Displaying 20 results from an estimated 30000 matches similar to: "Samba 4.2rc2 and winbindd"
2020 Feb 14
1
winbindd: getent passwd yields empty GECOS field
On Thu, 2020-02-13 at 15:07 -0800, Johan Hattne via samba wrote:
>> Dear all;
>>
>> I'm trying to use winbindd to resolve names in an AD setup. I can
>> authenticate just fine, but I've noticed that for some users "getent
>> passwd" returns a GECOS field populated with displayName from the LDAP
>> servers and for others is does not. For
2015 Dec 07
3
template shell RFC2307 loginShell
I finally got to test it and it works OK
something really strange is occurring though
It works good as follows except for groups but I'll look at that latter as
I see others have mentioned some issues with groups
here is my /etc/samba/smb.conf
security = ads
realm = DOMAIN.LONG
workgroup = DOMAIN
idmap config * : backend = tdb
idmap config * : range = 900-999
idmap config
2014 Dec 01
2
uidNumber. ( Was: What is --rfc2307-from-nss ??)
On 01/12/14 19:19, Jeremy Allison wrote:
> On Mon, Dec 01, 2014 at 11:14:59AM -0800, Greg Zartman wrote:
>> On Mon, Dec 1, 2014 at 11:09 AM, Rowland Penny <rowlandpenny at googlemail.com>
>> wrote:
>>
>>> NO NO I can't take anymore :-D
>>>
>>> Please read the rest of the thread, it will explain all.
>>
>> People seriously use
2015 Nov 07
4
idmap & migration to rfc2307
On 07/11/15 17:47, Jonathan Hunter wrote:
> On 7 November 2015 at 17:01, Michael Adam <obnox at samba.org> wrote:
>> Also, for all I know, the DC always has local unix user and group
>> IDs, and does NOT use the rfc2307 attributes for this. (Unless
>> this has changed recently, but I can't imagine how.) So there is
>> nothing wrong with samba not using the rfc
2013 Aug 24
2
issue with multiple Samba DC and uid/gid assignment.
I have 2 Ubuntu 12.04/samba 4 servers acting as DCs for my Domain. I provisioned the Domain by using the classicupgrade (prior authentication was LDAP+Samba). I have added some new test users. I also have two files servers. One is running RHEL 5.9/Samba 3, the other Ubuntu 12.04/Samba 4. Users that have their home directories and profiles stored on the RHEL5.9/Samba 3 fileserver work correctly.
2015 Apr 23
3
RFC2307 attributes not being read by DC2 in 4.2.1
Hi all
On latest samba 4.2.1 I have provisioned a new domain on DC1 that
successfully reads RFC2307 attributes set on a user account through
ADUC.
wbinfo (correct uid gets resolved from sid)
wbinfo -n fsmith
S-1-5-21-1273750850-484487853-1026460749-1120 SID_USER (1)
wbinfo -S S-1-5-21-1273750850-484487853-1026460749-1120
1000006
ldbsearch
sudo ldbsearch -H
2017 Oct 30
2
winbind rfc2307 not being obeyed
On Mon, 30 Oct 2017 10:58:01 -0600
Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> nope that just brute forced homedir and shell. It'll work for what I
> want this machine for but I'd like to get the homedir and shell from
> AD
>
The only real thing running authconfig did to the smb.conf was to add:
password server = MIND.UNM.EDU
You shouldn't need this,
2014 Nov 03
1
Samba 4.2.0 rc2 and winbindd, uid-/gidNumber and xidNumber
Trying out 4.2.0 rc2 and winbindd. Below is the AD DC's smb.conf.
Samba on the AD DC is updated from 4.1.3.
I'm having trouble getting uid-/gidNumbers. Just xidNumbers are
displayed. All domain account and groups have got it assigned. What
did I miss?
Is it possible that the outcome from the commands run on the AD DC is
a product from the fact that the domains NetBIOS-name is EXAMPLE and
2020 Feb 15
1
winbind question
On Sat, 15 Feb 2020, Rowland penny via samba wrote:
> On 15/02/2020 19:15, Steve Thompson via samba wrote:
>> Now I am using samba 4.11.6 on CentOS 7.7, patched up to date.
> Have you compiled Samba yourself, or are you using Samba packages and if so,
> where from ?
>> The DC, on a KVM VM, is the only node configured so far. I am using
>> winbind in place of sssd
2015 Dec 05
3
template shell RFC2307 loginShell
Thank you Rowland for looking at it.
I did read the wiki here https://wiki.samba.org/index.php/Idmap_config_ad
that is how I got as far as I did; that and the idmap_ad man page. I could
not find how to use the loginShell is there a variable I can use for it in
the template or an option to set to use it? loginShell and unixHomedir are
not mentioned on the wiki that I could find. I'm good with
2014 Jun 07
3
Samba 4 / idmap / NIS / winbind
Hi,
how can i get work Samba 4 Sernet 4.1.7 correctly with NIS. Ist provisioned with rfc2307.
