Displaying 20 results from an estimated 6000 matches similar to: "Domain Admin cannot access files"
2012 Aug 17
1
XP Administrator has no access to shares
Hi
S4 DC with S3 fileserver.
smb.conf on the fileserver:
[global]
workgroup = ALTEA
realm = HH3.SITE
security = ADS
kerberos method = secrets and keytab
winbind enum users = Yes
winbind enum groups = Yes
idmap config *:backend = tdb
idmap config *:range = 3000-4000
idmap config ALTEA:backend = ad
idmap config ALTEA:range = 20000-40000000
idmap config ALTEA:schema_mode = rfc2307
2012 Oct 18
1
mount.cifs: regular freezes with s3fs
cifs-utils-5.6
samba Version 4.0.0rc3
openSUSE 12.2
LAN of XP, w7 and Linux clients under Samba4 DC and s3fs fileserver
Hi
I am testing the possibility of migrating from nfs to cifs to serve our
Linux clients.
Currently we mount the samba shares, e.g. the home directory, using nfs.
The test setup is that instead of:
mount -t nfs hh1:/home2 /home2 -osec=rw,krb5
I changed to:
mount -t cifs
2012 Feb 10
1
latest Samba 4 does not look in keytab
Hi
After upgrading to
Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer
looks in the keytab for my nfs server entry:
mount -t nfs4 foo bar --o sec=krb5
Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213
for krbtgt/HH3.SITE at HH3.SITE
Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb
The nfs entry is in the keytab:
klist -ke
2011 Dec 28
1
login via Samba 4 LDAP
Hi
I've rfc2703'd the Samba 4 LDAP for a user e.g. steve4. I can search the
database and view it with phpldapadmin. I can't login from a linux console:
ldapsearch -LLL "(cn=steve4)"
SASL/GSSAPI authentication started
SASL username: steve4 at HH3.SITE
SASL SSF: 56
SASL data security layer installed.
dn: CN=steve4,CN=Users,DC=hh3,DC=site
cn: steve4
instanceType: 4
2012 Jan 28
2
nfs4 with Samba 4
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
Conventional nfs4 export works fine, but I'm having trouble kerberizing
it for Samba 4 for my Samba 4 users.
I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home
Here is /etc/exports:
/export
2012 Sep 03
3
Windows boxes cannot find the file server
Hi
I have a Samba4 AD running samba and a Samba3 machine joined to the
domain as a file server. I have smbd and winbind running on the samba3 box.
Samba4: hh30.hh3.site
Samba3: hh32.hh3.site
I can browse the shares (netlogon and sysvol) on the S4 machine by
typing \\hh30 into explorer but if I type \\hh32 I get:
Windows cannot find '\\hh32'. Check the spelling. . .etc.
When I start
2012 Aug 15
1
Samba4 DC with Samba3 file-server howto
Hi
I have a Samba4 DC (hh30.hh3.site, 192.168.1.30) and a Samba3 VM on the
same box (hh33.hh3.site, 192.168.1.33).
How do I tell XP and 7 clients to look at the S4 DC for authentication
and the S3 fileserver for files?
It already does the authentication bit OK. It's mainly the second part
of the question as to how to instruct the m$ boxes to look at the
file-server rather than the DC
2012 Apr 04
1
Samba4 internal DNS problems with smb.conf
Hi
Provision:
/usr/local/samba/sbin/provision --realm=hh3.site --domain=MARINA
--adminpass=123 at Abc --server-role=dc --dns-backend=SAMBA_INTERNAL
I set smb.conf according to the wiki at:
https://wiki.samba.org/index.php/DNS
smb.conf
[global]
server role = domain controller
workgroup = MARINA
realm = hh3.site
netbios name = HH3
passdb backend =
2012 Jan 08
3
Samba 4 krb5.keytab confusion
Hi
I have Samba 4 installed and working. I recently changed FQDN to dns
name hh3.hh3.site. It works OK and e.g. on a windows 7 box which joined
the domain, users can logon. But I have a mess in the keytab:
klist -k /etc/krb5.keytab
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 HH3$@HH3.HH1.SITE
2
2011 Dec 31
1
Samba 4 howto add nfs to krb5.keytab
What's the syntax?
I've tried:
samba-tool spn add nfs/HH3.SITE Administrator
which seems to work, but where do I go from here?
