Displaying 20 results from an estimated 11000 matches similar to: "winbind: How to map Administrator to "root" on AD member server"
2013 Sep 28
2
mount.cifs and kerberos failure
Hi guys,
This seems to be a well-known problem with mount.cifs on Ubuntu 12.04. Unfortunately, although I have applied the suggestions I found with google, I can't seem to be able to get mount.cifs to work with kerberos. I am trying to use kerberos to mount my Windows shares because this is the only allowed secure way in my company to connect to shares. Before anyone asks, I can successfully
2017 Jun 06
4
How to update the root hints for bind DLZ
Hi,
we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1.
The DNS server (192.168.0.200) is operated by bind with the samba DLZ
module. It also hosts several zones outside of samba.
Every couple of hours, I get messages like these on the server:
Jun 5 23:04:58 ucsdc1 daemon:[warning] checkhints:
h.root-servers.net/A (198.97.190.53) missing from hints
Jun 5 23:04:58 ucsdc1
2018 Feb 21
1
Cannot get DOMAIN\administrator mapped to root on domain member
On a domain member, I cannot get DOMAIN\administrator to login mapped to
root. On my Samba AD DC, this does work and when I login there, I get a
# prompt.
Here is my smb.conf on the domain member
[global]
security = ADS
workgroup = SUBDOMAIN
realm = SUBDOMAIN.DOMAIN.COM
log file = /usr/local/samba/var/%m.log
log level = 3
bind interfaces only =
2015 Jan 14
3
SAMBA 4 Member Server - Help please
Hi all,
I'm quite stuck here at the moment. I have tried this multiple times to get built and can't seem to get it working properly. I have a test virtual server running as a domain controller with Samba 4.1.15 using (9.10.1) bind_dlz as the back end and all works properly. I have the server setup as domain controller and have added a user and I can look that user up with the samba-tool
2012 May 24
2
Samba as member of multi domain AD (nss/pam)
Hi list,
I'm looking for someone out there, using samba as a member
server in a multi-domain Active Directory forest (maybe even
with nss_/pam_winbind for unix users/groups).
It took quite a long time to get things working at all here, and we're
still not really comfortable with our current solution (especially
the unix nss/pam part).
I'd be glad if someone out there was interested
2014 Apr 23
1
scripts to set UIDs and GIDs
Hi everyone,
I've succesfully managed to create a Centos 6 - Sernet Samba 4.1 DC and
a member server for hosting the shares.
To have the member working right (serving folders with right permissions
without chmod777 the relative fs path) I have to set all the UID GID (at
least primary group) for my users unless they'll be asked for user/pass
when trying to access and they get locked
2012 Jul 12
8
Linux SSO with samba4?
Hi,
I think it is great that samba4 has a single sign on solution for Windows
platforms and it seems to work well too, but I am wondering is it possible
to do the same for a Linux environment? I have been studying how to
implement single sign on using the Ubuntu way through this document:
https://help.ubuntu.com/community/SingleSignOn and I am wondering if I can
do the same with samba4 where the
2012 Feb 16
2
ddns in samba4
I followed this
http://linuxcostablanca.blogspot.com/2012/01/samba-4-ubuntu.html and got
dynamic dns updates working in forward zone.
any ideas to get it working in the reverse zone too?
By the way, nice article Steve.
Best regards,
Felix.
2014 Aug 06
1
wbinfo -u/-g does not query AD DC
I'm setting up a domain member (Debian Wheezy, Samba 3.6.6) to join an
AD DC (Wheezy backports, Samba 4.1.9). Everything looks good so far, in
particular the checklist
(http://linuxcostablanca.blogspot.com.es/2014/06/samba4-winbind-desperation.html)
up to number 7 is okay. I also removed nscd.
I can do "kinit user" and I can query the samba LDAP to see domain
users. I did a
2014 Mar 14
2
Modifying the AD scheme, how?
