Domain Group(domain users). then i access a samba share from Windows Domain User(administrator), and create a file. but the file's group is still Windows Domain Group(domain user), not Unix Group(domadm). is it right? if it is, how should i check if my group mapping is working well? thanks a lot in
2004 Mar 18
3
migration nt4 with ldap problem
hello i try to migrate nt4 to samba. the passwd-backend is ldap. the migration itself works fine but after that, i cannot logon from the windows xp clients to the domain. -> i have to rejoin the client to the domain then it works is this a bug or feature? the sambaNTPassword change then in ldap data base here is part of my smb.conf ------------------- snip ----------------- workgroup
2003 Sep 27
1
After Upgrading to rc4 (and still with 3.0.0) having Groupmap problems.
Hi, Before Samba 3.0.0 RC4 I was running Samba 3.0.0 beta3, and when I upgraded to RC4, I began having problems with group mappings. I didn't notice at first, because on my laptop I don't normally log on to the domain. I just noticed when I tried to use my desktop and log on to the domain... I don't have Domain Admin privileges. So, I look at 'net groupmap list' ... and it
2004 Oct 09
2
Groupmapping doesn't work
Hi I got a problem with groupmapping. It doesn't work correct: Wilma2:/home/root # net groupmap list | grep 512 Domain Admins (S-1-5-21-3371203057-3264423045-2392767973-512) -> domadm ldapsearch -x cn=domadm: # domadm, groups, wms-hn.de dn: cn=domadm,ou=groups,dc=my-domain objectClass: posixGroup objectClass: sambaGroupMapping cn: domadm gidNumber: 65669 memberUid: tilo sambaSID:
2005 Sep 09
1
Samba 2.2.5 & Domain Administrator
Although I will be updating this server to Samba 3.x soon, I have to come up with a quick solution as soon as possible for the following problem: I have a WinXP user which currently is registered as a "User" of WinXP but must be changed to "Domain Admin" in order for some new software which he must use to be operable. Of course giving him the root passwd is definately out of
2003 Oct 10
1
Permissions on Samba share for Windows users
I'm working with Samba 3 on my Gentoo box. So far setting up andconfiguring Samba w/ldap and krb5 support is pretty straight forwared. My Gentoo box is now a member server of the domain, shows up in Active Directory. I can get a kerbereos ticket from our W2K PDC and connect to windows shares with as little effort as: smbclient //server/share -k Now I'm ready to start moving into