When i query a User withi get the following.
getent passwd testswi
SWI\testswi:*:10000:100:testswi:/home/SWI/testswi:/bin/false
I want to change /bin/false to a other value /bin/bash
I tried many things to change the value.
1. ldbedit -e vim -H /var/lib/samba/private/sam.ldb samaccountname=testswi
2015 Dec 07
4
template shell RFC2307 loginShell
But that doesn't work for me. As I am saying
If I set it like that I only see 7 domain users with getent passwd
experimenting I see if I set
idmap config * : range = 2000-7999
idmap config DOMAIN:range = 8000-99999
I see all my users.
which is really odd because all my users have uids above 10000
What other trouble shooting steps can I take to see why this is acting this
way?
I edit
2012 Aug 10
1
Samba4: rfc2307 compatibility with Samba3
Hi
In Samba3, I have full rfc2307 compliance via winbind where all
attributes can be obtained from AD.
In Samba4 I only have partial rfc2307 compatibility with:
idmap_ldb:use rfc2307 = yes
uidNumber and gidNumber can be obtained from AD but uinxHomeDirectory
and loginShell are missing.
The workarounds are to use the winbind [homes] share and link from there
to the real unixHomeDirectory or
2014 Dec 01
5
uidNumber. ( Was: What is --rfc2307-from-nss ??)
On Mon, Dec 1, 2014 at 1:33 AM, Rowland Penny <rowlandpenny at googlemail.com>
wrote:
>
>> I do what windows does, it ignores the RID (what you call 'the last set
> of digits from SID') and uses a builtin mechanism to store the next uid &
> gidNumber.
The builtin users/groups use the RID for the GID/UID.
If you create a user and then goto to the
2016 Jun 14
3
Changing default UID/GID beginning for AD
2016-06-13 18:27 GMT+02:00 Rowland penny <rpenny at samba.org>:
> On 13/06/16 13:13, mathias dufresne wrote:
>
>> I loved to find out how to achieve that.
>>
>> I did looked for information, all I found was that:
>>
>>
2013 Apr 14
1
sssd getent problem with Samba 4.0
Version 4.0.6-GIT-4bebda4
Hi
I have sssd up and running. It works fine except that getent only
returns domain users if I specify the object e.g.
getent passwd
and
getent group
return only local users
but
getent passwd steve2
steve2:*:3000034:20513:steve2:/home/users/steve2:/bin/bash
and
getent group Domain\ Users
Domain Users:*:20513:
work fine.
/etc/nsswitch.conf
passwd: compat sss
group:
2020 Feb 15
4
winbind question
I could use some input to point out the error in my configuration, which
eludes me.
Previously I operated a 225-node cluster with samba 4.3 and sssd on the
Linux boxes. Everything worked OK.
Now I am using samba 4.11.6 on CentOS 7.7, patched up to date. The DC, on
a KVM VM, is the only node configured so far. I am using winbind in place
of sssd (my first experience with winbind). BIND9_DLZ
2013 Oct 28
1
How winbindd is working on DC/member? It ignores rfc2703 on DC, and not showing all users on member server... Where is a error?
Hi all,
Still looking for the best way to achieve consistent GID/UID mapping
on Linux servers/clients, in heterogeneous environment (Linux,
Windows, CIFS, NFS).
Current problems with UID/GID resolution prevents from using Samba4 in
environment with backups (where data may be restored on another
server) and mixed Linux/Windows workstations.
Just recently installed fresh Samba 4.1.0 on the server
2015 Apr 02
7
sssd-ad cannot be installed with sernet samba
On 02/04/15 13:38, buhorojo wrote:
> On 02/04/15 14:09, Rowland Penny wrote:
>> On 02/04/15 12:41, buhorojo wrote:
>>> On 02/04/15 12:48, Rowland Penny wrote:
>>>> On 02/04/15 11:37, buhorojo wrote:
>>>>> On 02/04/15 12:19, Rowland Penny wrote:
>>>>>> On 02/04/15 11:05, buhorojo wrote:
>>>>>>> On 02/04/15 11:27,
2016 Jun 14
3
Samba4 Domain Member Server "Getent show diferents UID"
On 14/06/16 18:46, Juan Ignacio wrote:
> Yes, im run ´´net cache flush´ on ADDC and MEMBER SERVER.
>
> Im using Win10, And Win7
>
>
>
OK, if you are running RSAT on a windows 10 machine, can I suggest you
use a windows 7 machine instead, it is my understanding that win10 no
longer has the Unix attributes tab.
If you use ADUC on a win7 machine, you can install IDMU, this will