Displaying 20 results from an estimated 1000 matches similar to: "group mappings pitfalls in samba 3"
2003 Dec 12
1
adding machines to the domain with Samba 3.0.0
Is there something special I need to do to let root add computers to the domain in 3.0?
When I try to add the workstation I get an error about 'user not found' even though I can
logon to a workstation joined to the domain as 'root'. I was able to add computers to the
domain with 2.2.8 with an 'add user command' entry and 'domain admin group = root' in my
2003 Dec 09
2
adding printers from netlogon script
While this doesn't relate specifically to Samba, I need to do this in a netlogon .bat file
in a Samba domain. In my network, I have a printer hooked to a JetDirect so that it is a
TCP/IP printer. Is there a way I can automatically have this printer mapped/added when the
user is logged on?
--
Andrew Gaffney
2004 Jan 13
1
adding printers from netlogon script
I don't know the final answer BUT if you have something simmilar to a
cyber-cafe LAN (I mean, users use all the computers, and maybe some
users come back to login with the same name) then you have to install a
printer only once in a computer, loging as the administrator and
installing drivers. Then what users will have to do is JUST add the
printer without installing. I know that it's
2005 Nov 21
1
does a pdc need to be in the domain itself?
Hello List,
we have installed samba Version 3.0.20-0.1-SUSE.
when I'm entering
> net getlocalsid
I get
> SID for domain <netbios name> is:
S-1-5-21-4166838278-3756557259-2095403906
entering
> net getlocalsid <domain name>
returns
> SID for domain <domain name> is:
S-1-5-21-2018781741-1218799122-1862565094
Does this mean that the pdc itself is not in the domain
2004 Feb 09
0
Help with making samba-3.0.0 PDC and adding a XP/Pro client (and domain user accounts)
I would like to understand how to make my samba-3.0.0 (-15, from Fedora Core
1) a PDC and how to make a XP/Pro box member of that domain and to add a
domain user account, and eventually to ad a few more linux boxen as domain
members into that domain.
This is the output of the PDC box testparm (the PDC box has two eth
interfaces, only eth1 (192.168.1.* and 127.0.0.1 should access the PDC):
2003 Dec 09
2
netlogon script generation
Can anyone point me to a doc or a script that shows how to generate netlogon script on the
fly and supports users having multiple groups? I tried the Perl script referenced at
<http://us2.samba.org/samba/docs/man/AdvancedNetworkManagement.html> but I believe it only
supports the user being a member of one group.
--
Andrew Gaffney
2005 Apr 15
1
The conflicting domain portions are not supported
Hi, maybe I didn't explained myself well.
What i meant is that the user can't have the SID
S-1-5-21-528226156-890416033-2029241632 but MUST have a sid like
S-1-5-21-528226156-890416033-2029241632-xxxx ( where x is usually assigned
automatically by the add user's script)
Best Regards,
Bruno Guerreiro
-----Original Message-----
From: Jos? M. Fandi?o [mailto:samba@fadesa.es]
Sent:
2005 Apr 15
1
The conflicting domain portions are not supported for NETLOGON calls
Hello list,
When I try to log in a samba 3.0.13 server from a XP Pro
machine, I get this error:
[2005/04/15 10:57:00, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(766)
_net_sam_logon: user BETA\usuario1 has user sid S-1-5-21-528226156-890416033-2029241632
but group sid S-1-5-21-528226156-890416033-2029241632-513.
The conflicting domain portions are not supported for NETLOGON calls
What
2005 Mar 15
0
trouble with groupmap
Samba Version 3.0.9-1.3E.2 installed on Vanilla installation of CentOS
Users who log in are unable to install printers via a script like they
do in all of our other domains. The drivers have been installed properly
an rpcclient enumdrivers confirms this. When the user logs in, they are
assigned guest privileges, and I believe that this is what's preventing
the print install.
A quick tail
2011 Feb 03
1
POSIX ACLs vs. EA security.NTACLs
This might be more inclusive if I said, Linux Permissions vs POSIX ACLs
vs vfs_xattr.
