Displaying 20 results from an estimated 3000 matches similar to: "Idmap_ad not working correctly under samba 3.5.2"
2010 May 04
2
Getent passwd and getent group fail / Samba 3.5.2
Hi all,
I just stepped over a problem where I can't add a local user to an AD group. Running getent passwd and getent group doesn't display the AD users. Wbinfo -g and -u work fine. Here is my smb.conf:
[global]
netbios name = sles11test1
realm = SOMEDOMAIN.NET
workgroup = SOMEDOMAIN
security = ADS
encrypt passwords = yes
password server =
2010 Apr 23
4
Winbind 3.5.2 caching issues under SLES11???
Hi,
I don't know if this is a problem of SLES11 or winbind itself. I
recently installed the lastest samba winbind 3..5.2 on a SLES9 box and a
SLES11 box.
If I remove a user from a group in Active Directory the change is
visible immediately on the SLES9 box but not on the SLES11 box. Both are
running exactly the same version of winbind:
gedaiv64:~ # cat /etc/SuSE-release
SUSE Linux
2009 Sep 02
1
Samba 3.4 is unable to list users with getent and id (idmap_ad backend)
Dear All,
I'm using Samba Version 3.2.6 under Solaris 8 with the following config:
netbios name = pegasus
realm = REALM.NET
workgroup = REALM
security = ADS
encrypt passwords = yes
password server = *
os level = 20
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap backend = ad
idmap config
2010 Sep 09
1
Samba-winbind 3.5.4 primary group is always domain users!!!???
Dear All,
I stepped over a strange issue today. I have one installation of samba
winbind 3.3.2 on a Ubuntu machine. Changing the primary unix group of a
user is updated immediately. On a newer samba 3.5.4 installation the
primary group is not updated at all. It always displays "domain users".
Is there a new setting for the smb.conf? Here is my smb.conf:
[global]
netbios name =
2005 May 08
2
Samba / AD / Winbind issues
List members,
I have an issue that I hope one of you can help me with ... I have
set up a AD ( 2003 ) as PDC and a RHE3 AS server running Samba V3.0.6-2.3E
following the instructions in the HOW-TO- By example. Here is what I have
at the moment ..
I had no problems adding the RH server to the Domain and I have Winbind set
up in the nsswitch.conf file for passwd, group and hosts
I
2004 May 19
0
idmap_ad compile problem
I saw a message on this mailing list about compiling the idmap_ad.c,
back in October of last year... and I'm having the same problem... When
I try to compile it, the message I get is:
gcc -I/usr/include/linux -I/root/samba/samba-3.0.4/source/ubiqx
-I/root/samba/samba-3.0.4/source/popt
-I/root/samba/samba-3.0.4/source/smbwrapper
-I/root/samba/samba-3.0.4/source
2011 May 17
1
How can I confirm that idmap_ad is being used?
How can I confirm that idmap_ad is being called?
I've configured Samba with --with-shared-modules=idmap_ad, built and
installed it; the file ad.so is now present in /usr/local/samba/lib/
idmap/
as expected. I then added the following to smb.conf:
idmap backend = tdb
idmap uid = 65536 - 999999
idmap gid = 65536 - 999999
idmap config SU : backend = ad
idmap config SU :
2008 Mar 28
1
Problems with Samba(idmap_ad/sfu on AIX
I'm unabe to use idmap_ad and sfu nss info with Samba on AIX. The
configuration as it is works on a Linux build.
workgroup = DOMAIN
realm = DOMAIN.TLD
server string = SERVER
security = ADS
idmap domains = DOMAIN
idmap config DOMAIN:default = yes
idmap config DOMAIN:backend = ad
idmap config DOMAIN:range = 1000 - 60000
2006 Aug 25
0
Attempt to configure idmap_ad giving error on uidNumber
My long sojourn to get some configuration set up that will then allow me
to set a uid of an ad user to whatever unix uid I want (nfs reasons), is
still going. I set my backend to ad and added the winbind nss info =
sfu. Nothing happened initially in the log.winbindd-idmap, but after
lunch I saw some new things in there:
83390]: sid to uid S-1-5-21-54348060-1989963526-242692186-2762
[2006/08/25
2007 Apr 02
0
Samba domain members and idmap_ad
Hello All;
I have a small, isolated, network consisting of a W2K3 (sp2) domain
controller and about 20 client PCs which dual-boot between Win XP Pro and
Fedora 6. I am attempting to configure Samba (3.0.24), which runs only on
the client machines when Fedora is booted, for single log-on and roaming
profiles. MS Services for Unix (SFU) v3.5 is installed on the W2K3 domain
controller, so I would
2008 Feb 19
0
idmap_ad and multiple domians
Has anyone else gotten samba functioning with idmap_ad and multiple domains?
