similar to: User accounts not getting complete group membership (getent group / groups mismatch)

Hello Rowland Il giorno mer, 17/10/2018 alle 21.28 +0100, Rowland Penny via samba ha scritto: [...] > What does 'wbinfo -U 10182' return ? > The last number should be 2182 root at kubuntu-test:~# wbinfo -U 10182 S-1-5-21-1076504413-1754488879-1808648030-2182 root at kubuntu-test:~# wbinfo -n 'AGENZIA\lorenam' S-1-5-21-1076504413-1754488879-1808648030-2182 SID_USER (1) root

In /varcache/samba/ I have several .tdb files. Like brlock.tdb, locking.tdb, ntdrivers.tdb, etc. Excusing my ignorance, what are these files, and what do they do? And why must they be copied when migrating from one samba server to a new one?

Hi, I'm running Samba 3.6.6 on Ubuntu Quantal. I have a need to manually assign some of the UID mapping on a samba domain member file server. I have used tdbtool to add the correct mapping record to winbindd_idmap.tdb. However, I am at a loss as to how to force that change to "propagate" so as to show in the permissions structure of the file system and in the output of such

Hi. I need to use the ntlm_auth module to auth. users so a group can use Internet and other not, using squid. The users that belong to "Internet" group may use Internet. I've being looking for info. about this but there is no much info. in google. Until now this is the only info. that I had found: for squid.conf: auth_param ntlm program /usr/bin/ntlm_auth

Hello, I'm trying to move my samba server to another box. I copied uniw and samba users, groups, machines, with the same ID I copied samba conf files I copied SID (with net setlocalsid and net setdomainsid) But i can't open a session on new PDC server :( Any idea, or tutorial to change my server without re-add all computer to domain ? Thanks for help. Regards

Hello Rowland, I changed nsswitch.conf as suggested, but I still have the same result. [...] > Providing the there is a user called 'manuelb' in AD, winbind should > show the user with 'getent passwd AGENZIA+manuelb' If I list all users, I get all users. Let's display the end of the list using both wbinfo and getent: root at kubuntu-test:~# wbinfo -u | tail -2

W dniu 2019-07-18 o?21:39, ?ukasz Michalski via samba pisze: > W dniu 2019-07-18 o?21:22, Rowland penny via samba pisze: > >> On 18/07/2019 20:20, ?ukasz Michalski via samba wrote: >>> W dniu 2019-07-18 o?18:46, Rowland penny via samba pisze: >>> >>> I changed uid, sAMAccountName, msFU30Name from 'foo' to 'bar' using >>> ADUC

All, I wonder if someone can give me an idea what the file "netsamlogon_cache.tdb" contains... as I have noticed that I can be added to a group, and access will not appear on the Unix side for a good deal of time... but if I stop Winbind, remove the file "netsamlogon_cache.tdb", and re-start everything, it will then work. Can anyone tell me what the purpose of this file is,

I am using the following in my smb.conf on samba-3.0.28-0.el5.8 idmap domains = MYDOMAIN idmap config MYDOMAIN:backend = rid idmap config MYDOMAIN:base_rid = 998 idmap config MYDOMAIN:range = 998 - 49999 idmap uid = 998-20000 idmap gid = 998-20000 template homedir = /home/users/%U # template primary group =

Em 12/12/2018 17:39, Rowland Penny via samba escreveu: > The above lines are only applicable for Samba >= 4.6.0 > Add: winbind nss info = rfc2307 > remove the last two lines, see here for more info: > > https://wiki.samba.org/index.php/Idmap_config_ad Oh, God! Vacation is coming... Thank you for such obvious correction. BUT I edited smb.conf the right way, removed

Hi I have an issue with winbind where new information isn't being transferred from my PDC. One of my users has changes their second name, and I have added another user. When I run getent passwd safa on the domain controller I get his new name, when I run it on the domain server it returns the old information. My new user doesn't show up with getent passwd or id. I have tried

Hello, I've set up winbindd to authenticate local users against our active directory servers and everything works fine. I see plenty of the following lines in my logs and I'm wondering if someone can help me troubleshooting this: [2011/03/31 15:15:02, 10] winbindd/winbindd_cache.c:cache_retrieve_response(2666) Retrieving response for pid 8749 [2011/03/31 15:15:02, 7]

Hello, I'm using samba 3.0.31 and seems to have an issue with getting user's groups info. It works like a Swiss Watch when I start winbindd and do "id username" for a given user however, if I add that user to one more group on the domain and issue "id username" I don't get the up to date info. My expectation was that after some time, if I issue "id

Hi, All >From the winbindd man page, there should be winbindd_idmap.tdb to store the sid/uid/gid mapping. But in my setup, i can't find it. I can only see winbindd_cache.tdb. Can you tell me how to generate winbindd_idmap.tdb? --smb.conf-- [global] idmap uid = 10000-1000000 idmap gid = 10000-1000000 idmap backend = rid winbind enum users = no winbind enum groups = no winbind

I'm using Samba 3.0.33 (RHEL 5) to connect to a Windows 2008 active directory server. I am restricting SSH logins to a particular AD group. The users allowed to login will change frequently, so it's important to me that their group membership is updated when their access to this server is granted or revoked. The problem that I keep running into is that group membership on the

Hello, according to 'man smb.conf': Default: winbind cache time = 300 I have not changed it in smb.conf, but when I remove some user from some group, command "groups DOMAIN+user" still shows that user belongs to the group even after a few hours after removing the user from that group. Any ideas why? samba 3.0.15pre2. Regards, Nerijus

I've been playing with joining RHEL4 (CentOS) machines to a Win2k3 Active Directory. I've got everything pretty well squared away, except that the linux box never seems to see changes to users' group memberships. For example, I created a user, testuser, who initially just a member of Domain Users. I logged into the linux box with testuser successfully and both 'id' and

I think we're suffering from bug 8641 at the moment: https://bugzilla.samba.org/show_bug.cgi?id=8641 where the netsamlogon_cache.tdb entries are not expiring. We use AD groups for our (redhat) server auth, and also use server-side group auth for NFS (with the --manage-gids flag). So if a user is not in a group on the server, they're denied access to files as per group permissions.

I've been running a couple Centos5 and RHEL4/5 servers with samba for a while now and everything has been working great with our Windows 2003 AD. All of a sudden though I'm experience something really weird on one of the RHEL5 boxes. Whenever I try to connect as a Domain Admin from one particular Vista client, I get access denied and repeated prompts for a username/password - this has

I'm pretty sure you need to clear your winbind cache after modifying the range. I can't find any official documentation on it anywhere, but I think the process goes like: systemctl stop winbind systemctl stop smbd net cache flush systemctl start winbind systemctl start smbd If that doesn't work you could try clearing the tdb files and the group mapping ldb file in /var/lib/samba (