similar to: AD Integration woes - rfc2307 data not being honored

I have a windows 2003 AD domain and a server joined to that domain. Winbind is being used as an idmap. Most everything seems to work fine. Winbind gets user info correctly: [root@samba ~]# wbinfo -u TESTDOMAIN\administrator TESTDOMAIN\guest TESTDOMAIN\support_388945a0 TESTDOMAIN\krbtgt TESTDOMAIN\swhaley TESTDOMAIN\test [root@samba ~]# wbinfo -g BUILTIN\administrators BUILTIN\users

Hi , I have set up a 2-node CTDB cluster serving NFS and CIFS authenticating Windows and Linux users via Active Directory. The setup works fine, except only one server in the CTDB-cluster is able to join the AD domain at a given instance. If you manually add the other server into AD, the already connected server gets disconnected. There is no specific error message logged in /var/log/message or

> Hi all, > > We have a Samba AD DC service running on Ubuntu 16.0.4 with Samba > 4.3.11. We are planning to upgrade it to a recent version, probably > 4.8.3. > > I think that I have two options: > > a) Package upgrade via 3rd party repositories (Louis Van Belle's repo) > by following wiki. > > b) A fresh install of 4.8.3 on another VM then join it to

Hi, I'm using dovecot with a passdb-file . When I login using : test at testdomain.com I notice dovecot strips off the domainname and looks up everything in front of the @ in his passdb-file... So I went on to configure the following in my dovecot.conf : auth_username_format = %u@%d restarted dovecot, but he still strips of the @ and the domainname ... LOG (sorry for f* up format) :

I am running Samba ver 3.0.33 on Solaris 10 (sparc) as a PDC with LDAP for the backend for both samba and unix accounts. I have also set up a trust with an Windows domain- lets call it WINDOMAIN- (the PDC for the Windows domain is Win 2003 but is in mixed mode for backwards compat.) The SAMBA domain trusts the WINDOWS domain, not not vice versa. I had also tried setting up trusts with

On 4/14/15, J. Echter <j.echter at echter-kuechen-elektro.de> wrote: > Am 14.04.2015 um 14:04 schrieb J. Echter: >> Hi, >> >> we're using thunderbird as our client, it has the functionality to >> sort spamassassin tagged mails in a folder called 'Junk'. >> >> I have this folder on my dovecot server and i'd like to use the >>

Hi, Iam trying to setup Samba version 3.2.3 on Redhat (RHEL5) server to use Active Directory for authentication. I followed the instructions from article in following website: http://technet.microsoft.com/en-au/magazine/dd228986.aspx Setup Winbind + Samba + Kerberos and it seems to work fine. I can see the users in Active Directory through winbind as well as authenticate users using NTLM

Hi, we're using thunderbird as our client, it has the functionality to sort spamassassin tagged mails in a folder called 'Junk'. I have this folder on my dovecot server and i'd like to use the recipient_delimiter feature to get my spam/junk mails directly to this folder. what i have done yet: dovecot.conf: plugin { recipient_delimiter = + } postfix: master.cf dovecot

Hi, I'm trying to find out consequences of overlapped idmap settings that used with 4.3.11 DC's. I'm about to upgrade these DC's to 4.8 version. Before deploying new DCs, I want to make sure that any side effects regarding id map settings will be left behind. # ldbsearch -H /var/lib/samba/private/idmap.ldb | grep xidNumber \ | cut -d' ' -f2 | sort 0 100 3000000

Hi, list. I'm running samba-3.5.4 + winbind on a RHEL 5 server. I'm trying to allow ssh logins to users in a particular Active Directory group in the TESTDOMAIN domain. My problem is that group membership seems to be updated when the user logs in. So, if a remove a user from the allowed group, the first login attempt is successful. This is my samba/winbind configuration: [global]

Joining member Centos 7.8 Linux server with 4.10.4-10.el7 or higher appears to ignore client FQDN when AD domain does not match client domain name.? For example Active Directory Domain is ad1.testdomain.com and the client member server FQDN is? testhost.clients.testdomain.com.? When joining the domain? DNSHostName attribute in AD shows testhost.ad1.testdomain.com when it should be

Hi, I'm trying to join a Samba 4.9.1 Debian Strech installation (also tested with 4.8.6) to a Windows 2012 R2 Server which runs in 2008-R2 functional level. This is a production system and it is going to be first Samba DC in domain. There is currently two Windows DC's in domain. All FSMO roles hold by DC1. It seems there's something going on with Widows DC's bu I'm not able

> > OK, get the 'Windows sysadmin' to go to the 2012 DC and run > 'rendom /end' on it, see if this fixes your problem. > > Rowland Thanks Rowland, that did the fix the problem related with WERR_DS_DOMAIN_RENAME_IN_PROGRESS error. But the problem evolved into a new one: "WERR_DS_DIFFERENT_REPL_EPOCHS" ... Starting replication Join failed - cleaning up

I'm still fighting with getting a Samba server (RH Linux 7.2, kernel 2.4.9-21, samba 2.2.4) to join an NT domain (NT 4.0, SP6). Everything I've read in the documentation indicates that this works well and readily, but I cannot get it to work. The error message received when attempting to join a domain is: ./smbpasswd -j TESTDOMAIN -r SMBTEST cli_net_auth2: Error

Hello all, since some weeks I try to get the following configuration working Windows 2003 AD (no R2!!) with SFU 3.5 Red Hat Enterprise Linux Server release 5.4 (Tikanga) with Samba (samba-3.0.33-3.14.el5) nss_ldap (nss_ldap-253-21.el5) So I wanted to implement the following setup: http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2607783 The main reason using this

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi, i've built dovecot latest cvs on OSX 10.4.7. i'm making a 1st attempt @ trying/failing to get TLS operation up-n-running ... my install's OK: Install prefix ...................... : /usr/local/dovecot File offsets ........................ : 64bit I/O loop method ..................... : poll File change notification method

Hi All, Are there any special CTDB/SMB configuration settings/dependencies to manage Winbind across CTDB managed servers authenticating via Active Directory(AD)? An example would be Samba's IDMAP backend for Winbind: RID vs. AD or tag Winbind to a primary CTDB node and point other nodes to authenticate from AD via proxy primary CTDB node? /etc/sysconfig/ctdb on all nodes is as follows:

I have a samba 3.023c server with winbind joined to a windows 2003 AD domain. The issue I'm having is from the windows computers, I can't connect to shares on the samba server using the administrator account. It works just fine with normal domain users. When I try to connect with the admin account, I the smbd process that forked to handle the request core dumps. The same thing

Redhat 5.2 x86_64 samba-3.0.28-0.el5.8 My system is fully AD integrated, the only issue I have is that when I look up a users group (id, groups, etc.) it takes forever.? This is causing issues due to the fact that I have pam policies in place to allow only users from a specific groups to log in, sudo and/or su.? When the cache expires, it can take over 2 minutes to perform the lookup.? I'm

Hello, I am investigating some strange authentication problems with our network. I am attempting to access a share on a DC with smbclient. If I authenticate with kerberos (kinit, then smbclient -k) then everything works fine. If, instead I use -U administrator -W DOMAIN, or just -U administrator, I get session setup failed: NT_STATUS_LOGON_FAILURE This is samba 3.3.2. Here is the d5 output