similar to: Samba 4.2rc2 and winbindd

On Thu, 2020-02-13 at 15:07 -0800, Johan Hattne via samba wrote: >> Dear all; >> >> I'm trying to use winbindd to resolve names in an AD setup. I can >> authenticate just fine, but I've noticed that for some users "getent >> passwd" returns a GECOS field populated with displayName from the LDAP >> servers and for others is does not. For

I finally got to test it and it works OK something really strange is occurring though It works good as follows except for groups but I'll look at that latter as I see others have mentioned some issues with groups here is my /etc/samba/smb.conf security = ads realm = DOMAIN.LONG workgroup = DOMAIN idmap config * : backend = tdb idmap config * : range = 900-999 idmap config

On 01/12/14 19:19, Jeremy Allison wrote: > On Mon, Dec 01, 2014 at 11:14:59AM -0800, Greg Zartman wrote: >> On Mon, Dec 1, 2014 at 11:09 AM, Rowland Penny <rowlandpenny at googlemail.com> >> wrote: >> >>> NO NO I can't take anymore :-D >>> >>> Please read the rest of the thread, it will explain all. >> >> People seriously use

On 07/11/15 17:47, Jonathan Hunter wrote: > On 7 November 2015 at 17:01, Michael Adam <obnox at samba.org> wrote: >> Also, for all I know, the DC always has local unix user and group >> IDs, and does NOT use the rfc2307 attributes for this. (Unless >> this has changed recently, but I can't imagine how.) So there is >> nothing wrong with samba not using the rfc

I have 2 Ubuntu 12.04/samba 4 servers acting as DCs for my Domain. I provisioned the Domain by using the classicupgrade (prior authentication was LDAP+Samba). I have added some new test users. I also have two files servers. One is running RHEL 5.9/Samba 3, the other Ubuntu 12.04/Samba 4. Users that have their home directories and profiles stored on the RHEL5.9/Samba 3 fileserver work correctly.

Hi all On latest samba 4.2.1 I have provisioned a new domain on DC1 that successfully reads RFC2307 attributes set on a user account through ADUC. wbinfo (correct uid gets resolved from sid) wbinfo -n fsmith S-1-5-21-1273750850-484487853-1026460749-1120 SID_USER (1) wbinfo -S S-1-5-21-1273750850-484487853-1026460749-1120 1000006 ldbsearch sudo ldbsearch -H

On Mon, 30 Oct 2017 10:58:01 -0600 Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > nope that just brute forced homedir and shell. It'll work for what I > want this machine for but I'd like to get the homedir and shell from > AD > The only real thing running authconfig did to the smb.conf was to add: password server = MIND.UNM.EDU You shouldn't need this,

Trying out 4.2.0 rc2 and winbindd. Below is the AD DC's smb.conf. Samba on the AD DC is updated from 4.1.3. I'm having trouble getting uid-/gidNumbers. Just xidNumbers are displayed. All domain account and groups have got it assigned. What did I miss? Is it possible that the outcome from the commands run on the AD DC is a product from the fact that the domains NetBIOS-name is EXAMPLE and

On Sat, 15 Feb 2020, Rowland penny via samba wrote: > On 15/02/2020 19:15, Steve Thompson via samba wrote: >> Now I am using samba 4.11.6 on CentOS 7.7, patched up to date. > Have you compiled Samba yourself, or are you using Samba packages and if so, > where from ? >> The DC, on a KVM VM, is the only node configured so far. I am using >> winbind in place of sssd

Thank you Rowland for looking at it. I did read the wiki here https://wiki.samba.org/index.php/Idmap_config_ad that is how I got as far as I did; that and the idmap_ad man page. I could not find how to use the loginShell is there a variable I can use for it in the template or an option to set to use it? loginShell and unixHomedir are not mentioned on the wiki that I could find. I'm good with

Hi, how can i get work Samba 4 Sernet 4.1.7 correctly with NIS. Ist provisioned with rfc2307. When i query a User withi get the following. getent passwd testswi SWI\testswi:*:10000:100:testswi:/home/SWI/testswi:/bin/false I want to change /bin/false to a other value /bin/bash I tried many things to change the value. 1. ldbedit -e vim -H /var/lib/samba/private/sam.ldb samaccountname=testswi

But that doesn't work for me. As I am saying If I set it like that I only see 7 domain users with getent passwd experimenting I see if I set idmap config * : range = 2000-7999 idmap config DOMAIN:range = 8000-99999 I see all my users. which is really odd because all my users have uids above 10000 What other trouble shooting steps can I take to see why this is acting this way? I edit

Hi In Samba3, I have full rfc2307 compliance via winbind where all attributes can be obtained from AD. In Samba4 I only have partial rfc2307 compatibility with: idmap_ldb:use rfc2307 = yes uidNumber and gidNumber can be obtained from AD but uinxHomeDirectory and loginShell are missing. The workarounds are to use the winbind [homes] share and link from there to the real unixHomeDirectory or

On Mon, Dec 1, 2014 at 1:33 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > >> I do what windows does, it ignores the RID (what you call 'the last set > of digits from SID') and uses a builtin mechanism to store the next uid & > gidNumber. The builtin users/groups use the RID for the GID/UID. If you create a user and then goto to the

2016-06-13 18:27 GMT+02:00 Rowland penny <rpenny at samba.org>: > On 13/06/16 13:13, mathias dufresne wrote: > >> I loved to find out how to achieve that. >> >> I did looked for information, all I found was that: >> >>

Version 4.0.6-GIT-4bebda4 Hi I have sssd up and running. It works fine except that getent only returns domain users if I specify the object e.g. getent passwd and getent group return only local users but getent passwd steve2 steve2:*:3000034:20513:steve2:/home/users/steve2:/bin/bash and getent group Domain\ Users Domain Users:*:20513: work fine. /etc/nsswitch.conf passwd: compat sss group:

I could use some input to point out the error in my configuration, which eludes me. Previously I operated a 225-node cluster with samba 4.3 and sssd on the Linux boxes. Everything worked OK. Now I am using samba 4.11.6 on CentOS 7.7, patched up to date. The DC, on a KVM VM, is the only node configured so far. I am using winbind in place of sssd (my first experience with winbind). BIND9_DLZ

Hi all, Still looking for the best way to achieve consistent GID/UID mapping on Linux servers/clients, in heterogeneous environment (Linux, Windows, CIFS, NFS). Current problems with UID/GID resolution prevents from using Samba4 in environment with backups (where data may be restored on another server) and mixed Linux/Windows workstations. Just recently installed fresh Samba 4.1.0 on the server

On 02/04/15 13:38, buhorojo wrote: > On 02/04/15 14:09, Rowland Penny wrote: >> On 02/04/15 12:41, buhorojo wrote: >>> On 02/04/15 12:48, Rowland Penny wrote: >>>> On 02/04/15 11:37, buhorojo wrote: >>>>> On 02/04/15 12:19, Rowland Penny wrote: >>>>>> On 02/04/15 11:05, buhorojo wrote: >>>>>>> On 02/04/15 11:27,

On 14/06/16 18:46, Juan Ignacio wrote: > Yes, im run ´´net cache flush´ on ADDC and MEMBER SERVER. > > Im using Win10, And Win7 > > > OK, if you are running RSAT on a windows 10 machine, can I suggest you use a windows 7 machine instead, it is my understanding that win10 no longer has the Unix attributes tab. If you use ADUC on a win7 machine, you can install IDMU, this will