similar to: Samba4: rfc2307 compatibility with Samba3

On Mon, 30 Oct 2017 10:58:01 -0600 Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > nope that just brute forced homedir and shell. It'll work for what I > want this machine for but I'd like to get the homedir and shell from > AD > The only real thing running authconfig did to the smb.conf was to add: password server = MIND.UNM.EDU You shouldn't need this,

Hi all, i've got samba 3.6 joined to a ad domain (s4 in this case) running winbind all looks ok, but i ran into a problem (for us that is) i've got 2 groups (students and employes) who have there home dirs in 2 different places. /home/students/<user> /home/employ/<user> so far so good, but i can't make the [homes] work for both of them (just 1 group) in winbind

We have a couple Samba4 AD domains we've implemented and I've noticed a difference between how users look when created via ADUC versus samba-tool. Created via ADUC, the following extra attributes are added: msSFU30Name: bilbo msSFU30NisDomain: netdirect unixHomeDirectory: /home/bilbo unixUserPassword: ABCD!efgh12345$67890 Created via samba-tool, the following extra attributes are added:

On Mon, 30 Oct 2017 12:22:54 -0600 Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > No, fedora is action strange. it isn't getting the loginShell and > unixHomeDirectory attributes even if I take out the templates. also it > sets a bunch of other files up and I'm not sure what all it is doing. > Forget it is Fedora, do not use their tools and set up the individual

On 07/11/15 17:47, Jonathan Hunter wrote: > On 7 November 2015 at 17:01, Michael Adam <obnox at samba.org> wrote: >> Also, for all I know, the DC always has local unix user and group >> IDs, and does NOT use the rfc2307 attributes for this. (Unless >> this has changed recently, but I can't imagine how.) So there is >> nothing wrong with samba not using the rfc

On 01/12/14 19:19, Jeremy Allison wrote: > On Mon, Dec 01, 2014 at 11:14:59AM -0800, Greg Zartman wrote: >> On Mon, Dec 1, 2014 at 11:09 AM, Rowland Penny <rowlandpenny at googlemail.com> >> wrote: >> >>> NO NO I can't take anymore :-D >>> >>> Please read the rest of the thread, it will explain all. >> >> People seriously use

I am using AD DC. I already have a domain Samba3 + Openladp, I'm creating this new domain Samba4, but I want to import all users who have already registered in my base Openldap. If it was the same demesne I would use the migration tool, but it's a different domain. -- View this message in context:

Hi all On latest samba 4.2.1 I have provisioned a new domain on DC1 that successfully reads RFC2307 attributes set on a user account through ADUC. wbinfo (correct uid gets resolved from sid) wbinfo -n fsmith S-1-5-21-1273750850-484487853-1026460749-1120 SID_USER (1) wbinfo -S S-1-5-21-1273750850-484487853-1026460749-1120 1000006 ldbsearch sudo ldbsearch -H

In our current testing environment, we are using nslcd to get user and group information from the Samba4 LDAP server, using the last part of objectSid as uidNumber. The configuration is designed to pull down unixHomeDirectory and loginShell if they exist, but they default to standard values if they do not. nslcd on each machine binds to LDAP using a dedicated user account, nslcd-service, and

I'm confused about how to authenticate users of other Unix services with Samba4 AD. After trying the classic upgrade on a test server, I can use smbclient. However, "getent passwd" doesn't show the users, and I'm not sure what I have to do now. On the live machines, I have openldap, pam-ldapd and nslcd running to authenticate users of Samba 3 as well as ssh, postfix,

On 14/06/16 18:46, Juan Ignacio wrote: > Yes, im run ´´net cache flush´ on ADDC and MEMBER SERVER. > > Im using Win10, And Win7 > > > OK, if you are running RSAT on a windows 10 machine, can I suggest you use a windows 7 machine instead, it is my understanding that win10 no longer has the Unix attributes tab. If you use ADUC on a win7 machine, you can install IDMU, this will

Red Hat Enterprise Linux Server release 5.2 (Tikanga) - x86_64 Samba - 3.0.28-0.el5.8 Objective: To have samba authenticate against AD and utilize the values set for the AD rfc2307 schema. Problem: Values stored in AD are not being used. The samba server has successfully joined the AD, but when I do a getent passwd | grep <user> the uid, none of the values returned match what is stored in

This is in a test environment: Also, it is wordy, but I'm hoping it explains my scenario. I am migrating from a custom LDAP+Samba3 authentication solution to Samba4. I have used the classicupgrade option to pull off the data from the existing ldap server to populate the samba4 database. I've installed AD DS and Server for NIS tools on a Windows 2008 server that is connected to the Samba4

On 2015-11-09 at 09:05 +0000, Rowland Penny wrote: > On 09/11/15 08:03, Michael Adam wrote: > >On 2015-11-09 at 07:57 +0100, buhorojo wrote: > >>On 08/11/15 23:40, Michael Adam wrote: > >>>please submit a bug report at https://bugzilla.samba.org/ > >>There are already many. Start with 10886. > >Ah, thanks for the pointer. > >We need to follow up

On 09/11/15 10:05, Rowland Penny wrote: > On 09/11/15 08:03, Michael Adam wrote: >> On 2015-11-09 at 07:57 +0100, buhorojo wrote: >>> On 08/11/15 23:40, Michael Adam wrote: >>>> On 2015-11-08 at 22:50 +0100, buhorojo wrote: >>>>> On 08/11/15 21:01, Michael Adam wrote: >>>>> >>>>>> so sssd is not at all an option.

I finally got to test it and it works OK something really strange is occurring though It works good as follows except for groups but I'll look at that latter as I see others have mentioned some issues with groups here is my /etc/samba/smb.conf security = ads realm = DOMAIN.LONG workgroup = DOMAIN idmap config * : backend = tdb idmap config * : range = 900-999 idmap config

OK, so I have compiled 4.2rc2 in a VM to test it. Now I thought that by using the new winbindd a lot of the old problems would be gone. I have created a new user, given him a uidNumber and the loginShell & unixHomeDirectory attributes, I have also given Domain Users a gidNumber. if I run 'getent passwd rowland' , I get this: rowland:*:10000:10000:Rowland

On 07/11/15 18:23, Michael Adam wrote: > On 2015-11-07 at 18:00 +0000, Rowland Penny wrote: >> On 07/11/15 17:47, Jonathan Hunter wrote: >>> On 7 November 2015 at 17:01, Michael Adam <obnox at samba.org> wrote: >>>> Also, for all I know, the DC always has local unix user and group >>>> IDs, and does NOT use the rfc2307 attributes for this. (Unless

It is actually rather easy to set the attributes via powershell, and that is probably the best way to add them in a Server 2012 R2 environment. I wrote a powershell script to do this automatically for users and groups in an entire domain that should be pretty generic to be reused. It also mirrors the logic used in automatic winbind UID/GID generation to be able to coexist in an environment where

Hi all, I've just installed Samba 4.3.6 on Debian jessie amd64 (as described in the wiki [1]) and everything seems to work properly except for rfc2307 data that winbind doesn't retrieve from AD backend, shell is always "/bin/false", homedir is always "/home/DOMAIN/username" and "getent passwd" also lists user without unix attributes. I have configured idmap_ad