I have recently begun to discover the power and flexibility of using
POSIX ACLs (by mounting my EXT3/4 filesystems with the acl option). This
solved alot of security permissions issues between Samba and Linux
groups of users. As I have delved into this deeper and begun using the
VFS object, vfs_xattr, things
2003 Dec 05
0
Samba 3.0.1pre3/ldap - Strange gid mappings server side
Good day,
I'm running some tests with Samba 3.0.1pre3 with an LDAP sam. LDAP has been,
to the best of my abilities, properly populated with the needed group
mappings. The "net groupmap list" command indeed shows the following:
[root@box bin]# ./net groupmap list
Domain Admins (S-1-5-21-2009448231-1530593524-1969381020-512) -> domadm
Domain Users
2012 Oct 10
2
samba4, classicupgrade: set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER
Hello,
I'm testing samba4. I've setup a small samba3+ldap pdc, and then I
tried a classicupgrade, but I can't pass step 4 of the howto.
ubuntu at samba4:~/samba4$ /usr/local/samba/sbin/samba -V
Version 4.1.0pre1-GIT-899cdc4
ubuntu at samba4:~/samba4$ sudo /usr/local/samba/bin/samba-tool domain
classicupgrade --realm=example.com --dbdir=/root/samba
/root/samba/smb.conf
Reading
2003 Jan 22
0
Re: Can't add Machine account ( LDAP ) ... (solved)
> Message: 1
> Date: Tue, 21 Jan 2003 19:08:07 +0200
> From: "C.Lee Taylor" <leet@leenx.co.za>
> Organization: LeeNX
> To: samba@lists.samba.org
> Subject: [Samba] Re: Can't add Machine account ( LDAP ) ...
>
> Just got bitten in the ass by not been able to join the domain with
> 2.2.7a
>
> Correct me if I am wrong, Jerry did give
2004 Apr 14
1
samba-latest and tdbsam - unable to logon to domain?
Dear list members,
I am unable to logon to the domain.
I have created the tdbsam using the "smbpasswd -a root" command.
I also added User Administrator as unix and samba account.
I also mapped groups "Domain Admins", "Domain users" and "Domain Guests" to
unix groups domadmins, domusers and domguests using the "net groupmap
modify" command.
But is
2010 Oct 27
0
cannot set right file's group after group mapping?
Hi All,
when i did testing with group mapping, i mapped a Unix Group(domadm) with Windows Domain Group(domain users). then i access a samba share from Windows Domain User(administrator), and create a file. but the file's group is still Windows Domain Group(domain user), not Unix Group(domadm). is it right? if it is, how should i check if my group mapping is working well? thanks a lot in
2004 Mar 18
3
migration nt4 with ldap problem
hello
i try to migrate nt4 to samba. the passwd-backend is ldap.
the migration itself works fine but after that, i cannot logon from the
windows xp clients
to the domain. -> i have to rejoin the client to the domain then it works
is this a bug or feature?
the sambaNTPassword change then in ldap data base
here is part of my smb.conf
------------------- snip -----------------
workgroup
2003 Sep 27
1
After Upgrading to rc4 (and still with 3.0.0) having Groupmap problems.
Hi,
Before Samba 3.0.0 RC4 I was running Samba 3.0.0 beta3, and when I
upgraded to RC4, I began having problems with group mappings. I didn't
notice at first, because on my laptop I don't normally log on to the
domain. I just noticed when I tried to use my desktop and log on to the
domain... I don't have Domain Admin privileges.
So, I look at 'net groupmap list' ... and it
2004 Oct 09
2
Groupmapping doesn't work
Hi
I got a problem with groupmapping. It doesn't work correct:
Wilma2:/home/root # net groupmap list | grep 512
Domain Admins (S-1-5-21-3371203057-3264423045-2392767973-512) -> domadm
ldapsearch -x cn=domadm:
# domadm, groups, wms-hn.de
dn: cn=domadm,ou=groups,dc=my-domain
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: domadm
gidNumber: 65669
memberUid: tilo
sambaSID:
2005 Sep 09
1
Samba 2.2.5 & Domain Administrator
Although I will be updating this server to Samba 3.x soon, I have to come
up with a quick solution as soon as possible for the following problem:
I have a WinXP user which currently is registered as a "User" of WinXP
but must be changed to "Domain Admin" in order for some new
software which he must use to be operable. Of course giving him the root
passwd is definately out of
2003 Oct 10
1
Permissions on Samba share for Windows users
I'm working with Samba 3 on my Gentoo box. So far setting up
andconfiguring Samba w/ldap and krb5 support is pretty straight
forwared. My Gentoo box is now a member server of the domain, shows up
in Active Directory.
I can get a kerbereos ticket from our W2K PDC and connect to windows
shares with as little effort as:
smbclient //server/share -k
Now I'm ready to start moving into