similar to: getent group fails

Hi, I'm having problems to authenticate users with winbind. I'm implementing Squid3 Server and this server is working properly. But I think there is a problem with winbind (perhaps winbind separator), because when I put ^ as separator, how in Domain^Users, the error message appeared: root at proxy:~# *echo "bacci Domain^Users" | /usr/lib/squid3/wbinfo_group.pl

Hello, I have been using samba to authenticate my squid users to Active Directory. Because of the amount of users, I would like to set up my ACL's based on groups, rather than individual user accounts. I have successfully joined my samba box to our windows domain (2k). For some reason I had to enter the domain controller name instead of the domain name when doing so. I am now having issues

Hi all, I'm having trouble getting ntlm_auth working with the "--require-membership-of=" option. I did rebuild the Samba RPM so that it had the --enable-auth="ntlm,basic" and --enable-external-acl-helpers="wbinfo_group" settings. The command line test for the squid-2.5-basic protocol returns an "OK". The one using the squid-2.5-ntlmssp protocol

Hi Samba Folks, we use Ubuntu 16.04 LTS with Samba 4.3.11 (from distribution). Our ADS is Windows 2008 R2. We want to use Linux as a squid proxy with domain auth (SSO). Problem is, that most of the usernames have a white space and it seems that winbind wont handle it. I get this on my cache log with /usr/lib/squid/ext_wbinfo_group_acl (wbinfo_group.pl) script. Got max Internet-Access from

Hi all! I'm trying to setup a linux samba server as a domain member of a SINGLE FOREST MULTI DOMAINS. The forest is a 2 servers acting as a global catalog. Other domains are child domain with implicit trust with forest. I setup a linux server with samba as a domain member to work with squid, authenticating users and verify user's groups membership. I need to allow access to squid only to

I'm trying to configure Squid ntlm autentication on Samba4 DC. I followed Squid and Samba's documentation and i got success when I login with user natalia.silva, but if I log with natalia.vaz i get the error -- Nat?lia Vaz Silva Administradora de redes

I know, I know, this again :) The company I work for would like to use squid for proxy authentication purposes using NTLM, using a Windows 2008 R2 server as a DC. I've managed to setup samba/winbind to use ads and successfully joined the domain. Configured nsswitch.conf to lookup winbind entities (however I didn't touch PAM configuration, as I don't actually want the users to be able

Hi samba community. I'm having a problem with the smb_auth authentication method. Everything looks like normal, but everytime I try to use smb_auth it returns ERR. I will show here some commands output to secure that all configuration is correct, and if anyone can help me to investigate what's happend I'll thanks. I'm using: Debian lenny, updated. ii samba 2:3.2.3-1

Hello, I'm having trouble when I try do get a group SID from my domain, the user lookup and authentication is working fine. Actually what I'm trying to do is to authenticate squid against MS AD using winbind. I need to restrict access by group, so I'm using wbinfo_group.pl to do it. The machine has been built to be a proxy server only. I'm using Suse Linux 9.3 Professional

Hello, i am using samba 3.0.9 (winbind in particular) on RHES server for a squid project : to authenticate users or check in they are member of some groups on AD W2K servers. It has been working fine for one year. Last week, we have defined new AD groups to use for this project. The problem that i am facing, is that for some users, the check to see if the user is in the group is working fine,

Yes, it is. I've made that some times... After having the Samba infra-structure running (winbind -u, winbind -g, winbind -a), you need to create some ACLs in squid.conf, take a look at: http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#winbind To check group membership you can use wbinfo_group or LDAP, I had some problems setting wbinfo_group with Samba 3.0.2, that's why I use LDAP. If you

Hi All, i was trying to configure proxy server, which will authenticate only for the users in group called "internet" that's in my Windows2003 ADS previously i configured my proxy server for all users in my domain and it was working well i think, i have some problem using external_acl_typel Please Help Following is my present squid configuration squid-2.5.STABLE6-3.4E.11

So far I have been used to using linux to provide simple routing from my network to others using commands such as ip route add 192.168.1.0/24 via 192.168.0.4 etc and it has all worked perfectly. I also use smoothwall GPL to provice vpn services, however I have hit on a problem and am not at all clear on the way in which to proceed. I now need to provide a route to services, the access to these

Hi there, I've written some enhancements to scp.c and pathnames.h to enable the scp to arbitrarily set the remote scp path. (eg $ scp -e /usr/bin/scp foo user at bar:foo) I did read the "scp: command not found" FAQ entry but I'm not quite sure why we can't do this, unless it's because enhancements to scp are no longer a priority. Any other reason why it "is the

Rowland, I decided to start over with a fresh install and attempted again. Only change I made was to start my mappings at 10000. I gave 'Domain Users' group gid 10000 and 'tuser' has uid 10001. Still didn't work btw. dn: CN=Test User,CN=Users,DC=domain,DC=local objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: Test User sn:

I've setup dovecot to auth both system and virtual users but it is refusing to work. It keeps saying user is not found. Is there something more that I need to set? dovecot.conf: ============================================================================ = default_mail_env = maildir:/var/mail/%1.1u/%u/Maildir mail_extra_groups = mail protocol imap { } protocol pop3 { } protocol lda {

Hello, I have a Samba 3.6 server (MUST stay at 3.6) and I want to user the "ad" backend for usermapping. Here is my smb.conf: -------------- [global] security = ADS workgroup = example realm = EXAMPLE.NET loglevel = 4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes idmap config * : backend = tdb idmap config * : range = 5000-7999 idmap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, dovecot version 1.2.12 on freebsd 7.0 with dovecot-sieve-1.2+0.1.17 I have users in ldap and aliases in /etc/aliases and i use postfix. There is an alias testuser at hostname for tuser at hostname. When tuser uses sieve vacation and uses the :addresses options with his email address (tuser at hostname), the response is also sent, if a mail to

Hi Rowland, I forgot to tell you the results were from my Domain Controller and not the member server. Member server returned something to the effect of 'user not found'. I am only starting the 3 services(smbd,nmbd and windbindd) listed in the wiki. Should I be starting Samba with command line switches to start as a member server? Is that even possible? Thanks for you

Rowland, I had a typo in my hosts file which is the reason my initial DNS update failed. Corrected and joined again. Successfully joined and updated DNS A record. I then made sure to give 'Domain users' a id of 10000. I am now able to run' getent passwd' and see all my domain users! YES! However I still see something that confuses me. When I run 'id tuser' I get