similar to: login fails if smbusers is used to map domain admin to root.

Hi all I have a samba 3.0.21c with ldap backend , i have about 100 users connecting to my domain. i have a linux system which acts as a file server (prjsrv01) where i have declared 2 shares. projects and datalib. The users get drives mapped with the help of logon script. so i map projects share as P: drive net use p: //prjsrv01/projects. but whent the logon script runs the command. it says

hi i'm working with samba3.0rc2 no probs but i have i question concerning id-mapping i authenticate all users with ldap, works but i always need a samba user in ldap, with sid sid S-1-5-21-1042031166-387543594-2118856591-501 if i don't have it, i get an error during logon with winxp, that the domain controller could not be found or i have a non-existent account, which is not correct

Hello everyone! After running Samba on several machines for some years, I just came accross a rather strange problem. The short story is that the special user home shares are readable, but not writeable. Here's the long story: The system is a freshly set-up Debian Squeeze, right out of the box. This is the Samba config: -------------------------------- 8<

Hi Daryl, > I recently migrated our samba PDC to an LDAP backend on a test machine. > Testing my account policies, I found out that the password lockout did not > work. bad password lockout works fine in Samba AD mode. Is there a technical reason for you to keep on using PDC NT4 mode? In AD mode, you'll also get a LDAP, and it will be much easier to setup and manage! By the way,

I found out the answer to why the bad password count was failing by following the stack trace If anyone has the same problem, this was caused by my access rights being too restrictive. source/passdb/Init_sam_from_ldap.c:1064 => There is a "goto fn_exit;" in case ldapsam_get_entry_timestamp() fails before the cache is read via login_cache_read. This function will fail if it cannot

Hi Denis, Thanks for your suggestion When I looked into Samba4 AD, I figured it would take too much effort to port our infrastructure to it, seemingly without benefits We already have a quite extensive network architecture with OpenLDAP acting as a LDAP server. Samba4 AD seems to require its own LDAP implementation (and some more quirks IIRC). There's also the additional DNS configuration

Hi, I'm trying to test Samba 3.0.0 beta 1, and so far, one problem I have spent the last couple hours trying to solve, is a problem I am having joining the domain with an NT4 workstation. The samba server is a PDC, and when I try to join the workstation to the samba controlled domain using the root account (which worked on Samba 2.2.8 just fine), I get a message on the NT workstation that it

It is my understanding that if you have a wildcard in smbusers, it should only apply this if the particular users is not in your /etc/password file. Is this true? It appears like samba is rolling down the smbusers file and everything gets mapped to my wildcard user. Eg. smbusers: root = administrator admin nobody = guest pcguest smbguest myunixlogin = mysmblogin www-users = * If I map a

Ok, this one is driving me nuts. I am using smbk5pwd to sync samba, ldap, and heimdal kerberos passwords. I have the overlay working if called from the ldappasswd command. However, if I set "ldap passwd sync = only", I get no joy from Samba. It does a series of searches, but doesn't send any kind of password update request to the server. If I use ldap passwd sync = yes, then

Hi All, I'm posting this just in case someone can tell what's going on with samba that would prevent this from working. Cisco has the ability to see a smb share from their webvpn product with CIFS. We can browse windows shares but not samba shares. The following log outputs are from my ASA firewall. I know these are cisco logs but I'm hoping a lightbulb will come on for someone. The

A new Debian(unstable) machine with Samba 4.5.2 is trying to join an NT4-style Samba domain hosted on a Debian(wheezy) Server with 3.6.6 which can't be changed but has been working for some years now with a couple of windows clients. Joining the domain was quite easy (only surprise was "client ipc signing"), and "wbinfo -u" gives me a list with all domain users. BUT

On Fri, 29 Mar 2019 09:30:13 -0400 "Thomas, David via samba" <samba at lists.samba.org> wrote: > I have a Centos 7.6 server with samba 4.8.3  configured as a member > of an AD domain using "ads' security and the "nss" idmap backend. > > Clients are unable to access the shares on the server - they > repeatedly get asked for their credentials. >

Hello all! We are attempting to get Samba-3.0.10 working on a new Solaris 8 machine in preparation for upgrading an existing 2.2.8 installation (both use the SMCsamba packages from SunFreeware.com). We copied over the smb.conf file and the usermap from the Samba-2 installation, and seeing some weird symptoms when Windows users try to connect to the new machine. We ran "net join" to

Dear Listmembers, apparently my attachement was not distributed via the list, therefore I add it once again to this email; plain text following my question. Many thanks for any suggestion in advance: I am using a SPARC ULTRA 60 / running SuSE sparc linux 7.3 as server for our M$-Network. I recently installed samba-2.2.8a from SuSE (compiled src-rpm), since then I am facing problems when attaching

Hi all: I am trying to migrate my NT4 domain to a samba server which uses an LDAP server on the backend for authentication This machine that I want to be the new PDC is running RHEL5 with samba 3.0.23c and an openldap 2.3.27 running on the same machine. I used the by-example page http://us3.samba.org/samba/docs/man/Samba-Guide/ntmigration.html as my guide I set this up in a test environment

I recently migrated our samba PDC to an LDAP backend on a test machine. Testing my account policies, I found out that the password lockout did not work. When authentication fail, samba seems to call init_ldap_from_sam asking to update the bad password count. When I set the lockout threshold to 1, the account is locked after a failed attempt and the badPasswordCount attribute is updated correctly

Hi I've talked about this in other messages but have a feeling it might have got lost amongst the other symptoms we were discussing. I had a Redhat 9 server on which I'd installed Samba 3.5.6 (built from source). I had it authenticating successfully against a windows 2008 active directory server. I then upgraded the Redhat server to RHEL5.3, on which I installed Samba 3.5.7 (and

I have a Centos 7.6 server with samba 4.8.3  configured as a member of an AD domain using "ads' security and the "nss" idmap backend. Clients are unable to access the shares on the server - they repeatedly get asked for their credentials. The smbd log shows the user authenticating and a mapping from the user's SID to their unix uid is found. However, it seems that

Hi All, I have a strange problem with passwords, stored in LDAP. When i try to logon as a user with the correct password, access is denied and the log says check_ntlm_password: Authentication for user [administrator] -> [administrator] FAILED with error NT_STATUS_NO_SUCH_USER When i try to logon a user with incorrect password, access is (of course) denied, but the log now says

Andrew, as you konw, I'm trying to get samba-3.0-alpha20 to authenticate a user that logs in to an AD domain workstation with the user's AD kerberos credentials. looking at the logs, it's not clear to me whether samba is trying to do kerberos or NTLM authentication for the client. in smb.conf I have: [global] security = ADS realm = HSSOE.UCI.EDU ads server =