Displaying 20 results from an estimated 20000 matches similar to: "nslcd samba 4.1 and FreeBSD 10"
2014 Oct 05
1
What is wrong with my nslcd configuration?
I can't get my domain users presented to my local machine with getent
passwd and the wiki
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
doesn't give me any steps troubleshoot this issue. My best guess it that
I configured the user account incorrectly or I configured nslcd
incorrectly. I can't exactly see what is the problem.
I get these messages from
2014 Nov 19
1
Cannot bind to AD using nslcd
Hi Again - following on from my last request for help, I'm now attempting to
setup LDAP auth against my working samba4 AD.
Simplistically, I'm trying initially to SSH into my AD server (working)
using nslcd.
I've tried method #1 from
https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns
lcd
My simple config is:
uid nslcd
gid nslcd
uri
2013 Jan 25
2
Samba4 Winbind - is it really not possible to be sensible?
Samba3 allowed for the setting of idmaps and passdb backends to
configure how users were pulled in. This made integrating with existing
LDAP databases, other other forms of authentication easy, since Samba
could be configured to present the same UID and GID as directly from the
[insert other auth method here] system. All was good.
Unfortunately Samba4 seems to have removed much of that
2012 Dec 14
5
Samba4 LDAP ACLs - access to POSIX attributes from a non-admin account
In our current testing environment, we are using nslcd to get user and
group information from the Samba4 LDAP server, using the last part of
objectSid as uidNumber. The configuration is designed to pull down
unixHomeDirectory and loginShell if they exist, but they default to
standard values if they do not. nslcd on each machine binds to LDAP
using a dedicated user account, nslcd-service, and
2012 Jul 12
2
nslcd service - "Client not found in Kerberos database"
Hi,
I am trying to configure the nslcd service on an Ubuntu client for kerberos
authentication against samba4. My /etc/nslcd.conf contains the following:
uid nslcd
gid nslcd
uri ldapi:///cofil01.mydomain.net
base dc=mydomain,dc=net
sasl_mech GSSAPI
krb5_ccname FILE:/tmp/host.tkt
I have added the host principal "host/ubuntu-test.mydomain.net @
MYDOMAIN.NET" to /etc/krb5.keytab on both
2013 Jul 08
1
Samba 3 member server connected to Samba 4 DC (using nslcd)
Hi all,
I am having a problem connecting a Samba 3 member server to my newly
created Samba 4 DC.
I am using nslcd at the Samba 4 end successfully and this has allowed me to
login using domain accounts - I've also got this working with visudo and
/etc/security/access.conf to control sudo access with groups created on the
DC. All good.
My problem is that I have a Samba 3 member server
2013 Aug 28
2
nslcd: kerberos vs. simple bind
Hello,
I took this out of the "OpenSSH auth in SAMBA4 LDAP" thread, because it
was drifting away from it's origin question :-)
I played this afternoon a bit with nslcd and kerberos for extending my
Wiki HowTo. But as more as I read, one question comes bigger and bigger:
What are the advantages of kerberos against simple bind with DN and
password?
Simple bind method: Create a
2016 Feb 02
2
samba_upgradedns returned an error "Unable to find uid/gid for Domain Admins "
Hi again,
Am Dienstag, 2. Februar 2016, 12:09:59 CET schrieb Rowland penny:
> On 02/02/16 11:26, Markus Dellermann wrote:
> > Am Dienstag, 2. Februar 2016, 09:51:03 CET schrieb Rowland penny:
> >> On 01/02/16 22:24, Markus Dellermann wrote:
[....]
> Ok, there are two schools of thought here, you can give Administrator a
> uidNumber attribute, but this, as far as Unix is
2015 Nov 16
1
Change default samba 4.1. ACL behaviour
I use samba 4.1 as dc with acl. I have user with uid 3000023. However, I don't have group with guid 3000023. However, when this user creates a folder samba in acl list creates permissions for group 3000023 and as result I have broken link.
Rowland Penny (thanks to him) said that I could see the type: ID_TYPE_BOTH setting in /usr/local/samba/private/idmap.ldb.
As I understood I must change
2013 Jan 31
1
Strange nslcd error with ldap database
Greetings,
I've got a S4 DC joined to a Windows 2008 R2 DC. I'm using the s4bind scripts to add uidNumber/gidNumber/etc entries to LDAP, and I've got nss-pam-ldap installed on the S4 server. I had this working back in December, but since installing the latest stable build, getent passwd is throwing this error,
[8b4567] <passwd="myuser"> passwd entry
2015 Apr 20
2
NSLCD works, do I need RFC2307 extensions enabled in AD as well?
