similar to: User accounts not getting complete group membership (getent group / groups mismatch)

Displaying 20 results from an estimated 11000 matches similar to: "User accounts not getting complete group membership (getent group / groups mismatch)"

2018 Oct 18
2
NSS interface lists all domain users but gives error on single user
Hello Rowland Il giorno mer, 17/10/2018 alle 21.28 +0100, Rowland Penny via samba ha scritto: [...] > What does 'wbinfo -U 10182' return ? > The last number should be 2182 root at kubuntu-test:~# wbinfo -U 10182 S-1-5-21-1076504413-1754488879-1808648030-2182 root at kubuntu-test:~# wbinfo -n 'AGENZIA\lorenam' S-1-5-21-1076504413-1754488879-1808648030-2182 SID_USER (1) root
2005 Mar 21
2
what are *.tdb files?
In /varcache/samba/ I have several .tdb files. Like brlock.tdb, locking.tdb, ntdrivers.tdb, etc. Excusing my ignorance, what are these files, and what do they do? And why must they be copied when migrating from one samba server to a new one?
2012 Jul 27
2
Change winbindd UID mapping
Hi, I'm running Samba 3.6.6 on Ubuntu Quantal. I have a need to manually assign some of the UID mapping on a samba domain member file server. I have used tdbtool to add the correct mapping record to winbindd_idmap.tdb. However, I am at a loss as to how to force that change to "propagate" so as to show in the permissions structure of the file system and in the output of such
2005 Jan 18
2
auth samba+squid+ntlm
Hi. I need to use the ntlm_auth module to auth. users so a group can use Internet and other not, using squid. The users that belong to "Internet" group may use Internet. I've being looking for info. about this but there is no much info. in google. Until now this is the only info. that I had found: for squid.conf: auth_param ntlm program /usr/bin/ntlm_auth
2009 May 12
5
Move PDC to another server
Hello, I'm trying to move my samba server to another box. I copied uniw and samba users, groups, machines, with the same ID I copied samba conf files I copied SID (with net setlocalsid and net setdomainsid) But i can't open a session on new PDC server :( Any idea, or tutorial to change my server without re-add all computer to domain ? Thanks for help. Regards
2018 Oct 17
2
NSS interface lists all domain users but gives error on single user
Hello Rowland, I changed nsswitch.conf as suggested, but I still have the same result. [...] > Providing the there is a user called 'manuelb' in AD, winbind should > show the user with 'getent passwd AGENZIA+manuelb' If I list all users, I get all users. Let's display the end of the list using both wbinfo and getent: root at kubuntu-test:~# wbinfo -u | tail -2
2019 Jul 18
2
getent passwd shows old name for renamed user
W dniu 2019-07-18 o?21:39, ?ukasz Michalski via samba pisze: > W dniu 2019-07-18 o?21:22, Rowland penny via samba pisze: > >> On 18/07/2019 20:20, ?ukasz Michalski via samba wrote: >>> W dniu 2019-07-18 o?18:46, Rowland penny via samba pisze: >>> >>> I changed uid, sAMAccountName, msFU30Name from 'foo' to 'bar' using >>> ADUC
2018 Jan 31
3
netsamlogon_cache.tdb & winbind.
