similar to: IDMAP question

I've been at this for days, and making no headway. It's very discouraging. I have a Win2003 domain, that has the Services for Unix extensions installed. I am trying to have multiple Samba servers as domain members. (in my case, one desktop sharing files, and one laptop, accessing the shares). And at the moment, it doesn't (fully) work. Each Samba server can see shares from the other.

clients on the domain. But I can not mount shares from the other Samba server; I always get "Permission denied". $ sudo mount -t cifs //workhorse/OldHome /mnt/OldHome -o username=DACRIB+turgon --verbose Password: mount.cifs kernel mount options: unc=//workhorse\OldHome,ver=1,rw,username=DACRIB+turgon,ip=10.0.0.20,pass=******** mount error(13): Permission denied Refer to the

I am *still* unable to mount shares from a Ubuntu 10.04 server, using a Ubuntu 10.04 laptop. I totally re-formatted both my desktop and my laptop with Ubuntu 10.04 (so that they would be using the same version of Samba). I am using the exact same smb.conf for the 2 machines (less the share definitions, which exist only on the desktop, known as "workhorse"). wbinfo -u, wbinfo -g,

I set up an old laptop with Xubuntu 9.10. I configured Samba as to work with my Win2003 AD domain that has MS Services for Unix installed. I can get a Kerberos ticket. I successfully added the laptop to the AD domain. wbinfo -a shows me all users, domain and local. wbinfo -g shows me all groups. wbinfo -a user%password returns successfully. "getent passwd" works as expected - I see

Greetings! I am having a bit of an issue using Ubuntu 9.10 and AD 2003. AD domain = dacrib.local AD server = dim-2300.dacrib.local IP = 10.0.0.60 Samba server = workhorse.dacrib.local IP = 10.0.0.20 I have been following <https://help.ubuntu.com/community/Samba/Kerberos>, and my Kerberos seems set up properly, as I can get a ticket. root at workhorse:/etc/samba# klist Ticket cache:

Some may remember all my issues trying to get one Samba server to mount shares from another Samba server. Well, I decided to completely reformat my laptop with Ubuntu 10.04, and start over (leaving the other Samba server at Ubuntu 9.10) (to recap - I have a Win2003 AD (not R2), with SFU installed) I took the smb.conf from the 9.10 server (running 3.4.0) and loaded it on the Ubuntu 10.04 laptop,

Once again, I am trying to add a machine to my Win2003 AD (that has Services for Unix installed). I am using Xubuntu 9.10, and samba 3.4.0. I set up Kerberos, and am getting a ticket. I have successfully joined the domain. # net ads join -U administrator Enter administrator's password: Using short domain name -- DACRIB Joined 'DUAL-BOOTER' to realm 'DaCrib.local' wbinfo -u

Honestly, it's enough to make you scream. :-( I can't seem to mount a samba share: $ mount -t smbfs //workhorse/OldHome /network -o username=DACRIB+turgon,password=xxxxxx mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) (I'm logging into this laptop as the domain user DACRIB+turgon, domain = DACRIB. That part works perfectly.) I have

So I ended up doing a net ads leave which removed the machine account from Active directory. Now I am trying to re-add it, but it seems to still be hanging around in Kerberos ... root at workhorse:/etc# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator at DACRIB.LOCAL Valid starting Expires Service principal 04/24/10 17:25:50 04/25/10 03:25:55

I am confused (nothing new there ...). I have 2 Ubuntu 9.10 Samba servers. I am trying to mount a share from the other (i.e., "workhorse" is trying to mount a share on "dual-booter"). If I specify a smbmount command with a -k option, I can mount the share: turgon at workhorse:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: turgon at DACRIB.LOCAL Valid starting

This used to work ... root at workhorse:/var/log/samba# wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_ACCESS_DENIED (0xc0000022) Could not check secret root at workhorse:/var/log/samba# net ads info LDAP server: 10.0.0.60 LDAP server name: dim-win2300.DaCrib.local Realm: DACRIB.LOCAL Bind Path: dc=DACRIB,dc=LOCAL LDAP port: 389 Server time: Sat, 24 Apr 2010

I have Linux machine with Samba 3.5.11 working great. I was using passdb backend = tdbsam So when I tried to setup a second Linux machine I failed..since UID/GID's were different when I copied fiels from server 1 to server 2. Would you recommend me to use IDMAP_RID with Winbind? BTW, I don't have domain trusts (which is required to be "off" when using rid). It's a

Greetings! I am having a bit of an issue using Ubuntu 9.10 and AD 2003. AD domain = dacrib.local AD server = dim-2300.dacrib.local IP = 10.0.0.60 Samba server = workhorse.dacrib.local IP = 10.0.0.20 I joined the server to AD, and I can see all the domain users and groups when I do a "getent passwd" and "getent group". "wbinfo -u" lists all domain users, and

So, after reading many samba setup pages I was under the impression that “properly” configuring idmap for an AD domain should look something like this security = ADS idmap config * : backend = tdb idmap config * : range = 10000-50000 # DOMAIN realm = DOMAIN.COM<http://DOMAIN.COM> workgroup = DOMAIN idmap config DOMAIN:backend = ad

Hi, I configured a SaMBa PDC and a BDC with a master and a slave OpenLDAP. I set up TLS, because I wanted secure syncrepl. Slapd runs with -h ldap:// 127.0.0.1/ ldaps.///. I successfully joined an XP client to the servers' domain, I see shares (but I havent logged in as a domain user, because I have to create a default profile first). My problem is in the log.winbindd-idmap log file:

I have a problem with a Member Server on Samba 3.0.28a running on Ubuntu Heady. Both systems were recently upgraded using Ubuntu's automated upgrade. It's also possible I broke a working configuration by accident. The shares on the Member server are visible on the XP clients and some users can authenticate properly. At least one user on one XP desktop cannot. The shares are visible

I have a small work group with a Domain Controller and 2 Member Servers. I am upgrading everything to the Ubuntu 10.04 LTS and then to LDAP The Domain Controller - HAMLET Ubuntu 8.04 LTS Samba Version 3.0.28a Member Server -REMUS Ubuntu 10.04 LTS Samba Version 3.4.7 Member Server -ROMULUS Ubuntu 10.04 LTS Samba Version 3.4.7 The member servers are identical hardware and the operating system

Hi, I am running Samba 3.0.1 on a Debian/Sid machine. I have installed winbind to access the AD of the local network, which I want to use for UNIX logons. wbinfo -u shows all the users of the AD, but "getent passwd" only shows the contents of the file /etc/passwd. I have been following the instruction for winbind (Chapter 21) in the Samba-HOWTO-Collection. Any comments would be

Samba 4.7.6-ubuntu Using Ubuntu 18.04.1 LTS logging in, in AD Domain Hi, would like to know where or how i can define the TTL for the cached winbind offline logon. Actually it´s around a day, afterwards i can´t login in my AD-User when i´m still offline but would like to extend the time. Thanks. My smb.conf looks like this: [global] winbind enum users = yes winbind enum groups = yes winbind

I joined my Debian 9 server into a Active Directory Structure as a domain member. Not as a DC. Then when I try to share a folder on this server and the client PC can't correctly authenticate and use the folder. It keeps saying "Access Denied" on Windows client PC. There is no error in log files (/var/log/samba/). If I allow anonymous users, it works fine. I used to use the same