similar to: Winbind and Multiple ADS.

Hi- I've set up samba 3.02a and have it successfully authenticating against a Windows 2000 ADS Server. Everything is working great, except that samba (winbind?) won't talk to the backup ADS server when the primary ADS server goes down. I'm shutting off the primary ADS server to test this, and when I do I get the following: [root@iceberg /etc]# /usr/local/samba/bin/wbinfo -u Error

Hi, I'm working with two AD servers (I was trying to setup a primary and secondary): From smb.conf: password server = server1, server2 security = ADS This is the scenario I tested and the results: ===> Start: CLDAP is sent to server1. Authentication requests (microsoft-ds) are sent to server1. ===> server1 disconnected: CLDAP is sent to server2. Authentication requests

Hello all, I have setup an HA cluster running under Debian GNU/Linux with samba 3.0.7, openldap 2.0.23 with two machines. Each machine runs winbindd and slapd. One additionally runs slurpd to replicate to the other. Replication works but winbind seems to add entries on the secondary ldap server and not follow the updateref given from the server. This is a problem since the ldap database run

(Apologies in advance for the length of this message - hopefully someone more familiar with AD will be able to point me in the right direction or at least help me identify what's going wrong here).. I'm in the process of putting together a new print server using Samba and CUPS, and I'm having a bit of trouble getting Samba to properly join the AD domain. Printing works perfectly, and

Hi Samba people, I'm having a strange problem with Samba 3.0.25b running on solaris 9 with native ADS and Winbind. A domain user (no /etc/passwd entry), jlunch, can write to directories via the unix shell that has group permissions he is part of without any issues. However, doing the same via a samba share (share1) in the same folder (folder1), returns permission denied. It almost appears

Im having some trouble getting, or even finding out if this works. I have read through the samba by example and all the docs i can get my hands on and i cant get this to work. Maybe it isn't supposed too.... I have setup samba under RHEL4 QU1 to authenticate to AD. I am just using samba to authenticate users for login purposes. It works fine and dandy until my primary AD box goes down. I

Hi folks ! Has someone any idea on this issue on AIX 5.3 TL 10 with winbind ? I'm really stuck now ... I think everything is working pretty well with WINBIND and AD 2k3 , but not my most important point : I absolutely need the Secondary groups of each AD user which get connected to the AIX to use this filter with sudo... I only get Primary Group (which is by default "Domain Users"

This one is probably going off into the esoteric side of things, but Samba/winbind doesn't seem to be working quite as expected in one particular area -- domain local groups having members from other trusted domains. I've searched extensively (google and elsewhere...), and have found little/no mention of this particular problem: "domain local group" members from other

2015-11-12 15:13 GMT+01:00 Rowland Penny <rowlandpenny241155 at gmail.com>: > On 12/11/15 13:48, mathias dufresne wrote: > >> 2015-11-12 14:32 GMT+01:00 Rowland Penny <rowlandpenny241155 at gmail.com>: >> >> On 12/11/15 13:05, mathias dufresne wrote: >>> >>> >>>> >>>> That's for that same reason I don't agree

Hello, I have configured a Nagios server to be part of a Windows 2003 domain. The Linux server is RedHat 5.3 with winbind version 3.0.22. The configuration is using kerberos and pam with winbind to support Windows user and local account. Everything is working fine until we test the active directory failover. The system is still accessible through domain account but it's very slow and the

[originally posted to fedora-users] I'm having difficulty getting samba/winbind to authenticate of a W2K3 box. I've searched the list archives and although there are some similar problems, none have seemed to help resolve this one. Here's the network configuration: - Windows 2003 Server gx270-rmaniar [192.168.0.100] - Fedora Core 3 gx280rmaniarFC3 [192.168.0.5] FYI: A Windows XP box

2015-11-12 14:32 GMT+01:00 Rowland Penny <rowlandpenny241155 at gmail.com>: > On 12/11/15 13:05, mathias dufresne wrote: > >> >> >> >> That's for that same reason I don't agree and think it is not fair to not >> give Samba admins the choice. >> If all my 120000 users have primary group id set to 100, as you said all >> newly created

I have setup a Centos5.5 VMWare guest with Samba and Winbind for Active Directory integration, using GUI tools. Authentication works flawlessly, with automatic home directory creation. What I want to achieve now is using local UNIX groups to controll access to shared folders. smb.conf global section: workgroup = COGITANS password server = domainserver.hq.cogitans.it realm = HQ.COGITANS.IT

Hi, I'm running samba 3.0.2a as a windows domain MEMBER, security=ADS. Just installed winbind last week it it looks great. However I would like to have winbind 'map' some windows groups (e.g. "Domain Users") to existing unix groups (e.g. "users"). First I thought net groupmap could be used to achieve this but this tool seems only intended to map unix groups to

Hello all! I've been successful at adding ADS authentication to my Samba servers on all fronts, and also get kerberos authentication working. I've managed to overcome some limitations (like, for instance, automatic password changes on password expiration), but am facing one last hurdle before I can honestly say that my system is well prepared for (almost) all scenarios. When the

On 18/11/2020 10:42, Gregory ROCHER via samba wrote: > Hi all > > I'm looking for some help on winbind/idmap for a new host > > > We want to use security=ads so we join this host to the domain > No problem for windows clients : they can mount shares that are > accessible to their primary unix group and secondary unix group(s) You are using AD now, so the primary group

In our native Win2K3 AD domain, several AD accounts have a sIDHistory that carry SIDs from before the AD domain migration in addition to the "primary" objectSID. Samba 3.0.21c winbindd (with idmap OpenLDAP backend) on domain member servers (running SuSE 9.3 Pro) allocates multiple uids for these SIDs with the same (AD) user name: Primary SID: # getent passwd myuser

On 12/11/15 13:48, mathias dufresne wrote: > 2015-11-12 14:32 GMT+01:00 Rowland Penny <rowlandpenny241155 at gmail.com>: > >> On 12/11/15 13:05, mathias dufresne wrote: >> >>> >>> >>> That's for that same reason I don't agree and think it is not fair to not >>> give Samba admins the choice. >>> If all my 120000 users have

Hi all. Pretty new in Linux side of the world. I'm trying to run Samba 3.x on Fedora-core-1 in an ADS environment, with krb5 authentication. Installed Samba 3.0.2rc2 from source, installed the required libraries for kerberos MIT, configured smb.conf and krb5.conf. Run net ads join -U administrator and it worked, i can see the machine account in the active directory. From my linux box I

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First the setup: Samba 2.2.3a on Debian testing, built with ACL support on XFS filesystem. NT4 PDC (Eventually we plan to implement Samba PDC, but that's a ways off.) Secondary offsite Samba server, same config as above, rsyncing data directories every 5-minutes over T1. Offsite Backup server grabbing data off the live Samba server nightly