Displaying 20 results from an estimated 1000 matches similar to: "security = server, username map, different domain -> no login"
2005 Jan 12
0
Log on problems since update from 2.2.12 to 3.0.10
Hi,
I want to move from Samba 2.2.12 to 3.0.10. I downloade the 3.0.10
sources and compiled them (Solaris 8). Everything went fine. After the
install, I tested the new 3.0.10 Samba with the old smb.conf from 2.2.12
(the docs say this should work). I could not log in anymore.
I switched back to 2.2.12 and tried the 3.0.10 install on a Suse Linux
8.0 - with the same results. I used most parts from
2007 Jan 22
2
winbind - timeouts in domain with >100000 domain users
Hi,
I'm trying out samba with winbind. The domain has >100000 users and
I'm having some problems with the wbinfo and getent programs. The
server is domain member and running debin etch (x86_64) with
samba-3.0.23d.
idmap uid = 70000-300000
idmap gid = 70000-300000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
template shell = /bin/false
security =
2007 Jan 25
1
domain/unix groups and valid users parameter
Hi,
I want to switch from 'security = server' to 'security = ADS'.
Kerberos is working and I can login to the server.
With Samba 3.0.22 I was able to restrict access to shares with the
'valid users' directive. ve is local unix group.
valid users = +ve
And force the group ownership with the 'force group' directive.
force group = +ve
[foo]
comment = foo
2006 Jul 21
1
3.0.23 - different errors on solaris 8 (Error in dskattr...)
Hi,
I just compiled samba 3.0.23 on our Sun Solaris 8 server. 3.0.22 was
running fine and I used the same compiler options for 3.0.23.
$ ./configure --with-acl-support --prefix=/usr/local/samba3023
--with-quotas --with-included-popt --without-ldap --with-vfs
gcc version 3.4.2
GNU Make 3.80
Running make now throws a lot these warnings:
[-snip-]
Linking nsswitch/libnss_wins.so
ld: warning:
2007 Apr 18
3
file permissions with inherit permission + ACL's
Hi,
I have a share (testshare) where different unix groups (testgroup1,
testgroup2) should have access to. But I want that new files are only
created with 660 permissions.
Here are the ACL's of testshare:
# file: testshare
# owner: ralfgro
# group: ve
user::rwx
group::rwx
group:testgroup1:rwx
group:testgroup2:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
2008 Feb 11
1
dos filemode (security concern)
Hi,
I've a question about the 'dos filemode' option (samba 3.0.24, debian etch). I
want to use this option to allow group members with write access to add/change
permissions.
man smb.conf:
dos filemode (S)
only the owner of a file/directory is able to change the permissions on it.
However, this behavior is often confusing to DOS/Windows users. Enabling
this parameter allows a
2006 Mar 17
0
challenge that the password server supplied us is not the one we gave our client
Hi,
I've some problems with one of our samba fileserver (debian stable
3.0.14a-3sarge1). Every few weeks, I get the following error messages for
all users that want to access/mount a share:
[2006/03/16 08:52:53, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [PID51C9] -> [PID51C9]
FAILED with error NT_STATUS_LOGON_FAILURE
[2006/03/16 08:52:57, 1]
2019 Dec 04
2
security = ads parameter not working in samba 4.9.5
Hi Rowland,
I have done the edits as you suggested and ran again the script that you
provided. Below is the output.
Collected config --- 2019-12-04-11:46 -----------
Hostname: esmad1apl01
DNS Domain: emea.media.global.loc
FQDN: esmad1apl01.emea.media.global.loc
ipaddress: 10.34.54.152
-----------
Kerberos SRV _kerberos._tcp.emea.media.global.loc record verified ok,
sample output:
;;
2003 Aug 27
1
Again: restriction on workgroup name length ?
Hi,
I have checked out the cvs tree on Monday, Aug 25 which includes
your patch, built and installed it but without success:
log.nmbd:
[2003/08/27 16:34:00, 0] nmbd/nmbd_nameregister.c:(73)
register_name_response: Answer name EMEA.CORPDIR.NE<00> differs from question name EMEA.CORPDIR.NET<00>.
[2003/08/27 16:34:00, 0] nmbd/nmbd_nameregister.c:(73)
register_name_response: Answer
2019 Dec 11
0
security = ads parameter not working in samba 4.9.5
Hi Belle,
Below is the output after I performed the suggested steps.
root at esmad1apl01:~# net ads join -U media\\svc_domjoin02 -d6
INFO: Current debug levels:
all: 6
tdb: 6
printdrivers: 6
lanman: 6
smb: 6
rpc_parse: 6
rpc_srv: 6
rpc_cli: 6
passdb: 6
sam: 6
auth: 6
winbind: 6
vfs: 6
idmap: 6
quota: 6
acls: 6
locking: 6
msdfs: 6
dmapi: 6
registry: 6
2019 Nov 29
5
security = ads parameter not working in samba 4.9.5
Hi Rowland,
Below is the output that is produced.
