similar to: Idmap: How to Map SID to existing UIDs?

Dear all, I am using Win2003 with SFU 3.5 (not R2) as domain controller. I enabled the UNIX attributes of several users and groups. I use idmap = ad to connect to my Win2003 box and setup the winbind / nss accordingly. wbinfo -u / -g work fine, getent passwd / group works fine, chown works fine, id <username> works fine. But when I tries to use ls or groups <username>, it returns the

New samba deployment; samba 3.0.24 w/ldapsam, em64t (Dell 2900), CentOS 4.4, using nss_ldap with LDAP master and two slaves (OpenLDAP 2.3.32), one Samba PDC (on LDAP master) and two Samba BDC's (on each of the LDAP slaves); no Windows servers; one Linux domain member server (first of several). All four Samba servers use the same LDAP parameters. testparm checks out. All accounts are in

Hi all, I'm in the process of setting up a test network with the view of rebuilding our existing (Samba 3.5-based) NT domain, from scratch. Most of the clients that will be connecting to it are Windows 7 machines, there is one Windows 8.1 Standard machine (that won't be joining, but not my problem), and a number of Windows XP virtual machines. Presently I'm running a network

Samba expects the keytab file as /etc/krb5.keytab. Solaris 11 looks for a keytab file in /etc/krb5/krb5.keytab When samba joins the domain it (probably) updates the machine password and then updates its krb5.keytab file. When connecting via ssh, the system would use a keytab file that had the wrong kvno and probably the wrong password key. The following symlink command fixed ssh

I have a Windows 2008 domain (one Win 2008 DC, one Win 2012 R2 DC.) I am trying to join a Solaris 11 machine to the domain for both Samba and other services. For "unix" logins and ssh, Solaris 11 is configured to use LDAP for user and group lookup and kerberos for authentication. The "kclient -T ms_ad" command joins the Solaris machine to the AD domain. It even

After 2 weeks of trying to configure samba as a member server in a native AD domain, with winbind+nss+kerberose following the Samba Collection and (Samba-3 By Exmaple) docuentation, with RedHat AS3, samba 3.0.9, krb5 1.3.1, where 2 KDC's are Windows 2003 and one is Windows 2000, and smb-signing has been turned off,... when a user tries to access a share, they are prompted for a password, and

Dear all, I want to ask if I can hide the machine accounts shown in getent passwd ? I know it is harmless but they are not user accounts after all. I am using security = ads and using libnss_winbind. Thanks. Cheers, Jacky Hui

Hi, Just found out that Postfix does not implement/support the AUTH=sender parameter. So, back to Dovecot, can we use variables in the submission_relay_user = submission_relay_password = then Dovecot will forward the username and password information of the current user to the Postfix submission service for authentication? Best regards, Jacky On 10/1/2019 10:46 AM, Jacky wrote: >

Hi Gerald and Odhiambo Washington, Thank you for your suggestions and will try them out. Best regards, Jacky On 9/1/2019 6:38 PM, Odhiambo Washington wrote: > > > On Wed, 9 Jan 2019 at 13:09, Jacky <jacky at jesstech.com > <mailto:jacky at jesstech.com>> wrote: > > Hi Gerald, > > in my postfix/main.cf <http://main.cf> > >

Hi I'm having problems with samba-3.0.21b and Windows Server 2003 domain controllers. When I try to access the samba server from a client (\\sambasrv) I only get a login prompt, no username/password combination works. Accessing the samba server through its IP-number instead of using the netbios name works. This together with the log message "Failed to verify incoming ticket!"

On 2017-04-16, 19:06, S P Arif Sahari Wibowo via samba wrote: > I was looking into samba wiki pages and cannot find > documentation for this. Generally most the documentation pages > either discussing samba as AD member or standalone. So still looking at this. So this is the state currently: kerberos setup (krb5.conf and keytab) is working in the server, I can do kinit properly. But

On Mon, 2 Oct 2017 14:51:54 +0200 Rainer Krienke via samba <samba at lists.samba.org> wrote: > Hello, > .... > [2017/10/02 11:07:47.046715, 2] > ../source3/auth/auth.c:315(auth_check_ntlm_password) > check_ntlm_password: Authentication for user [HOSTNAME$] -> > [HOSTNAME$] FAILED with error NT_STATUS_NO_SUCH_USER > It looks fairly obvious to me, the Samba

On Wed, 9 Jan 2019 at 13:09, Jacky <jacky at jesstech.com> wrote: > Hi Gerald, > > in my postfix/main.cf > > smtpd_sasl_authenticated_header = yes > smtpd_sasl_security_options = noanonymous > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_type = dovecot > smtpd_sasl_path = /var/run/dovecot/auth-client > broken_sasl_auth_clients = yes > > I am already

I forgot the smb.conf file: [global] workgroup = MYDOMAIN netbios name = svcanimp socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind gid = 10000-20000 os level = 20 winbind enum groups = yes winbind separator = /

Hello, I am having a problem getting my server to join our realm as a domain member server. I have read through google, yahoo, and this list, but I cannot find the answer yet. When I run: net join ads -Uadministrator and try to login it gives the following error: kerberos_kinit_password Administrator@MYREALM.COM failed: Cannot resolve network address for KDC in requested realm

Hello,   I have a samba server v4.6.5, it’s a member of a Windows 2003 domain.   I setup a share, in this share I want to set sgid bit on directories. I created a directory with SGID bit on the top of the share, but when I create inside new directories didn’t have SGID bits.   Here is my smb.conf :   [global] use sendfile = no gpfs:getrealfilename = no smb ports = 445 139 dos charset =

Hi Gerald, in my postfix/main.cf smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_sasl_type = dovecot smtpd_sasl_path = /var/run/dovecot/auth-client broken_sasl_auth_clients = yes I am already using dovecot for SASL The dovecot submission service authenticates users and already added the AUTH= parameter in the MAIL

Hi all, I am reading a huge data set(12M rows) that contains family information, Offspring, Parent1 and Parent2 Parent1 and parent2 should be in the first column as an offspring before their offspring information. Their parent information (parent1 and parent2) should be set to zero, if unknown. Also the first column should be unique. Here is my sample data set and desired output. fam

Hi, Does Asterisk have a limit to how many NAT'ed SIP clients it supports behind a single IP? I have the weirdest problem ever. I have three SIP endpoints. SNOM phones, if it matters. Their extensions are 200, 201 and 202. Apart from the username/password, the sip entries in sip.conf all have identical configuration. They're all NAT'ed behind the same IP. 200 and 202 registers

Hi, all: The follow parameters work well in samba 2.2.8a, But I updated samba from 2.2.8a to the latest samba 3.0.5 , I can't write 'test' share! What is the ploblem? [test] path = /pub/test force user = abc write list = jacky valid users = jacky,abc create mode = 0664 directory mode = 0775 Best Regards! Jacky Kim .