similar to: winbind: How to map Administrator to "root" on AD member server

Hi guys, This seems to be a well-known problem with mount.cifs on Ubuntu 12.04. Unfortunately, although I have applied the suggestions I found with google, I can't seem to be able to get mount.cifs to work with kerberos. I am trying to use kerberos to mount my Windows shares because this is the only allowed secure way in my company to connect to shares. Before anyone asks, I can successfully

Hi, we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1. The DNS server (192.168.0.200) is operated by bind with the samba DLZ module. It also hosts several zones outside of samba. Every couple of hours, I get messages like these on the server: Jun 5 23:04:58 ucsdc1 daemon:[warning] checkhints: h.root-servers.net/A (198.97.190.53) missing from hints Jun 5 23:04:58 ucsdc1

On a domain member, I cannot get DOMAIN\administrator to login mapped to root. On my Samba AD DC, this does work and when I login there, I get a # prompt. Here is my smb.conf on the domain member [global]        security = ADS        workgroup = SUBDOMAIN        realm = SUBDOMAIN.DOMAIN.COM        log file = /usr/local/samba/var/%m.log        log level = 3        bind interfaces only =

Hi all, I'm quite stuck here at the moment. I have tried this multiple times to get built and can't seem to get it working properly. I have a test virtual server running as a domain controller with Samba 4.1.15 using (9.10.1) bind_dlz as the back end and all works properly. I have the server setup as domain controller and have added a user and I can look that user up with the samba-tool

Hi list, I'm looking for someone out there, using samba as a member server in a multi-domain Active Directory forest (maybe even with nss_/pam_winbind for unix users/groups). It took quite a long time to get things working at all here, and we're still not really comfortable with our current solution (especially the unix nss/pam part). I'd be glad if someone out there was interested

Hi everyone, I've succesfully managed to create a Centos 6 - Sernet Samba 4.1 DC and a member server for hosting the shares. To have the member working right (serving folders with right permissions without chmod777 the relative fs path) I have to set all the UID GID (at least primary group) for my users unless they'll be asked for user/pass when trying to access and they get locked

Hi, I think it is great that samba4 has a single sign on solution for Windows platforms and it seems to work well too, but I am wondering is it possible to do the same for a Linux environment? I have been studying how to implement single sign on using the Ubuntu way through this document: https://help.ubuntu.com/community/SingleSignOn and I am wondering if I can do the same with samba4 where the

I followed this http://linuxcostablanca.blogspot.com/2012/01/samba-4-ubuntu.html and got dynamic dns updates working in forward zone. any ideas to get it working in the reverse zone too? By the way, nice article Steve. Best regards, Felix.

I'm setting up a domain member (Debian Wheezy, Samba 3.6.6) to join an AD DC (Wheezy backports, Samba 4.1.9). Everything looks good so far, in particular the checklist (http://linuxcostablanca.blogspot.com.es/2014/06/samba4-winbind-desperation.html) up to number 7 is okay. I also removed nscd. I can do "kinit user" and I can query the samba LDAP to see domain users. I did a

I'm trying to add schema extensions to my Samba (4.1.5) server, as per > https://wiki.samba.org/index.php/Samba4/Schema_extenstions However, importing the example file (after replacing the DOMAIN_TOP_DN) fails: > $ ldbmodify -H sam.ldb /tmp/automount.ldif --option="dsdb:schema update allowed"=true > Unable to find attribute automountMapName in the schema > ERR:

A quick search on Google gives: http://www.unixfu .ch/how-do-i-update-the-root-hints-data-file-for-bind-named-server/ Best regards, Marcel de Reuver 2017-06-06 11:36 GMT+02:00 Torsten Kurbad via samba <samba at lists.samba.org>: > Hi, > > we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1. > > The DNS server (192.168.0.200) is operated by bind with the samba

Hi all, i've got samba 3.6 joined to a ad domain (s4 in this case) running winbind all looks ok, but i ran into a problem (for us that is) i've got 2 groups (students and employes) who have there home dirs in 2 different places. /home/students/<user> /home/employ/<user> so far so good, but i can't make the [homes] work for both of them (just 1 group) in winbind

Hi, Let me try to clear some confusion. On Tue, Jun 6, 2017 at 7:36 PM, Torsten Kurbad via samba < samba at lists.samba.org> wrote: > Hi, > > we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1. > > The DNS server (192.168.0.200) is operated by bind with the samba DLZ > module. It also hosts several zones outside of samba. > > Every couple of hours,

So, I have a test domain set up with rfc2307 = yes . Now I'm trying to figure out if a) my nfs automount data came over from OpenLDAP, and b) if not, how to get it into samba 4's ldap, or something else??? Do I need to rethink my approach? Mount locations are pretty consistent based on primary group/userid Needs to work on Linux. Existing entries look like this... # /u,

Hi all, How can i write a puppet code such that..it adds a line of content that i want..at a desired place in a file.. if [ "x$JAVA_OPTS" = "x" ]; then JAVA_OPTS="-Xms64m -Xmx512m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000

Hi everyone, and especially the on-list plain English rfc2307 winbind advisers. In an effort to save the aforementioned a lot of time, energy and frustration, we have put together a check-list to which we can refer candidates on those rare occasions when they are having problems with winbind. We hope you like them and that they will serve us all to a greater or lesser degree.

Hello all, I have really strange problem with Samba 4.1.0 - regarding only one user - Administrator. There are 2 servers: NAS (which is DC) and CHEETAH (Which is domain member). Have spent long time in efforts to sync UID/GID across servers (these are used both from Linux over NFS and from Windows) - and finally wrote the scripts to make all users/groups (even including the builtin one, like

Hai,   I have strange problem, i think its a simple thing, but im missing some kerberos knowledge here..     Situation.     I login with my pc on the AD domain, (works fine). Now i login on my member server with ssh (putty), using the ssh single sign-on on my server where my homedirs is  ( /home/users/username)  , this works fine.   When i do the same to my print server, where the

I have fail2ban on my mail server monitoring Dovecot and Exim. I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log: 2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05 2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224 2020-04-07 09:42:06,981

Hello list! Some of you may recall my recent semi-spamming of this wonderful list with questions about acl problems on a member server. It turns out that I should not have immediately assigned a UIDnumber to Administrator, nor a GIDNumber to Domain Admins. :( I have removed the NIS attributes for Administrator and Domain Admins in ADUC, and have not been able to login to the member server as