Collected config --- 2019-11-29-15:33 -----------
Hostname: esmad1apl01
DNS Domain: emea.media.global.loc
FQDN: esmad1apl01.emea.media.global.loc
ipaddress: 10.34.54.152
-----------
Kerberos SRV _kerberos._tcp.emea.media.global.loc record verified ok,
sample output:
;; Truncated, retrying in TCP mode.
Server: 10.10.136.85
Address:
2019 Dec 03
0
security = ads parameter not working in samba 4.9.5
On 03/12/2019 09:58, Sac Isilia wrote:
> Hi Rowland,
>
> The dns domain is - emea.media.global.loc? .
>
OK, it looks like you need a few changes ;-)
Remove the '127.0.1.1' line from /etc/hosts
Make /etc/resolv.conf look like this:
search emea.media.global.loc
nameserver `ipaddress of a DC'
nameserver `ipaddress of another DC'
You might have to stop Network manager
2003 Aug 22
1
restriction on workgroup name length ?
Hi,
I have a Windows 2000 Domain Controller serving the domain
EMEA.CORPDIR.NET
smb.conf:
workgroup = emea.corpdir.net
security = domain
nmbd show the following errors:
register_name_response: Answer name EMEA.CORPDIR.NE<00> differs from question name EMEA.CORPDIR.NET<00>.
[2003/08/22 16:29:42, 0] nmbd/nmbd_nameregister.c:(73)
register_name_response: Answer name
2019 Dec 11
0
security = ads parameter not working in samba 4.9.5
On 11/12/2019 14:10, Sac Isilia wrote:
> Hi Rowland,
>
> The good news is that server is joined to EMEA-MEDIA domain. But I can
> not id my user however SID is returned when I run wbinfo.
>
> root at esmad1apl01:~# wbinfo -t
> checking the trust secret for domain EMEA-MEDIA via RPC calls succeeded
> root at esmad1apl01:~# wbinfo -m
> BUILTIN
> ESMAD1APL01
>
2004 Feb 26
0
Samba and trusted domains - need to get my story straight
Hello all,
Samba 3.0.1 on Sun Solaris 5.9.
I need to get my story straight before I ask the people with the necessary
access rights to do the Samba setup.
I would appreciate it if someone could validate my story below.
Thanks!
Simon.
The situation:
* There are 2 domains:
- EMEA (PDC=EMEAD01,BDC=EMEAD02)
- NLRESOURCES (PDC=NLRESOD01,BDC=NLRESOD02)
* Users have accounts on the EMEA domain.
2004 Feb 27
1
Is this how "trusted domains" work in Samba 3?
Hello all,
Samba 3.0.1 on Sun Solaris 5.9.
I need to get my story straight before I ask the people with the necessary
access rights to do the Samba setup.
I would appreciate it if someone could validate my story below.
Thanks!
Simon.
The situation:
* There are 2 domains:
- EMEA (PDC=EMEAD01,BDC=EMEAD02)
- NLRESOURCES (PDC=NLRESOD01,BDC=NLRESOD02)
* Users have accounts on the EMEA domain.
2019 Nov 29
2
security = ads parameter not working in samba 4.9.5
Hi Rowland,
I get below error while running the script again.
bash samba-collect-debug-info.sh > samba-output
kinit: Client's credentials have been revoked while getting initial
credentials
cat samba-output
Please wait, collecting debug info.
Wrong password or kerberos REALM problems, exiting now.
Below is my /etc/krb5.conf
[libdefaults]
default_realm = EMEA.MEDIA.GLOBAL.LOC
2020 Mar 15
0
Winbind not working - Not able to join Domain - Unable to initialize domain list
On 15/03/2020 13:51, Sac Isilia wrote:
> Hi Rowland,
Please do not send posts directly to me, send them to the list.
>
> I am running RHEL 6.8 and try to join to EMEA-MEDIA domain. Below is
> the output of net ads join in the debug mode. It seems that it is not
> able to find the DC info however I have updated the DC in resolv.conf
> , ntp.conf and krb5.conf as well. I
2018 May 24
0
CESA-2018:1655 Important: qemu-kvm-ev security update
2018-05-24 3:18 GMT+02:00 Karanbir Singh <kbsingh at redhat.com>:
> On 23/05/18 06:56, Sandro Bonazzola wrote:
> > CentOS Errata and Security Advisory 2018:1655 Important
> >
> > Upstream details at: https://access.redhat.com/errata/RHSA-2018:1655
> >
> > This is the qemu-kvm-ev side of the CVE-2018-3639 mitigation.
> >
> >
2019 Oct 25
0
[ovirt-users] [feedback needed] VirtIO Windows Drivers - new installer
Il giorno gio 24 ott 2019 alle ore 19:28 Strahil <hunter86_bg at yahoo.com> ha
scritto:
> Hi Sandro,All,
>
> Can I upgrade the tools on existing VM , or it requires a fresh one? Best
> Regards
>
If you have oVirt windows guest tools already installed suggestion is to
uninstall it before installing this new installer.
> Best Regards,
> Strahil Nikolov
> On Oct 24,