similar to: When is a machine SID created?

Good evening, Distro: ClearOS 6.3 (RHEL-derived with a distro-specific web configuration tool for samba) I'm only about 90% sure it's version 6.3. Samba version: 3.6.10-1.v6 Intended use: NT4-style PDC for Windows XP clients Issue: My distro's "add machine script" uses the output of "net getdomainsid" to help populate the new machine account's sambaSID field

Do these programs still exist? They don't seem to be part of the samba3x package on RHEL5.

Is there a trick to being able to access shares via \\domain\dfsroot\.. rather than \\computer\dfsroot\... ? Only the latter works for me - samba 3.0.22

Scenario: a) Samba with an ldap backend. b) The ldap database becomes irretrievably corrupted. c) I roll in a new ldap database from a known good copy. d) Problem is the passwords for the machine accounts are out of date. e) Is it possible to coax Samba & the clients (mostly XP) to resynch their passwords? f) I want to preserve the client computers SIDs & names. g) I really

On Mon, 2023-08-28 at 23:46 +0200, Peter Koch via samba wrote: > Hi Andrew and Roland, > > I spent some hours today to debug the problem by > adding lots of printf-statements into the samba4 > source. > > Here are my findings: > - upgrade.py calls passdb.get_global_sam_sid() > - get_global_sam_sid() calls pdb_generate_sam_sid() > - pdb_generate_sam_sid() calls

There has been a low continuing level of confusion over the terms "Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all instances of "Static NAT" have been replaced with "One-to-one NAT" on the web site and in the CVS configuration files (Shorewall/ project). The documentation in 1.4.9 will also contain this change. -Tom -- Tom Eastep \

Environment is Samba as a PDC, OpenLDAP backend, with smbldap-tools providing the scripts to manipulate the data. What are the recommended/mandated organizational units (OU=) for user, computer, group info. I'm pretty sure that groups go in ou=Groups, but I am confused about where user and computer data goes. I have seen ou=People, ou=Computers, and ou=Users in various places. Which is it

This is some ramblings on why using proxy ARP (on a host in a DMZ) is a good or bad thing. The good is that a computer X retains a public IP address which makes it easy to connect it directly to the net if the firewall has to be taken down for extended periods. Thus, if computer X is a mail server for example, it can still function in a reduced capacity until the firewall is restored. The bad

On the firewall, what is the rationale for giving eth1 an IP address that is also assigned eto eth0? (Rather than a private one.) -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

The problem scenario I describe was reported previously in the Shorewall lists but its resolution does not seem to have made it into the lists. Scenario: Windows XP client seeking to establish a VPN connection to a Windows 2003 Server located behind a Shorewall firewall (running on Mandrake kernel 2.4.22-37mdk). The connection cannot be made, the client reports error code 721. Discussion:

Hi, especially John H. T :) I'm yet again plodding through chapter 14 of the Samba-HOWTO-Collection.pdf. Not because I can't make what's in it work for me, I did that long ago, I found out for myself, because a great deal of what's in it is wrong. I just got fed up with trying to get Nagios to work - I gave up, for various reasons and started on the Samba doco. At the risk of

Are there any scenarios that require traffic from a zone to itself to be blocked? If not, Shorewall should possibly allow it as a matter of course. It seems strange having to explicitly create such a policy & it''s not immediately obvious when it is required. -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

Hello, I recently noticed a problem on our PDC (samba 3.0.32 on SLES 10 SP2) which I kind of know how to solve after web research but I am unclear about the possible consequences for our domain and clients. The situation is this: Originally samba was set up on this machine to test. Back then its hostname was infrahostnew, so there is a SID for that NETBIOS name in secrets.tdb. When the PDC went

I don''t think this has anything to do with Shorewall but I am not too familiar with iptables stuff yet so I''m not sure. Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar) for i586 Kernel 2.4.22-37mdk. Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN. You can do this from a firewall/router, or even from a

I have a domain with Samba 3 acting as PDC, and using LDAP (passdb backend = ldapsam). I now wanted to add a second Samba 3 machine as a simple file server. I get errors with getdomainsid and getlocalsid, so there is obviously still something wrong with my config. The PDC runs Samba 3.5.6 on Debian Squeeze. Sid queries return: # net getdomainsid SID for local machine MY_PDC_HOST is:

All, I'm trying to migrate to samba3 from nt4. Unsuccesfully so far :-(. Instructions are from idealx how-to v1.6. Enviroment is RHFC2/Samba 3.0.3-5/OpenLDAP 2.1.29 Membership to the domain is ok ---------------- # net rpc testjoin Join to 'NT-DOM' is OK ---------------- The next step would be vampire but it fails with reference to smbtest2-domain. I can't figure out wherefrom

Dear samba experts, I did a classic upgrade from a Samba 3.6.14 samba NT4 DC to a Samba 4.18.2 AD-DC. It does not work and I just want to make sure that I have the correct understanding of our domain SID. On our old Samba server net getdomainsid shows: SID for local machine SERV00 is: S-1-5-21-1415314133-2460755331-2761616138 SID for domain NAV is: S-1-5-21-1415314133-2460755331-2761616138

Dear Samba Gurus, I got the following errors: tail -f /var/log/samba/log.wb-DOM1 [2013/07/02 15:49:19.990168, 2] winbindd/winbindd_rpc.c:320(rpc_name_to_sid) name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED log.smbd [2013/07/02 15:40:51.809516, 2] auth/token_util.c:455(finalize_local_nt_token) WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids?

Hello, I try to setup a new test environment with Samba and LDAP but I could not get my domain SID. [root@ ~]# net getdomainsid SID for local machine LDAP-TEST is: S-1-5-21-1044143993-2427131616-1047417663 Could not fetch domain SID What I am do wrong or forget to do? Thanks, Bernard

If I configure a samba PDC and then a samba BDC, do I need a machine trust account for the BDC? That is, do I have to run "net rpc join" on the BDC? Or manually create the account for the BDC in LDAP? -- Mariano Absatz - "El Baby" el.baby at gmail.com www.clueless.com.ar