Displaying 20 results from an estimated 100000 matches similar to: "winbind: how to map Windows groups to existing unix groups; limit windows group to unix groups"
2005 Feb 22
4
Winbind - how to map ADS group to Unix group
I am running 3.0.10-1.4E on RHEL4. The machine is a ADS member server. I
would like to statically map the ADS group "Domain Admins" to the built in
"wheel" group so all members of "Domain Admins" are in the "wheel" group. I
have looked at the username map option, but I don't want a group of users
mapped to a UID (this would defeat what I am trying to
2004 Mar 16
0
winbind: how to map Windows groups to existing unix groups; limit windows group to unix groups
Hi,
I'm running samba 3.0.2a as a windows domain MEMBER, security=ADS.
Just installed winbind last week it it looks great.
However I would like to have winbind 'map' some windows groups (e.g.
"Domain Users") to existing unix groups (e.g. "users").
First I thought net groupmap could be used to achieve this but this tool
seems only intended to map unix groups to
2007 Jan 15
1
Winbind caching group membership issue
Hi All,
I am using samba-common-3.0.10-1.4E.9 on a RHEL4_U4 x86 machine. The
ADS server is WS03 sp1 running in Windows Server 2003 interim mode. In
general thing are working well. However, when winbind caching is
enabled (default), group membership does not appear to update, i.e.
"wbinfo -r bob" and "groups bob" don't reflect changes in ADS group
membership.
2007 Apr 04
1
Issue with pam_winbind for MS AD authentication and moduleoptions
Hello!
passwd, shadow and group looks as follows in nsswitch.conf:
passwd: files winbind
shadow: files
group: files group
What really confuses me is that when my AD server is up and running,
root or any local user logs in with no problem.
And even when AD server is down, after trying a zillion times, root and
other local users login, and then if I log them out and try again a few
minutes
2008 Jun 13
0
How to map an AD group to an existing unix group/gid
I have a unix group that owns some files on a share, and I'd like to set
up a group mapping so that an Active directory group (with an exising
mapping in winbind from earlier use) gets access to these files via a
mapping.
I've been fooling around with net groupmap add, and haven't been able to
get this set up.
The group Domain Users has an existing mapping to gid 10004, which
winbind
2009 Feb 24
3
using winbind to map existing unix to AD users
On our campus, we have an AD forest. Our particular department has a
number of samba servers that authenticate to one tree of that AD forest.
All of our users have accounts in LDAP for unix and AD for windows.
We don't want/need winbind for authentication. However, we would like the
ability of setting ACLs on the samba server from windows clients. So, I
assume I need a mapping of unix
2005 Nov 01
1
Can samba map between existing Windows (SID) users and existing unix (UID) users
Hi again,
This is a follow up to a previous e-mail, but no luck so I have done
some more digging.
I don't understand why it is so difficult to map between a existing user
on a Windows Server (SID)
and an existing user on a Unix/Solaris (UID) user, since all information
is available?
unix# /usr/local/samba/bin/wbinfo -n andrew
S-1-5-21-1984182827-583073959-8547516-2056 User (1)
unix# tail
2005 Nov 02
0
(part 2) Can samba map between existing Windows (SID) users and existing unix (UID) users
I have had a few replies and it looks that I am on a no win solution.
I either set up LDAP and delete local UID on our UNIX boxes and let samba
convert SID to UID, or just leave thinks as they are.
I still don't under stand why it is so difficult to do what I want when all the
information seems to be at hand.
1) User changes security of a file on a samba share to allow DCSNT\andrew access.
2007 Feb 06
3
CentOS samba upgrade
Centos samba version is 3.0.10 which is the package that comes with the
disto - is the only way to upgrade to the latest samba 3.0.24 is to
recompile the samba source? I have tried "yum update samba" however it says
3.0.10 is the latest so i downloaded 3.0.24 and tried rpm -Uvh or yum
localinstall but i get the following dependency errors
to # yum install
2020 Jun 04
1
Unable to map AD Users to existing local Unix users since 4.8.x
Rowland said:
>> Is there a set of settings to restore the mapping of AD users to pre-existing Unix Users?
