similar to: winbind/idmap/AD problem?

Hi, We've just put in a Samba fileserver to replace our windows box for our School District and it seems to be working great. I have a question about defining some specific permissions though. We set up 'Drop boxes' for teachers that kids can drag files into, but they don't have read permission so they can't read each others submitted work. Here's what is looks like on

Hello, I have enough details on how to have Linux users authenticate to a 2003r2 AD, but I need help getting their home dir's to automatically mount to a windows share. Any details would be greatly appreciated. Many thanks, James

Hello list users, I have been struggling with this combination in the subject field couple of days now, so I decided to ask for some advice here. Hopefully someone can point me to a right direction. The ultimate goal for me is to authenticate users using AD, so that the UID/GID values configured for users with SFU would also be in use in all our Linux machines. My understanding is that using

Hi, this is kind of a strange situation. I have a share that I want to work like a drop box. I want users to be able to create new files and read existing files, but not be able to delete them (except for the owner of the dropbox). Does anyone know how to do this? I've tried every combination I could think of write list, read only, force group, and sticky bits on the directory itself.

I'm unabe to use idmap_ad and sfu nss info with Samba on AIX. The configuration as it is works on a Linux build. workgroup = DOMAIN realm = DOMAIN.TLD server string = SERVER security = ADS idmap domains = DOMAIN idmap config DOMAIN:default = yes idmap config DOMAIN:backend = ad idmap config DOMAIN:range = 1000 - 60000

For our Linux Machines (SLES 10) we are using kerberos and LDAP to authenticate against Active Directory (works perfectly) Please note that the same configuration works with Windows 2003 Server, the problem is with with Windows 2008 Server However we are experiencing problems with winbind for the file share, I see in the "log.winbind-idmap" logfile the following errors [2011/03/03

We're beginning a migration from FreeBSD w/ Samba Version 3.0.28a to Gentoo Linux w/ Samba Version 3.0.33. Both the BSD system and the Linux system are joined to the domain, using the same krb5.conf file and nearly identical global sections of the smb.conf file. What I've found is the UID and GID are not aligned with each other. For example: (dc2: 14:52:53 </var/db/samba>)

Hi All, I extended my AD schema (SFU 3.5) and migrated the users and groups from my NIS domain. The groups migrated from the NIS have the same GID like on the NIS. I added linux machines to my AD domain using windbind, and define on the smb.conf "idmap gid = 10000-20000". I logged in using my AD user account, and when I'm doing "id", I see that all the AD groups

On Tue, 4 Oct 2016 16:09:40 +0200 Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > Am 04.10.2016 um 15:43 schrieb Rowland Penny via samba: > > On Tue, 4 Oct 2016 15:16:17 +0200 > > Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > >> > >> Am 04.10.2016 um 10:21 schrieb Rowland Penny: > >>> On

Hi all I am trying to run samba-3.0.28 on a solaris 10 sparc machine, as a member server for an AD 2003R2. I use nss_ldap-254. I compile samba with: GCC_EXEC_PREFIX=/opt/csw/gnu/ LDFLAGS="-L/opt/csw/lib" CPPFLAGS="-I/opt/csw/include" ./configure --prefix=/opt/samba --with-acl-support --with-quotas --with-included-popt --with-privatedir=/opt/samba/etc/samba/private

suggestion for minor improvement of the smb.conf manpage in the context of the 'idmap backend' parameter. At least as of v3.0.22 the manpage says: Finally, using the idmap_ad module, the UID and GID can directly be retrieved from an Active Directory LDAP Server that supports an RFC2307 compliant LDAP schema. idmap_ad supports "Services for Unix"

Le 25/10/2018 à 18:22, Giulio via samba a écrit : >> Is enabling SMBv1 on the Windows 10 side the only solution to get Linux share be visible for the Windows "Network" listing? > > Yes, it's the only way to see the samba computer in the computers' list. > > When using SMB>=2, network discovery will use a different protocol > (WSD/LLMNR) which samba

It looks from str(SA) that Response IPS1 is a data.frame of class "anova", which probably cannot be coerced to vector. Maybe you can use unlist() instead of as.vector() Or something like SA[["Response IPS1"]]["as.factor(WSD)",] ## to select the first row only, even maybe with unlist() Without a better REPRODUCIBLE example, I cannot tell more (maybe some others

Hi all, I just stepped over a problem where I can't add a local user to an AD group. Running getent passwd and getent group doesn't display the AD users. Wbinfo -g and -u work fine. Here is my smb.conf: [global] netbios name = sles11test1 realm = SOMEDOMAIN.NET workgroup = SOMEDOMAIN security = ADS encrypt passwords = yes password server =

A question for the best winbind SID-UID/GID mapping in our situation: I'm building a new infrastructure with Windows 2003SP1 ADS Domaincontrollers and some Debian Servers (File: Samba+NFS; Mail; Web; ....) and varios XP and Debian Clients. After reading Chapter 12. (Identity Mapping) in the Samba-HOWTO is IDMAP_RID in couple with winbind an easy way to solve the problem with syncr.

Hello all, I'm having a problem with Winbind resolving some users from AD on a W2KSP4 server running SFU 3.5 [8.0.1969.1]. All users and groups in the AD domain have been assigned UIDs and GIDs via SFU. The Linux fileserver is running CentOS 5.3 with Samba 3.0.33-3.7.el5. The fileserver has been joined to the domain using authconfig with proper modifications made to nsswitch and pam.

Hello List, below our smb.conf and loglevel 5 output of a failed authentication. We want to get the Unix User details from MS-SFU using the new idmap_ad Backend. If the Windows User is mapped to local name it's all fine. But if we want to use our SFU Users it fails. We believe getpwnam() on AIX is faulty. "id username" and login works for all users local and AD! Any ideas how to

On Sun, Feb 24, 2019 at 08:16:55AM +0000, Rowland Penny via samba wrote: > Well yes, it could be used for the default domain, but what about the > 'DOMAIN' domain ? > > From my understanding, the default range is meant for the Well Known > SIDs and anything outside the given domains and there are less than two > hundred Well known SIDs. > > To be honest, I have

with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD by using winbind for authentication as well as for the source of nss info. When winbind is configured to use its own local id maps, everything works fine. But when i configure winbind to use 'ad' as the source of nss info, authentication fails, 'getent' commands return no results, and 'wbinfo -r

Is then new idmap_ad module capable of getting uid/gid info from a Windows 2003 AD pre-R2 with RFC2307 Unix Identity Mapping Extensions applied? Also, is the correct syntax for specifying the schema_mode as follows: idmap config dom.example.com:schema_mode = rfc2307 (I am not confident that I am reading the idmap_ad manpage and the new idmap document correctly.) Thanks for the help, Murthy