I'm trying to add schema extensions to my Samba (4.1.5) server, as per
> https://wiki.samba.org/index.php/Samba4/Schema_extenstions
However, importing the example file (after replacing the DOMAIN_TOP_DN)
fails:
> $ ldbmodify -H sam.ldb /tmp/automount.ldif --option="dsdb:schema update allowed"=true
> Unable to find attribute automountMapName in the schema
> ERR:
2017 Jun 06
0
How to update the root hints for bind DLZ
A quick search on Google gives: http://www.unixfu
.ch/how-do-i-update-the-root-hints-data-file-for-bind-named-server/
Best regards,
Marcel de Reuver
2017-06-06 11:36 GMT+02:00 Torsten Kurbad via samba <samba at lists.samba.org>:
> Hi,
>
> we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1.
>
> The DNS server (192.168.0.200) is operated by bind with the samba
2012 May 23
2
multi home dir locations
Hi all,
i've got samba 3.6 joined to a ad domain (s4 in this case)
running winbind
all looks ok, but i ran into a problem (for us that is)
i've got 2 groups (students and employes)
who have there home dirs in 2 different places.
/home/students/<user>
/home/employ/<user>
so far so good, but i can't make the [homes] work for both of them (just
1 group)
in winbind
2017 Jun 08
0
How to update the root hints for bind DLZ
Hi,
Let me try to clear some confusion.
On Tue, Jun 6, 2017 at 7:36 PM, Torsten Kurbad via samba <
samba at lists.samba.org> wrote:
> Hi,
>
> we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1.
>
> The DNS server (192.168.0.200) is operated by bind with the samba DLZ
> module. It also hosts several zones outside of samba.
>
> Every couple of hours,
2014 Jun 27
2
Samba 4.1.8 Importing automountmap ldif entries from existing OpenLDAP setup or ?
So, I have a test domain set up with rfc2307 = yes .
Now I'm trying to figure out if a) my nfs automount data came over from OpenLDAP, and b) if not, how to get it into samba 4's ldap, or something else??? Do I need to rethink my approach?
Mount locations are pretty consistent based on primary group/userid
Needs to work on Linux.
Existing entries look like this...
# /u,
2013 Mar 13
2
How to add a new line at a particular place in a file..
Hi all,
How can i write a puppet code such that..it adds a line of content that i
want..at a desired place in a file..
if [ "x$JAVA_OPTS" = "x" ]; then
JAVA_OPTS="-Xms64m -Xmx512m -XX:MaxPermSize=256m
-Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true
-Dsun.rmi.dgc.client.gcInterval=3600000
-Dsun.rmi.dgc.server.gcInterval=3600000
2014 Jun 29
1
samba4 winbind desperation
Hi everyone, and especially the on-list plain English rfc2307 winbind
advisers.
In an effort to save the aforementioned a lot of time, energy and
frustration, we have put together a check-list to which we can refer
candidates on those rare occasions when they are having problems with
winbind.
We hope you like them and that they will serve us all to a greater or
lesser degree.
2013 Oct 27
1
User Administrator (and only it) access denied on member server
Hello all,
I have really strange problem with Samba 4.1.0 - regarding only one
user - Administrator.
There are 2 servers: NAS (which is DC) and CHEETAH (Which is domain member).
Have spent long time in efforts to sync UID/GID across servers (these
are used both from Linux over NFS and from Windows) - and finally
wrote the scripts to make all users/groups (even including the builtin
one, like
2015 Sep 08
2
nfs4 mounted homedir and kerberos tickets
Hai,
I have strange problem, i think its a simple thing, but im missing some kerberos knowledge here..
Situation.
I login with my pc on the AD domain, (works fine).
Now i login on my member server with ssh (putty), using the ssh single sign-on on my server where my
homedirs is ( /home/users/username) , this works fine.
When i do the same to my print server, where the
2020 Apr 07
3
fail2ban ban not working
I have fail2ban on my mail server monitoring Dovecot and Exim.
I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log:
2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05
2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224
2020-04-07 09:42:06,981
2015 Mar 06
0
Administrator can no longer connect to member server after removing uidnumber from administrator
Hello list!
Some of you may recall my recent semi-spamming of this wonderful list with
questions about acl problems on a member server. It turns out that I should
not have immediately assigned a UIDnumber to Administrator, nor a GIDNumber
to Domain Admins. :(
I have removed the NIS attributes for Administrator and Domain Admins in
ADUC, and have not been able to login to the member server as