>No
>>
>> Does the official Samba distributed project source continue to support AD Users mapping to pre-existing Unix Users?
>I do not think it ever did.
I found this reference quickly from google describing the previous behavior.
Winbind was always optional
2008 Jul 30
2
unable to map windows to unix groups
Hello.
After fresh install.
Samba and ldap seems to run normally ( I can join win2k workstation to linux
samba pdc ).
Using yast I create a system group named domadmin
But I am unable to map "Domain Admins" to domadmin
I am unable to map "Domain Admins" to existing ntadmin group
I am unable to mofify mapping "Domain Admins" to domadmin group
Thank you for
2005 Oct 31
0
Map between existing UNIX UID's and Windows SID for file sharing.
Hello,
I have search this list and the HOW TO's, but can't find the answer!
We have all our users on both Windows (ADS) and Solaris (NIS), but I
can not configure samba
shares so Windows Users can modify the security settings on there files,
so that other people can look/edit
there files....
If I don't fix this problem soon we will end up with a Windows
file-server as well as a
2007 Feb 06
3
ntuser.dat
What are the implications of locking the ntuser.dat file on the user's
server profile? That is, if I make the ntuser.dat file read-only, what
affects will that have on the client?
2006 Nov 08
0
Mapping of Windows SID to existing UNIX users not work
There was a thread in the past, i know, but i have not found any solution:
I have a domain member server Samba 3.0.23c and an AD witch manage the users.
Always a user tries to add permissions for an other user I got the error in log.smb
create_canon_ace_lists: unable to map SID
S-1-5-21-3120594657-2306910035-793260449-1128 to uid or gid.
Which means that the Windows SID is not able to map to
2020 Jun 04
0
Unable to map AD Users to existing local Unix users since 4.8.x
On 04/06/2020 21:22, Bivans, Crispin via samba wrote:
> Rowland said:
>>> Can you point me to a Release Changes note that says explicitly that Winbind is now required or that mapping of AD users to local unix accounts has been removed?
>>>
>>> Crispin
>> Yes, see here:
>>
2004 Apr 02
1
Group mapping: several unix groups to one Windows group?
Hello,
Is it possible to map several unix groups to a single Windows group SID?
We have several department groups we want to include in Domain
Users, but not single unix group for all users.
Thanks,
Scott Hanson
2020 Jun 04
2
Unable to map AD Users to existing local Unix users since 4.8.x
Rowland said:
>> Can you point me to a Release Changes note that says explicitly that Winbind is now required or that mapping of AD users to local unix accounts has been removed?
>>
>> Crispin
>Yes, see here:
> https://wiki.samba.org/index.php/Samba_4.8_Features_added/changed#Domain_member_setups_require_winbindd
>
>Samba did a lot of things back in the NT4-style
2005 Jan 13
2
Mapping Windows groups to Unix ones on Samba 2.2
Hi all,
Now that I've got Samba 2.2.12 running correctly on that HP-UX box, I
need to allow write access to a given AD domain group.
What is the right way to do it on Samba 2.2?
I added a group.map file in smb.conf, and a line inside that said:
unixgroup = "AD Domain Group"
Then in smb.conf, I put in [global]:
groupname map = /etc/opt/samba/group.map
And in the correct
2005 Mar 17
1
winbind: How to map windows admin-user to Linux root ?
Hi,
Is there any way that I can map window AD admin-user
to Linux root user (uid=gid=0) ?
I noticed that windows Active-Directory users can use
"idmap [uid-range]" to map to Linux users, but the
idmap uid-range doesn't include '0'. e.g.
idmap uid = 10000-20000
idmap gid = 10000-20000
Thanks!
YY
Yanping Du
Software Engineer, Cisco Systems
820 Alder Dr.
2004 Oct 28
1
Possible to map root to group via winbind?
samba 3.0.7, freebsd 5.2.1
My /usr/local/etc/samba-user.map looks like
root = DEV.grahamd
I would like to modify the ACLs on a directory that look like so:
drwxrwx--- 2 root Domain Admins 512 Oct 28 16:41 test2/
(if I chown the directory to my DEV.grahamd account, I can change ACLs
to my heart's content)
I'm operating under the assumption that only root, or the owner of a
file