similar to: Idmap_ad not working correctly under samba 3.5.2

Hi all, I just stepped over a problem where I can't add a local user to an AD group. Running getent passwd and getent group doesn't display the AD users. Wbinfo -g and -u work fine. Here is my smb.conf: [global] netbios name = sles11test1 realm = SOMEDOMAIN.NET workgroup = SOMEDOMAIN security = ADS encrypt passwords = yes password server =

Hi, I don't know if this is a problem of SLES11 or winbind itself. I recently installed the lastest samba winbind 3..5.2 on a SLES9 box and a SLES11 box. If I remove a user from a group in Active Directory the change is visible immediately on the SLES9 box but not on the SLES11 box. Both are running exactly the same version of winbind: gedaiv64:~ # cat /etc/SuSE-release SUSE Linux

Dear All, I'm using Samba Version 3.2.6 under Solaris 8 with the following config: netbios name = pegasus realm = REALM.NET workgroup = REALM security = ADS encrypt passwords = yes password server = * os level = 20 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 idmap backend = ad idmap config

Dear All, I stepped over a strange issue today. I have one installation of samba winbind 3.3.2 on a Ubuntu machine. Changing the primary unix group of a user is updated immediately. On a newer samba 3.5.4 installation the primary group is not updated at all. It always displays "domain users". Is there a new setting for the smb.conf? Here is my smb.conf: [global] netbios name =

List members, I have an issue that I hope one of you can help me with ... I have set up a AD ( 2003 ) as PDC and a RHE3 AS server running Samba V3.0.6-2.3E following the instructions in the HOW-TO- By example. Here is what I have at the moment .. I had no problems adding the RH server to the Domain and I have Winbind set up in the nsswitch.conf file for passwd, group and hosts I

I saw a message on this mailing list about compiling the idmap_ad.c, back in October of last year... and I'm having the same problem... When I try to compile it, the message I get is: gcc -I/usr/include/linux -I/root/samba/samba-3.0.4/source/ubiqx -I/root/samba/samba-3.0.4/source/popt -I/root/samba/samba-3.0.4/source/smbwrapper -I/root/samba/samba-3.0.4/source

How can I confirm that idmap_ad is being called? I've configured Samba with --with-shared-modules=idmap_ad, built and installed it; the file ad.so is now present in /usr/local/samba/lib/ idmap/ as expected. I then added the following to smb.conf: idmap backend = tdb idmap uid = 65536 - 999999 idmap gid = 65536 - 999999 idmap config SU : backend = ad idmap config SU :

I'm unabe to use idmap_ad and sfu nss info with Samba on AIX. The configuration as it is works on a Linux build. workgroup = DOMAIN realm = DOMAIN.TLD server string = SERVER security = ADS idmap domains = DOMAIN idmap config DOMAIN:default = yes idmap config DOMAIN:backend = ad idmap config DOMAIN:range = 1000 - 60000

My long sojourn to get some configuration set up that will then allow me to set a uid of an ad user to whatever unix uid I want (nfs reasons), is still going. I set my backend to ad and added the winbind nss info = sfu. Nothing happened initially in the log.winbindd-idmap, but after lunch I saw some new things in there: 83390]: sid to uid S-1-5-21-54348060-1989963526-242692186-2762 [2006/08/25

Hello All; I have a small, isolated, network consisting of a W2K3 (sp2) domain controller and about 20 client PCs which dual-boot between Win XP Pro and Fedora 6. I am attempting to configure Samba (3.0.24), which runs only on the client machines when Fedora is booted, for single log-on and roaming profiles. MS Services for Unix (SFU) v3.5 is installed on the W2K3 domain controller, so I would

Has anyone else gotten samba functioning with idmap_ad and multiple domains? In our environment we have a domain with two child domains. There is one child domain for students, and another for faculty staff. Our servers are joined to the student domain, but need to be able to enumerate users in the staff domain. When attempting to lookup a user (wbinfo -i 'NAU\car3') that only exists

On 26/01/16 18:48, Joe Maloney wrote: > Hello all, > Samba Version 4.1.21 on 8 servers as member servers configured with > idmap_ad. I have all the RFC2307 attributes configured for every user, and > group. I wrote a script to ensure that. I have scripts in place to make > sure I don't have duplicates, show users without attributes, etc. I also > filter out the users I

I have two boxes on which I am trying to get idmap_ad (from xad_oss_plugins) to provide uid/gid mapping, and am getting the error: "Could not convert sid <sid of some_user> to uid" The story so far goes like this: Without the line "idmap backend = ad:ldap://<PDC's FQDN>/" in smb.conf, I can successfully do all of: #> wbinfo -S $(wbinfo -n some_user | awk

Is then new idmap_ad module capable of getting uid/gid info from a Windows 2003 AD pre-R2 with RFC2307 Unix Identity Mapping Extensions applied? Also, is the correct syntax for specifying the schema_mode as follows: idmap config dom.example.com:schema_mode = rfc2307 (I am not confident that I am reading the idmap_ad manpage and the new idmap document correctly.) Thanks for the help, Murthy

Hello all, Samba Version 4.1.21 on 8 servers as member servers configured with idmap_ad. I have all the RFC2307 attributes configured for every user, and group. I wrote a script to ensure that. I have scripts in place to make sure I don't have duplicates, show users without attributes, etc. I also filter out the users I don't want to see by placing them outside of the range set aside

The DC's are running Windows Server 2012R2. The directory itself has RFC2307 attributes. The file servers are running FreeBSD with Samba 4.1. These are just member servers not joined as domain controllers. I have tried to upgrade to samba 4.2, and samba 4.3 as a test with no difference. Here is a peak at the smb4.conf via pastebin. http://pastebin.com/Ai14LREW Joe Maloney On Tue, Jan 26,

>It's probably worth noting that for users who are >adding idmap_ad over an existing winbind setup, the >old mapping has to be deleted as above. Thanks, I'll put this in the README for the next version. regards, -- Luke --

Some empirical testing shows that if I am using the idmap_ad module the template homedir parameter in smb.conf is ignored. I would just like to determine if this is the correct behaviour or if I am doing something wrong. JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom.

Hi 4.1.11 no longer includes the idmap_ad module in a default ./configure. This has caught out at least two list users recently. We think it is important enough to reinstate as default. Anyone with us? Especially those whose task it will be to have to tell users via the list of the change. . . Cheers, Steve

It would be a handy feature to have idmap_ad implement an alloc routine to write back the uid and gid mappings to AD either as SFU attributes or RFC 2307 attributes. I figure this could allow dynamic uid and gid allocation that can be easily preserved across multiple domains in a Windows environment. Has there been any attempt to provide this feature? Ross S. W. Walker Information Systems