Displaying 20 results from an estimated 10000 matches similar to: "winbind idmap using active directory as ldap backend"
2007 May 16
1
Samba as a AD domain member server with idmap backend = ldap
Hi Folks,
Hopefully an easy question. I've scoured FAQs, books and documentation
and managed to get the above configuration working, but only by straying
from the documentation in Chapter 14, example 14.4 of the Samba HOWTO:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id369912
Can someone confirm for me that when Samba is only an Active Directory
domain
2006 Feb 03
2
Enabling 'idmap backend = ad' for user auth
I'm using Samba 3.0.21a on Fedora Core 3 to authenticate against an AD
domain. The box running AD is Win2k3 R2, so AD has the RFC2207 schema
extensions applied.
I've successfully configured Fedora to do auth through winbind with the
normal backend (using uid/gid mappings). Now I'd like to reconfig to use
AD as the backend.
I was able to do this against a pre-R2 Win2k3 server with
2004 Sep 15
1
Retrieving UNIX UID/GID directly through Active Directory
Hi, there's a bug on bugzilla.samba.org that I'd like to comment on but it's
not letting me.
It's bug #242, titled "Retrieving UNIX UID/GID directly through Active
Directory from schema extension"
The person who posted the request talks about using AD4Unix, but I've
installed Microsoft's Services for Unix and it made similar schema changes.
Specifically, it
2006 Jan 26
3
ldap not using kerberos (winbind rid idmap)
hi,
first of all - I am very sorry if this topic turned up in the mailing list
before - I really did have a look at the archive and couldn't find anything
like it.
Here's the problem. I set up an idmapping using the rid facility. It is
working smoothly. I do have a question though. I logged some packets and
realized the ldap queries are not encrypted. I wonder why since all the
2005 Dec 01
0
Unresolved Questions for Active Directory Kerberos/LDAP/AD4Unix or SFU35 support?
I have been digging around for information on this in either online and
published books, but I haven't yet found the answer. I am interested in
AD connective through AD Kerberos/LDAP/SFU or AD Kerberos/LDAP/AD4Unix.
I have a pure win2k3 environment, so there is no backwards support via
PDC emulator. Published books document older NT-like environments.
*cries* If there are any documents,
2007 Mar 07
1
dovecot-ldap.conf - Active directory
Hello,
I have a configuration with dovecot-ldap working with openldap (on
FreebSD 5.4 Release).
Now I'm trying to do the same thing with an Active Directory (win2k3).
I have installed an properly configured SFU. Via nss_ldap-pam_ldap is
working fine (FreeBSD 6.2 Release).
Because nss_ldap is reported broken with dovecot I'm trying to use
dovecot-ldap for both passdb and userdb.
My
2011 Jan 17
2
Auth on OpenLDAP with idmap without Windows
Hi,
Let me know if this scenario is possible:
I want a samba server authenticating on OpenLDAP with IDMAP, without
creating any local user on server.
My environment is: many linux clients, a OpenLDAP server and some
services authenticating against it.
We don't use Active Directory nor we have any Windows server or client.
I don't know if this is possible and i've searched a lot
2014 Nov 15
1
Clarification on the appropriate idmap settings for a standalone server
I am trying to increase my understanding of samba. I am running a FreeBSD
server with Samba 4.1.12 configured as a standalone server in a testing
environment.
The documentation here indicates that winbind / the idmap facility is of
little or no use on a standalone server:
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2604490
Is this still the case in Samba4?
My
2005 Sep 30
0
IDMAP difficulties
hi,
can somebody explain, how the idmap backend with ldap works exactly.
sorry for that stupid questions, but the docu is not clear for me.
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/
idmapper.html#id2588292
i understand the idmap topic/difficulty, why i need this, but how the
ldap get filled with idmap entries? automatically/dynamically if
winbind is running? or
2007 Nov 14
1
Winbindd
I am trying to have user logon used winbindd for user directory
information and krb auth.
The kerber logon works when NIS or /etc/password is used for user info.
The only difference I see is winbind return a * in the password field.
My understanding is * will prevent logons and x will allow the user to
logon using /etc/shadow or krb auth in this case.
