Displaying 20 results from an estimated 30000 matches similar to: "local or LDAP passdb for AD member servers?"
2004 Apr 02
2
GROUPMAP data in LDAP?
Hi list,
If I have multiple Samba member servers in a domain can I store the groupmap data in LDAP? When I try this I get this error
# net groupmap add ntgroup=Everyone unixgroup=nobody
No rid or sid specified, choosing algorithmic mapping
adding entry for group nobody failed!
But this works correctly (creates account in LDAP server)
smbpasswd -a username password
the LDAP config in my
2007 Apr 29
0
Samba/LDAP PDC and member servers
Hi All,
I have a problem with permissions following a migration from tdbsam to LDAP.
As I understand it from the documentation, each member server on the
domain needs to have 2 SIDs, a domain SID and a local machine SID. After
migrating the server to ldap, users can still login and desktops and
servers can still connect so the machine accounts are fine but I've lost
access to shares on
2004 Jan 23
3
Samba Winbind and LDAP backend
Just a quick question, it may sound a bit stupid but I just want to make
sure.
I have a Solaris 9 machine running winbind, the backend is an OpenLDAP
database running on a RedHat 9 machine.
My question is, apart from the 'smbpasswd -w' command and the obvious stuff
in smb.conf, do I have to set up the LDAP client on Solaris for Samba to be
able to put new mappings into the LDAP database?
2004 Jan 03
11
How do I get Winbind accounts in LDAP?
I've seen this posting before but I need to get a grasp on this. I am
using winbindd for users that don't have a local account on a Linux box.
I thought that placing the entries below in the smb.conf would create
users in ou=Idmap. Instead the ou=Idmap increments the uidNumber with
every user that is added,but the user ID mappings are stored in
/usr/local/var/locks/winbindd_idmap.tdb. What
2004 Mar 11
1
AD user not honouring local group membership
hello list,
Without going into details I cannot currently use winbind for AD group data with Samba 3.0.x running on Solaris.
I Would like to use winbindd for reading user accounts from AD and then have those AD accounts as members of local (LDAP eventually)
groups. I have taken a test user "UserAW6" which is visible to Solaris via winbind and added them to a group "PrnAdm"
2003 Nov 10
2
LDAP IDMAP not working
Hi all,
anyone able to point out why I'm not able to get samba 3.0.0 to update my LDAP server with any idmap data? I'm using SunOne DS 5.2 LDAP server and the following entries in my smb.conf file,
ldap admin dn = "uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot"
ldap ssl = off
; ldap suffix = "dc=testlan,dc=bbc,dc=co,dc=uk" ** have tried with this
2006 Jan 22
0
RESOLVED: Can't Add Users to Passdb
>Folks,
>
>I've gone and screwed something up, and I cannot add users to passdb database.
>
>I've set passdb backend to tdbsam in my [global]. I've added users
>to passwd (useradd -m <user>). However, when I try to add smb
>users, I get errors and failures to add the users.
>
> smbpasswd -a root (and supply the password in response to
>
2004 Feb 26
3
Winbind only enumerating 9% of domain groups
Hi All,
I'm having a strange pronlem with winbind. For users it seems to be working fine but for groups its not enumerating most of the groups!
A getent group produces only 325 lines of domain groups whereas wbinfo -g produces 2839 lines of groups. I'm not seeing any errors logged and all commands are exiting with status 0. Winbind related sections of smb.conf are shown below,
2003 Nov 10
8
winbindd panic daemon dies
Hi All,
can anyone make any sense of the error below, please advise if I need to log this as a bug but I'm not sure how to further diagnose what is happening. This is from my winbindd log file,
thanks Andy.
[2003/11/07 17:47:59, 1] nsswitch/winbindd.c:main(832)
winbindd version 3.0.0 started.
Copyright The Samba Team 2000-2003
[2003/11/07 17:48:00, 1]
2004 Feb 20
0
Idmap and ldap backend not working on domain member
Hello,
on domain member idmap against ldap is not working.
I tryed to dump network communication between MEMBER and ldap
server, but Ethereal (0.10.0a) says packets (3 pieces at all) are
corrupted and can not be
analysed (I have ldap ssl = off).