Hi Rowland,
On Mon, Apr 20, 2015 at 10:29 AM, Rowland Penny <rowlandpenny at googlemail.com
> wrote:
> OK, I understand a bit better where your problems lie. I would still use
> backports, supported code is (hopefully) better code :-)
>
I am certainly willing to do that.
>
>
>>
>> I'd be willing to do that if it got me support for UPN names (see below)
2017 Nov 05
3
ntfs user mappings?
On Sat, 4 Nov 2017 18:42:36 -0600
Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> I decided to continue trying the ldap route as well
>
> littlehex2int()
> {
> hex=$1
> hex_chunk=$(echo ${hex}|cut -c$2-$3)
> little=$(echo ${hex_chunk}|awk '{print
> substr($0,7,2)substr($0,5,2)substr($0,3,2)substr($0,1,2)}')
> echo "ibase=16; ${little}" |
2013 Jan 03
1
samba-tool domain classicupgrade with LDAP backend
Hi
I am testing the migration from our actual Samba domain, based on Samba
3.3.8 and LDAP (389DS) to Samba 4. I have followed the Samba4 Howto, and I
have successfully compiled it. Now I am running the classicupgrade command,
but I am getting some errors.
First of them is that the script is ignoring the "ldap group suffix"
parameter in smb.conf, and is always searching in the
2009 Mar 26
1
Problems with idmap_adex module
Hi Guys,
I'm having problems getting the new idmap_adex module to work.
When using the idmap_adex plugin I get the following:
# wbinfo -n administrator
S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-500 User (1)
# wbinfo -i administrator
Could not get info for user administrator
As expected attempting to lookup user & group info via commands which use libnss also fail.
The
2013 Aug 15
2
Remote linux auth vs samba4: winbind or nslcd + openldap.
I'm lost in documentation.
I setup a samba4 AD, and configured winbind so I can have local
authentification using pam, I can now login to AD users v?a ssh.
I want to achieve the Holy Gria of 1 source of users and password, for
both, linux and windows machines, but I'm lost in documentation.
So far I know:
samba4 cann't use openldap as backend.
samba4 ldap doesn't really is a full
2019 Sep 18
2
Sync UID/GUI between two DCs
Am 18.09.19 um 16:17 schrieb Rowland penny:
> On 18/09/2019 03:41, Simeon Peter via samba wrote:
>> I would remove any uidNumber & gidNumber attributes from the
>> following users (if set):
>>> administrator
>>> guest
>>> krbtgt
>> Administrator has a uidNumber since long time and owns some files.
>> Are there disadvantages if I leave his
2007 Jul 26
8
Read-only (forensic) mounts of ZFS
Hi
I''m looking into forensic aspects of ZFS, in particular ways to use ZFS tools
to investigate ZFS file systems without writing to the pools. I''m working on
a test suite of file system images within VTOC partitions. At the moment,
these only have 1 file system per pool per VTOC partition for simplicity''s
sake, and I''m using Solaris 10 6/06, which may not
2015 Apr 17
5
NSLCD works, do I need RFC2307 extensions enabled in AD as well?
Hello all,
I've just installed Samba 3.6.6 from the Debian Stable repo. I want to use
this linux box as a smb file server for windows clients.
I installed NSLCD to allow users in AD to authenticate against my linux
server per
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
getent passwd and getent group returns domain users with UID mappings like:
tempuser
2013 Aug 28
1
Problem with nslcd and samba
Hi,
I try to use nslcd with samba 4 for get suers and group for AD.
if I do a ldapsearch, I have a message :
Server not in kerberos database
if I do a getent passwd, nslcd display same error message.
log of samba4:
[2013/08/28 10:15:47, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ Administrator at CORMANDOM.INT-CORMAN.BE from
2019 Jun 03
3
How to fix mapping Administrator to root
Thanks, Rowland , 'net cache flush' solved my problem. but I found that I can't access any share in \\myshare.
some related configurations in my smb,conf
....
access based share enum = yes
hide unreadable = yes
username map = /etc/samba/user.map
I can't see any share folder of my fileserver in fsmgmt.msc. and I run "smbstatus -b"
PID Username Group