Displaying 20 results from an estimated 1000 matches similar to: "userPrincipalName question"
2015 Feb 13
3
I can't join to an existing domain (yet)
People:
I have not solved my problem. I have only one DC with Zentyal 3.4 and I
want to change it by samba 4.1.16. That's why if I can't join the samba
to the existing domain I would not do anything else.
The samba server error is this:
(Command from samba)
samba-tool domain join dtcf.etecsa.cu DC -U administrator
--realm=DTCF.ETECSA.CU --dns-backend=BIND9_DLZ
(Response)
No
2009 Nov 17
1
Problem to map uidNumber and getting authentication to work
On Mon, 21 Sep 2009, Timo Aaltonen wrote:
>
>
> Hi!
>
> I'm trying to set up a samba client to authenticate from AD (Win2k8), by
> using rfc2307 schema mode to map uidNumber, gidNumber and unixHomeDirectory.
> The latter two seem to work, while uidNumber doesn't, at least according to
> 'wbinfo -i $uid', which shows the uid as the default starting
2016 Feb 10
3
ldbadd issue on Samba 4.1.13 AD DC
On 2/9/2016 3:48 PM, Rowland penny wrote:
> On 09/02/16 19:59, Allen Chen wrote:
>> Hi there,
>>
>> I have Samba 4.1.13 AD DC compiled on CentOS 6.2 (32bit). Everything
>> is working fine.
>>
>> Issue: ldbadd cannot re-add a deleted user account.
>> What I did:
>> 1. save user account
>> # ./bin/ldbsearch -H /usr/local/samba/private/sam.ldb
2013 Nov 05
2
Unable to join samba4 to AD as a DC
Hello,
I'm trying to get samba4 up and running as a DC in a lab environment.
I have a freshly installed AD environment (W2012R2 servers, W2008R2
functional level) and I'm trying to join samba4 to it as a domain
controller.
When I try, I get this:
# samba-tool domain join ad.netdirect.ca DC -Uadministrator
--realm=AD.NETDIRECT.CA -W AD
Finding a writeable DC for domain
2015 Feb 13
0
I can't join to an existing domain (yet)
On 13/02/15 15:29, Denis Morejon Lopez wrote:
>
> I tried first all these with linux ldbmodify using that ldif with the
> dn:: (code 64)
> but an error like the last you will see here occurred.
>
> Then, I tried with Windows ldifde.
>
> # The Windows OS is in spanish. That's why I will comment the must
> important lines for you (Since my point of view).
>
>
2013 Nov 18
1
samba4.1 RODC with BIND as DNS backend
OK, further to my previous message I've configured BIND, but when I try
to run samba_dnsupdate I get the following:
Nov 18 16:19:23 sles-shire named[6112]: samba b9_putrr: unhandled record
type 0
Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: starting transaction
on zone _msdcs.main.adlab.netdirect.ca
Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: disallowing update of
2015 Feb 13
0
I can't join to an existing domain (yet)
On 13/02/15 19:31, Denis Morejon Lopez wrote:
> Yes, it exists and it's a real pc:
>
> (Command)
> ldbsearch -H /var/lib/samba/private/sam.ldb '(CN=PC009375)'
>
> (Response)
> # record 1
> dn: CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
>
2013 Nov 28
1
Replicating failing after installing RODC
We've joined an RODC to the domain (Windows 2008R2 running a W2003
FFL/DFL AD) but are getting these errors on first startup.
It was joined with:
samba-tool domain join main.adlab.netdirect.ca RODC
--realm=main.adlab.netdirect.ca
--username=administrator at main.adlab.netdirect.ca --dns-backend=BIND9_DLZ
but we get these errors right after startup:
Nov 28 12:35:27 sles-bree samba[3939]:
2013 Nov 18
1
Samba 4.1 acting as RODC, how to fix TSIG and configure DNS?
I've set up a lab for testing Samba 4.1 as an RODC emulating a satellite
office setup, using the sernet packages on SLES11SP2.