Our setup:
Samba domain seems to be working, WinXP logons to domain and users
did not report any problems. Server is PDC on samba (3.0.2 on linux
2004 Apr 30
5
Can I reconfigure Samba share without restart smb service?
Everytime I add or remove some samba shares, I must restart smb service to
take effect.
Is there anyway to reconfig it without restart?
2005 Sep 07
1
Samba domain member and wheel group
Hi, I have a CentOS 4.1 box at work running Samba 3 which I have added
as a domain member to an existing Windows domain with a Windows PDC.
The box running Samba has no local unix users and groups except for root
and the other builtin accounts. All user authentication is done through
pam_winbind and user information is handled by winbind. What I would
like to do is have users that are members of
2004 Mar 22
2
Kerberos auth without NTLM
Can anyone tell me if I can configure Samba 3.x to rely only on Kerberos authentication (in an AD domain)?
Ideally I'd like to use local UNIX accounts, not winbind, and negate the need for me to add an entry to passdb, then the
account must exist in AD and locally on each Samba member server for authentication to work.
If there is any info held in passdb, other than the NTLM coded password,
2007 Apr 17
0
LDAP PDC migration gone wrong.
Hi All,
I have a problem following the migration of my PDC's backend from tdbsam
to LDAP. We started out with a PDC called SMB1 which ran with a tdbsam
backend. I used pdbedit to convert it to LDAP and built a new server
onto which the LDIF file was loaded. Samba was then setup to use the
LDAP server as a backend. So far so good, Samba runs against LDAP and I
was able to add 60 new XP
2019 Feb 11
0
visibility of groups when multiple Samba servers use the same LDAP server
On Mon, 11 Feb 2019 15:40:02 +0100
Matthias Leopold via samba <samba at lists.samba.org> wrote:
>
>
> Am 11.02.19 um 14:22 schrieb Rowland Penny via samba:
> > On Mon, 11 Feb 2019 13:46:05 +0100
> > Matthias Leopold via samba <samba at lists.samba.org> wrote:
> >
> >>
> >>
> >> Am 11.02.19 um 13:22 schrieb Rowland Penny via
2004 Apr 14
2
samba with sun's ldap
Dear aarumuga
I've been reading your questions in Samba mailing list about SMB & Sun LDAP. I'm working with a same project and I would like to know only if is it posible or have you achieved your goal to link samba and Sun LDAP?
Thanks in advance and excuse me for my english.
Best regards,
Ramon Aznar
2004 Jun 30
2
[EXPERIENCES] with OpenLDAP and Samba and Redundancy???
I can't say I've tested this in any depth. Where multiple LDAP servers are listed as the LDAP
backend is the behaviour of Samba that if it fails to contact the first listed server it will
try the second and so on? If that's the case Samba should only ever try and update the password
on a single LDAP server which would then replicate the change to any other master and slave LDAP
servers
2003 Dec 12
3
configure error with --enable-dmalloc
Hi list,
I'm trying to compile samba 3.0.1 rc1 with --enable-dmalloc switch because I have been asked to provide more information on a winbindd panic on a Solaris server. However the configure fails with the error shown below,
config.status: creating include/config.h
Note: The dmalloc debug library will be included. To turn it on use
./configure: command substitution: line 3: syntax error:
2004 Jan 27
0
re:ldap group mapping problems
well, they both have the same sid, for some bizarre reason.
net groupmap list -s /etc/samba/smb.ldap |grep "Admin"
Domain Admins (S-1-5-21-4070452498-3149834983-2923667569-512) -> 512
Administrators (S-1-5-21-4070452498-3149834983-2923667569-544) -> 544
Domain Admins (S-1-5-21-4070452498-3149834983-2923667569-512) -> ntadmin
and see, it has a posixgroup entry?
# LDIF Export
2004 May 06
1
FW: Kerberos case sensitive with Mac OS X on Samba 3.0.x
This was blocked with both good and bad log output due to the size limit on attachments
so I've removed the log from the successfull authentication. I think its pretty obvious
whats going on from the failed log,
thanks Andy.
-----Original Message-----
From: ww m-pubsyssamba
Sent: 06 May 2004 10:32
To: 'Jeremy Allison'; 'samba@lists.samba.org'
Subject: RE: [Samba] Kerberos