Is there a way to change what winbind
2008 Nov 10
1
Configuring idmap for a Samba 3.2.4 AD member server
I'm hoping somebody can point me to the right documentation for
setting up the following scenario.
Earlier this year I had Samba 3.0.28a working as a member server of a
(Windows Server 2003) AD domain, using Solaris 10 and Heimdal
Kerberos. I was able to log into the server using AD accounts, getent
passwd worked, etc. I was using "secruity=ads" with these settings
(among other):
2004 May 09
0
idmap backend with Active Directory LDAP
Everything that I have read about 'idmap backend' describes it being used
with a standalone LDAP server. Is it possible though to configure Samba
to store idmaps directly in an Active Directory LDAP using 'idmap backend'?
This would obviously involve some schema changes to Active Directory, but
other than that I can't think of any technical reasons why this would not
be
2016 Aug 26
1
Configuration of smb.conf for Active Directory authentication
Thanks for the feedback.
With the modifications you specified I have this smb.conf, however it cannot be accessed?;
"
[global]
netbios name = FILESERVER-001
security = ADS
workgroup = CORP
realm = CORP.INBAYTECH.COM
log file = /var/log/samba/%m.log
log level = 1
idmap config *: backend = tdb
2009 Apr 14
1
set up for Active Directory
Running Sun OS 5.10 sparc.
OK, I am trying to establish an Active Directory connection from my Sun
Solaris box and am trying to utilize Samba to accomplish this task. I've
installed OpenLDAP & Samba, but when I run a few checks, it appears that
Samba is not seeing KRB or ADS, but is seeing LDAP & WINBIND.
(This is Samba 3.3.3)
# cd /usr/local/samba/sbin
# smbd -b|grep LDAP
2009 Oct 09
2
AD Integration woes - rfc2307 data not being honored
Red Hat Enterprise Linux Server release 5.2 (Tikanga) - x86_64
Samba - 3.0.28-0.el5.8
Objective: To have samba authenticate against AD and utilize the values set for the AD rfc2307 schema.
Problem: Values stored in AD are not being used.
The samba server has successfully joined the AD, but when I do a getent passwd | grep <user> the uid, none of the values returned match what is stored in
2006 Oct 20
2
could not read attribute 'msSFU30UidNumber'
Hi,
I'm using samba 3.0.23c, and having a bit of trouble getting it to play nice
with my active directory. I'm using Windows Small Business Server 2003 with
the SFU 3.5 NIS server/schema extensions installed. I have samba configured
to use ad as the idmap backend, and sfu for nss info.
When running getent passwd, only a few active directory users show up, and I
get lots of errors
2008 Feb 15
0
Integration with MS Active Directory
Hello all,
I'm following the howto
<http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO>
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO to
integrate FreeRadius with Microsoft's AD. The first steps are to make the
linux box integrate with MS Active Directory, using some of the samba tools.
While working on this, I experienced some
2004 Oct 29
1
winbind name service required for active directory (ADS) authentication and group-based authorization?
Hello Samba Gurus,
Is using the winbind name service required in order to get authentication AND authorization via ADS? I'll explain further.
Goal: create samba share for which clients are authenticated via native ADS and access is based on ADS group membership.
I've actually done this in the old Windows NT world. Worked okay. It's wasn't too hard, except for the winbind
2008 Sep 17
0
Samba PDC + Kerberos
Hello everybody,
I'm looking for some suggestion how to kerberize SAMBA, let me explain
I have a Windows 2008 Enterprise Server (will be used as terminal
server) and a Samba Server as PDC. What I want to do is logon to the
terminal server using samba, I've already put the win server into the
samba domain and everything is working; but I want to kerberize samba to
avoid different
2012 May 29
4
idmap backend = ad and Active Directory 2008R2
Hello All,
I'm trying to set up linux ssh/shell authentication on a CentOS_6.2 server
running smbd version 3.5.10-114 using winbind/smb/pam. We've done this
successfully using the tdb backend but wanted users to get the same UID/GID
on every machine. Switched to rid for the backend but users still got a
foreign number for UID and their default group was always Domain Users. So
I'm