## Problem 1
samba_dnsupdate is failing:
==> /var/log/samba/log.samba <==
[2013/11/18 13:22:37.416193, 0]
../lib/util/util_runcmd.c:317(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: ; TSIG error with server: tsig verify failure
[2013/11/18
2013 Nov 19
1
Prepopulate *all* users to a samba4 RODC
I was hoping this would be simpler. I'd like to prepopulate an RODC with
all users accounts that are permitted. But I can only pre-populate one
at a time:
samba-tool rodc preload (<SID>|<DN>|<accountname>)
sles-shire:~ # samba-tool group listmembers 'Allowed RODC Password
Replication Group - Shire'
Allowed RODC Password Replication Group - Global
WIN7-SHIRE$
bilbo
2013 Nov 20
1
No neighbors in 'drs showrepl'
Is this a problem? Does this mean no replication links exist?
michael at sles-bree:~> samba-tool drs showrepl -k yes
Bree\SLES-BREE
DSA Options: 0x00000025
DSA object GUID: 7ea641b0-d418-4c74-a4fa-c15b852467b8
DSA invocationId: 1017ff29-756c-4777-b395-b481f4b5387c
==== INBOUND NEIGHBORS ====
==== OUTBOUND NEIGHBORS ====
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name:
2013 Nov 28
1
Enabling NIS after samba4 installation
I'm testing out our samba 4 migration process and when the initial
forest/domain was created, it was created without using --use-rfc2307:
sudo samba-tool domain provision --domain netdirect
--function-level=2008_R2 --realm=ad.netdirect.ca
Now that it's in place and we have machines joined, what do I need to do
to add the unix attribute and NIS maps to an existing samba4 domain so
2014 Feb 15
2
Samba 4.1.4 nsswitch/winbind issues
The two domain controllers (Debian) and the member server (CentOS) are all
running Samba 4.1.4 from the sernet packages. The member server I am
testing from was fully patched as of this morning.
Things that work:
- wbinfo -u
- wbifno -g
- getent group {ad_group}
Things that don't work:
- getent passwd {any_ad_user}
- getent group
- getent passwd
I jacked up the winbindd
2020 Oct 05
2
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
Dear all,
i'm investigating the issue that I can't authenticate against a Samba (as Active-Directory Member) using the userPrincipalName (UPN). (Using Samba and sAMAccountName works fine.)
After some research I'm quite sure that winbind is limited to the sAMAccountName and can't use UPN. So I deciced to use SSSD and configured the `ldap_user_name = userPrincipalName` in the
2019 Apr 04
5
Migration to samba4 ad and sync to openldap.
I managed to do migration using "classicupgrade".
Doing tests with debian buster 2:4.9.4+dfsg-4.
For the moment using samba internal dns and sub-domain of ad.advocap.org.
Had issue forwarding dns if I used main domain.
When it comes to real production will use bind that I understand better
but don't want to mess with my other dns servers now.
Had a w10 box join samba4 ad
2014 Feb 04
1
Creating samba4/AD users from ADUC
We have a couple Samba4 AD domains we've implemented and I've noticed a
difference between how users look when created via ADUC versus samba-tool.
Created via ADUC, the following extra attributes are added:
msSFU30Name: bilbo
msSFU30NisDomain: netdirect
unixHomeDirectory: /home/bilbo
unixUserPassword: ABCD!efgh12345$67890
Created via samba-tool, the following extra attributes are added:
2020 Oct 14
2
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
Am 14.10.20 um 08:31 schrieb Nico Kadel-Garcia via samba:
> On Tue, Oct 13, 2020 at 10:30 AM Rowland penny via samba
> <samba at lists.samba.org> wrote:
>> On 13/10/2020 15:01, Markus Jansen via samba wrote:
>>> Thank you very much for your hints.
>>>
>>> I got rid of SSSD and managed to get a successful kerberos
>>> authentication via wbinfo
2008 Feb 27
1
UserPrincipalName with samba/winbind 3.2
Hi,
I'm currently trying the 3.2 version of winbindd (pam + nss +
winbindd). I would like to loging with the userPrincipalName on ? Win 2k3
but I can't. Winbindd retrun NT_STATUS_INVALID_PARAMETER_MIX (PAM: 4)
Any idea
winbindd --version output :
Version 3.2.0pre2-GIT--e 85eec1d-test
My smb.conf file :
[global]
security = ads
realm =
2014 Jun 07
3
Samba 4 / idmap / NIS / winbind
Hi,
how can i get work Samba 4 Sernet 4.1.7 correctly with NIS. Ist provisioned with rfc2307.
When i query a User withi get the following.
getent passwd testswi
SWI\testswi:*:10000:100:testswi:/home/SWI/testswi:/bin/false
I want to change /bin/false to a other value /bin/bash
I tried many things to change the value.
1. ldbedit -e vim -H /var/lib/samba/private/sam.ldb samaccountname=testswi
2017 Mar 13
4
Rename Samba 4 Users
Hi guys!
Do you know if there is a away to rename a list of samba 4 user accounts ?
I need to change a list of 2000 users from "login name" to a "login number"
i would not like to do this one by one.
I know that in windows server i can do using powershell script, but it
doesn´t work with samba.
If you have any ideia on how to do this i appreciate.
Thanks!!
--