THanks,
Steve
2013 Feb 12
0
cifs: no control over file permissions
Hi everyone
This one is driving me crazy.
Every file that is created in a cifs mounted share is ALWAYS created 0777:
-rwxrwxrwx+
Here is my smb.conf tested with 4.0.3 and 4.1.0pre1-GIT-efd60ae:
[global]
workgroup = MARINA
realm = hh3.site
netbios name = HH1
server role = active directory domain controller
dns forwarder = 192.168.1.1
2012 Aug 02
9
winbind: uid range is ignored
Hi everone.
Ubuntu 12.04 v3.6 clients with winbind joined to 12.04 Samba4 DC
Clients:
smb.conf
[global]
realm = polop.site
workgroup = POLOP
security = ADS
wide links = Yes
unix extensions = No
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
idmap uid = 300000-400000
idmap gid = 20000-30000
/etc/nsswitch.conf
passwd: compat winbind
group: compat
2012 Jan 11
6
Samba 4 kerberos and kinit
Hi
After starting Samba 4, before anyone can do anything, Administrator has
to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0
with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new
2012 Jul 02
7
smb.conf for around 2500 users
Samba4 with Linux and Windows clients wanting to get the same home
folder data.
Hi
A college has students arranged with Linux home directories according to
which year they belong to and which class within that year, a or b or
whatever, they belong to e.g.:
/home2/students/year7/year7a/student1
/home2/students/year7/year7a/student2
...
...
/home2/students/year13/year13a/student2500
To get at
2012 Nov 23
2
Samba4 - Bind Config with DHCP
To those who will eb able to assist,
Platform: On Ubuntu 12.04 I have used the latest Git version.
I have installed isc-dhcp-server and bind9 from the plain apt repositories and have configured DHCP and BIND9 so that DHCP can update DNS entries via the hmac-md5 as so:
key rndc-key { algorithm hmac-md5; secret "XXXXXXXXXXXXXXXXXXXX==";}
allow unknown-clients;
use-host-decl-names on;
2013 Apr 01
3
SAMBA4: pdbedit not changing SID
Since I don't seem to be having any luck with the classicupgrade, I
decided to try starting from scratch and then adding users.
I ran the command:
/usr/local/samba/bin/samba-tool domain provision --realm=<my realm> \
--domain=<mydomain> --adminpass 'mypass' --server-role=dc \
--dns-backend=BIND9_DLZ
Then I tried both adding and changing users. In neither case can I
2012 May 22
1
Samba4: winbind separator
Hi
When I try and login as a domain user called s3:
su MARINA\\s3
I get:
Kerberos: AS-REQ MARINAs3 at HH3.SITE from ipv4:192.168.1.2:50945 for
krbtgt/HH3.SITE at HH3.SITE
Kerberos: UNKNOWN -- MARINAs3 at HH3.SITE: no such entry found in hdb
Kerberos is not seeing the winbind separator.
So I try winbind separator = +
wbinfo -i s3
MARINA+s3:*:3000028:20513::/home/MARINA/s3:/bin/bash
getent
2013 Feb 13
2
Extend Samba4 Schema Scope
Hi All Experts,
I am about to extend our production Samba4 schema to add a few
intra-organizational attributes (Employee ID,Passport No., Date of
Joining, Date of Leaving) . How can
I make change in my samba4 schema. I have already make a post in the
forum, but got no reply. Sorry for
posting again. But precaution should be taken in to prevent the server
from any damage.
Kindly help.
With
2013 Feb 11
1
Samba4: Extending the Schema
Hi
We are thinking of Developing a corporate Directory application the would
pull user information from Samba4 Ad. However for our needs we need some
additional User attributes that don't seem to be available as part of the
AD-schema, such as "Hire Date" or "Emergancy contact information", so it
seems to me that I would need to Extend the Schema to make this user
2013 Jun 29
1
samba4 pdc: Import sudoers active directory schema to ldb
Hi guys and congrats for bringing a fantastic project to the open source world. I' ve setup a samba4 pdc succefully and i am able to do domain logins. I was also able to add the automount schema into the ldb. But when it comes to sudoers schema i cant import it in.
Further system details:
Debian wheezy 7,
samba 4.0.6 compiled from source,
sudo-ldap standard binary package from repos.
I have