similar to: Some Clarification?

On Thu, 21 Mar 2019 19:31:01 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > Today a topic popped up again, which I already wrote about in this > thread a while ago: > > https://groups.google.com/forum/#!topic/linux.samba/w2B-0bRy9_0 > > Creating new users via ADUC under Windows10 still gives us users with > missing attributes like

On Thu, 21 Mar 2019 22:34:02 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > Am 21.03.19 um 19:54 schrieb Rowland Penny via samba: > > > This is one of the decisions you have to make, do you want to have > > the same ID's everywhere, or just on Unix domain members ? > > We only have one Unix domain member aside from the

On Fri, 22 Mar 2019 10:38:26 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > Am 21.03.19 um 22:42 schrieb Rowland Penny via samba: > > On Thu, 21 Mar 2019 22:34:02 +0100 > > "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > > > >> Am 21.03.19 um 19:54 schrieb Rowland Penny via samba:

Am 22.03.19 um 11:43 schrieb Stefan G. Weichinger via samba: > Am 22.03.19 um 11:01 schrieb Rowland Penny via samba: > >>> Would the users itself need some editing as well (inside LDAP/AD)? >> >> This is really up to you, you could, if you so wish, remove all the >> rfc2307 attributes from AD, or you could just ignore them. > > nice. sounds like my weekend

Am 22.03.19 um 16:35 schrieb Rowland Penny via samba: > On Fri, 22 Mar 2019 16:11:58 +0100 > "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > >> Am 22.03.19 um 11:43 schrieb Stefan G. Weichinger via samba: >>> Am 22.03.19 um 11:01 schrieb Rowland Penny via samba: >>> >>>>> Would the users itself need some

On Fri, 22 Mar 2019 16:11:58 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > Am 22.03.19 um 11:43 schrieb Stefan G. Weichinger via samba: > > Am 22.03.19 um 11:01 schrieb Rowland Penny via samba: > > > >>> Would the users itself need some editing as well (inside > >>> LDAP/AD)? > >> > >> This

Am 22.03.19 um 11:01 schrieb Rowland Penny via samba: >> Would the users itself need some editing as well (inside LDAP/AD)? > > This is really up to you, you could, if you so wish, remove all the > rfc2307 attributes from AD, or you could just ignore them. nice. sounds like my weekend project ;-) *sigh* thanks a lot ... will check my backups asap

Hi all, Please help Ive been wasting days at this... I am not trying to create a PDC, I am not joining an active directory, I am not needing samba schema in my openldap (or do I?), I am not trying to use winbind and idmaps for translations from SID to UID/GID, I just want my samba server which shares linux home directories to authenticate user+password against my existing linux based openldap

Hello, I setting up a new PDC for a new domain using samba 3.2.0 I use LDAP as passwd/idmap backend. I started from scratch just creating the OU for the users/groups/machines/idmaps in the ldap directory, + a user used to bind to ldap. So from there I started winbind and ran net sam provision, which worked great. Now I plan this domain will have a one way trust with one other domain, and as I

Well, I have tried really hard to get any of the idmaps to work--in that, idmap_ads, idmap_rid, and I have tried to use idmap stroage in ldap with padl (nss_ldap) too, but I have had no luck. If I enable pam in /usr/lib/security/methods.cfg or nss_ldap, I cannot log into the system anymore. If I enable pam in /etc/pam.conf and use in /etc/security/users SYSTEM = "WINBINd or WINBIND[UNAVAIL]

Am 21.03.19 um 19:54 schrieb Rowland Penny via samba: > This is one of the decisions you have to make, do you want to have the > same ID's everywhere, or just on Unix domain members ? We only have one Unix domain member aside from the DCs and that is the samba file server. > Do you want to > set different login shells and/or different home directories ? nope the AD users

Am 21.03.19 um 22:42 schrieb Rowland Penny via samba: > On Thu, 21 Mar 2019 22:34:02 +0100 > "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > >> Am 21.03.19 um 19:54 schrieb Rowland Penny via samba: >> >>> This is one of the decisions you have to make, do you want to have >>> the same ID's everywhere, or just on Unix

Today a topic popped up again, which I already wrote about in this thread a while ago: https://groups.google.com/forum/#!topic/linux.samba/w2B-0bRy9_0 Creating new users via ADUC under Windows10 still gives us users with missing attributes like uidNumber etc As far as I understand, this simply doesn't work with Win10, related to

Samba3 allowed for the setting of idmaps and passdb backends to configure how users were pulled in. This made integrating with existing LDAP databases, other other forms of authentication easy, since Samba could be configured to present the same UID and GID as directly from the [insert other auth method here] system. All was good. Unfortunately Samba4 seems to have removed much of that

Hello all... Im trying to fix a idmap setup with winbind where the idmaps are stored in openldap. We have had this system working before, but it managed to break :-) All systems running Samba (3.0.13 on FC2) Problem: group id's and uid's (specificly uid's) are inconsistent between clients (our two test clients). Both machines are using idmap backend to talk to our ldap server and

Many thanks Rowland. Yes, I don't understand idmaps, but I _think_ I'm getting it. I have added the gid of 60002 for Domain Admins and undertaken some 'chgrp' tasks. I've now got a domain member with shares that presents the correct ownership. All looks good. I'm still slightly confused why I have two ranges within my member smb.conf: idmap config * : backend = tdb

Hello everybody, had anyone of you problems with winbind and tdbfiles, when upgrading from 3.0.14a to 3.0.20a? The Symptom was: After upgrading to 3.0.20a the idmapping was corrupt. Although 3.0.20a runs fine, none of the idmaping was resolved correctly. Downgrading to 3.0.14a "restored" the idmaps. tdbdump showed me the same idmappings, therefor i think winbind wasn't able

I've spent some time updating, upgrading and generally consolidating an old Samba AD. I've managed to remove a very old unsupported (4.2) Samba AD DC following migration to a couple of new DC's - that seems to have worked out OK. Workstation logons and GPO's working fine. I'm now left with one problem after joining a new Samba (4.5.12) member server to the domain for file

Hi! I'm currently setting up a Samba 3 PDC. So far I managed to setup Samba with an OpenLDAP backend, but adding a user with the command "net rpc user add mg password -U root" results in the following error: Failed to add user 'mg' with: WERR_GENERAL_FAILURE. In the logfile it says: [2009/10/28 15:56:28, 0] passdb/pdb_ldap.c:ldapsam_create_user(5119)

Hi! I so far succeeded in setting up a Samba NT4 DC with OpenLDAP backend. Unfortunately I get the following error message connecting a Windows XP client to the domain (translated from german): [...] The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.lohrmann.de [...] This is surely due to a