In our environment we have a domain with two child domains. There is one child
domain for students, and another for faculty staff. Our servers are joined to
the student domain, but need to be able to enumerate users in the staff domain.
When attempting to lookup a user (wbinfo -i 'NAU\car3') that only exists
2016 Jan 26
0
idmap_ad problem and workaround
On 26/01/16 18:48, Joe Maloney wrote:
> Hello all,
> Samba Version 4.1.21 on 8 servers as member servers configured with
> idmap_ad. I have all the RFC2307 attributes configured for every user, and
> group. I wrote a script to ensure that. I have scripts in place to make
> sure I don't have duplicates, show users without attributes, etc. I also
> filter out the users I
2004 Sep 22
1
idmap_ad: sid to uid conversion fails
I have two boxes on which I am trying to get idmap_ad
(from xad_oss_plugins) to provide uid/gid mapping, and
am getting the error:
"Could not convert sid <sid of some_user> to uid"
The story so far goes like this:
Without the line
"idmap backend = ad:ldap://<PDC's FQDN>/" in smb.conf,
I can successfully do all of:
#> wbinfo -S $(wbinfo -n some_user | awk
2007 Jun 22
3
idmap_ad Integration with Windows 2003 pre-R2
Is then new idmap_ad module capable of getting uid/gid info from a Windows 2003 AD pre-R2 with RFC2307 Unix Identity Mapping Extensions applied?
Also, is the correct syntax for specifying the schema_mode as follows:
idmap config dom.example.com:schema_mode = rfc2307
(I am not confident that I am reading the idmap_ad manpage and the new idmap document correctly.)
Thanks for the help,
Murthy
2016 Jan 26
2
idmap_ad problem and workaround
Hello all,
Samba Version 4.1.21 on 8 servers as member servers configured with
idmap_ad. I have all the RFC2307 attributes configured for every user, and
group. I wrote a script to ensure that. I have scripts in place to make
sure I don't have duplicates, show users without attributes, etc. I also
filter out the users I don't want to see by placing them outside of the
range set aside
2016 Jan 26
2
idmap_ad problem and workaround
The DC's are running Windows Server 2012R2. The directory itself has
RFC2307 attributes. The file servers are running FreeBSD with Samba 4.1.
These are just member servers not joined as domain controllers. I have
tried to upgrade to samba 4.2, and samba 4.3 as a test with no difference.
Here is a peak at the smb4.conf via pastebin.
http://pastebin.com/Ai14LREW
Joe Maloney
On Tue, Jan 26,
2004 Sep 23
1
Re: [Solved] Re: idmap_ad: sid to uid conversion fails
>It's probably worth noting that for users who are
>adding idmap_ad over an existing winbind setup, the
>old mapping has to be deleted as above.
Thanks, I'll put this in the README for the next version.
regards,
-- Luke
--
2012 May 03
2
template homedir and idmap_ad
Some empirical testing shows that if I am using the idmap_ad module the
template homedir parameter in smb.conf is ignored. I would just like to
determine if this is the correct behaviour or if I am doing something wrong.
JAB.
--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
2014 Aug 12
2
request for idmap_ad module to be built as default
Hi
4.1.11 no longer includes the idmap_ad module in a default ./configure.
This has caught out at least two list users recently. We think it is
important enough to reinstate as default. Anyone with us? Especially
those whose task it will be to have to tell users via the list of the
change. . .
Cheers,
Steve
2008 Feb 15
1
idmap_ad alloc to store uid/gid attributes in AD
It would be a handy feature to have idmap_ad implement an alloc routine to write back the uid and gid mappings to AD either as SFU attributes or RFC 2307 attributes.
I figure this could allow dynamic uid and gid allocation that can be easily preserved across multiple domains in a Windows environment.
Has there been any attempt to provide this feature?
Ross S. W. Walker
Information Systems