All, I wonder if someone can give me an idea what the file "netsamlogon_cache.tdb" contains... as I have noticed that I can be added to a group, and access will not appear on the Unix side for a good deal of time... but if I stop Winbind, remove the file "netsamlogon_cache.tdb", and re-start everything, it will then work. Can anyone tell me what the purpose of this file is,
2008 Nov 06
4
Trying to get uid and gid to match and getent to work
I am using the following in my smb.conf on samba-3.0.28-0.el5.8 idmap domains = MYDOMAIN idmap config MYDOMAIN:backend = rid idmap config MYDOMAIN:base_rid = 998 idmap config MYDOMAIN:range = 998 - 49999 idmap uid = 998-20000 idmap gid = 998-20000 template homedir = /home/users/%U # template primary group =
2018 Dec 13
5
AD Domain member - getent passwd truncated to only 18 users
Em 12/12/2018 17:39, Rowland Penny via samba escreveu: > The above lines are only applicable for Samba >= 4.6.0 > Add: winbind nss info = rfc2307 > remove the last two lines, see here for more info: > > https://wiki.samba.org/index.php/Idmap_config_ad Oh, God! Vacation is coming... Thank you for such obvious correction. BUT I edited smb.conf the right way, removed
2006 Mar 20
1
can't seem to remove winbind cache
Hi I have an issue with winbind where new information isn't being transferred from my PDC. One of my users has changes their second name, and I have added another user. When I run getent passwd safa on the domain controller I get his new name, when I run it on the domain server it returns the old information. My new user doesn't show up with getent passwd or id. I have tried
2011 Mar 31
2
Winbindd filling log file with " final write to client failed: Broken pipe"
Hello, I've set up winbindd to authenticate local users against our active directory servers and everything works fine. I see plenty of the following lines in my logs and I'm wondering if someone can help me troubleshooting this: [2011/03/31 15:15:02, 10] winbindd/winbindd_cache.c:cache_retrieve_response(2666) Retrieving response for pid 8749 [2011/03/31 15:15:02, 7]
2008 Aug 26
1
User's groups issue
Hello, I'm using samba 3.0.31 and seems to have an issue with getting user's groups info. It works like a Swiss Watch when I start winbindd and do "id username" for a given user however, if I add that user to one more group on the domain and issue "id username" I don't get the up to date info. My expectation was that after some time, if I issue "id
2011 May 27
1
Where is the winbindd_idmap.tdb?
Hi, All >From the winbindd man page, there should be winbindd_idmap.tdb to store the sid/uid/gid mapping. But in my setup, i can't find it. I can only see winbindd_cache.tdb. Can you tell me how to generate winbindd_idmap.tdb? --smb.conf-- [global] idmap uid = 10000-1000000 idmap gid = 10000-1000000 idmap backend = rid winbind enum users = no winbind enum groups = no winbind
2009 Oct 09
0
winbind not resolving group membership changes
I'm using Samba 3.0.33 (RHEL 5) to connect to a Windows 2008 active directory server. I am restricting SSH logins to a particular AD group. The users allowed to login will change frequently, so it's important to me that their group membership is updated when their access to this server is granted or revoked. The problem that I keep running into is that group membership on the
2005 May 04
2
winbind cache time?
Hello, according to 'man smb.conf': Default: winbind cache time = 300 I have not changed it in smb.conf, but when I remove some user from some group, command "groups DOMAIN+user" still shows that user belongs to the group even after a few hours after removing the user from that group. Any ideas why? samba 3.0.15pre2. Regards, Nerijus
2007 Sep 27
0
Winbind & AD group membership caching
I've been playing with joining RHEL4 (CentOS) machines to a Win2k3 Active Directory. I've got everything pretty well squared away, except that the linux box never seems to see changes to users' group memberships. For example, I created a user, testuser, who initially just a member of Domain Users. I logged into the linux box with testuser successfully and both 'id' and
2014 Jun 11
1
Expiry of entries in netsamlogon_cache.tdb
I think we're suffering from bug 8641 at the moment: https://bugzilla.samba.org/show_bug.cgi?id=8641 where the netsamlogon_cache.tdb entries are not expiring. We use AD groups for our (redhat) server auth, and also use server-side group auth for NFS (with the --manage-gids flag). So if a user is not in a group on the server, they're denied access to files as per group permissions.
2007 Dec 01
0
ADS - Not recognizing Domain Admin group membership (from 1 workstation only)
I've been running a couple Centos5 and RHEL4/5 servers with samba for a while now and everything has been working great with our Windows 2003 AD. All of a sudden though I'm experience something really weird on one of the RHEL5 boxes. Whenever I try to connect as a Domain Admin from one particular Vista client, I get access denied and repeated prompts for a username/password - this has
2020 Nov 24
2
ID Mapping
I'm pretty sure you need to clear your winbind cache after modifying the range. I can't find any official documentation on it anywhere, but I think the process goes like: systemctl stop winbind systemctl stop smbd net cache flush systemctl start winbind systemctl start smbd If that doesn't work you could try clearing the tdb files and the group mapping ldb file in /var/lib/samba (