similar to: Samba4: "­MYDO­M\Administrator" qui­te us­eless on a member

Hello list, I am using the Microsoft ADUC (Active Directory Users & Computers) tool from the RSAT suite for creating and modifying my domain users. I am aware of the "copy" functionality which really is very nice to use. Unfortunately I am missing two important actions during the user-creation process which I try to describe: 1.) When I use the template feauture (by using the

I am facing an issue which I cannot explain myself. The roaming profiles don't work for users that are members of the group "Domain Admins". The [profiles] share on the member server was configured exactly as explained on the wiki for roaming profiles. It works like a charm for all domain users, *BUT*: if a user is member of the group "Domain Admins" it *doesn't* :-(

Hi list, I am experimenting with two member servers (both samba4). I am using following configuration: membersrv:/etc/samba/smb.conf: ========================== [...] username map = /etc/samba/smbmap [...] membersrv:/etc/samba/smbmap: ========================= !root = MYDOM\johndoe MYDOM\foo MYDOM\bar MYDOM\Administrator Administrator So the domain users from my AD called "John Doe",

Hey all, I decided to use the default ranges in the smb.conf of my member server, so I changed my smb.conf and it looks like that: ================================================== [global] netbios name = MEMBERSRV workgroup = MYDOM security = ADS realm = MYDOM.EXAMPLE.COM encrypt passwords = yes idmap config MYDOM:backend = ad idmap

Hello, I am running Samba 4.1.12/Sernet on Debian Wheezy 64bit and I am about to setup my member server. The DC was provisioned with rfc2307 and extended attributes. I have assigned to the domain group called "Domain Users" the GID=10000. My member server was prepared with ACL+user_xattr and winbind support. My /etc/nsswitch.conf is using "winbind" for passwd+group, and

Hello list, my DC and member server is running Samba 4.1.12. The DC was provisioned with rfc2307 and NIS extensions. Through ADUC tool and the [UNIX Attribute] tab I assigned a uid to the AD user "testuser1" and I also assigned a gid to the AD group "Domain Users". The member server was configured according the official wiki of samba.org. Winbind was configured on the member

Hi, For several linux server on our network we want to allow the AD domain group called "MYDOM\Domain Admins" to login through ssh with their AD credentials. Our DC1 and DC2 are running on Debian 64bit using Samba 4.1.12/Sernet. I'm kinda confused, what exactly I need therefore. Do I need to setup a PAM_authentication as explained on that tutorial here?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I like to know what will happend if: - - one Domain with 2 DCs - - two Admins working on their Windows-ws with RSAT. - - Admin1 is connected to DC1 - - Admin2 is connected to DC2 - - Admin1 creats a user "u1" and a group "g1" - - then the two DCs will lose connection, the user and group is replicated to DC2 - - now Admin1

I'm having a little trouble adding my linux machine to my Windows NT domain... anyone know how to resolve this issue: [root@dev-zope-knox01 root]# smbpasswd -r admin1 -j CTI1 cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine ADMIN1. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.

Hi, I am trying to mount fileserver (samba, 10.20.30.16) shares on a linux domain member server, where I logged on via ssh using AD my credentials. I am unable to get past the "mount error(126): Required key not available" error message. I have read and googled a lot, and could use some help. See this: > domainuser at memberserver-45:~$ sudo tail -f /var/log/debug & >

Good morning Rowland and samba list ... Rowland Penny wrote on 03.07.2015 18:36:32: > From: Rowland Penny <rowlandpenny241155 at gmail.com> > To: samba at lists.samba.org, > Date: 03.07.2015 18:40 > Subject: Re: [Samba] Migration Samba3 -> Samba4: Accessing domain > member server is not working > Sent by: samba-bounces at lists.samba.org > > On 03/07/15

On 01/12/14 00:08, ?? wrote: > Rowland Penny,??: > I test id Administrator as the wiki. > I run > chown Administrator(or other DomainUser) file I got > invalid User :Administrator > > ------------------ > ?? > 2014-12-01 > > ------------------------------------------------------------- > ????Rowland Penny > ?????2014-11-28 17:59:18 > ?????? >

I have seen mentioned in other posts that when joining a DC with your linux client there is a way to do it and NOT use Powerbroker Open (new name for Likewise-Open). Where do I find this procedure? -- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] "Everyone deserves an award!!" Links: ------ [1]

Hello, I have a mixture of Polycom SP IP 500 and 300 phones. I have been reading through the administration manual to try and solve this problem, but I do not seem to be able to find the answers to my question. I figured I would ask here and see if anyone has some suggestions. The problem is kind of annoying. After dialing 4 digits, the phone seems to pause and miss the 5th digit, often

Hello all, I have really strange problem with Samba 4.1.0 - regarding only one user - Administrator. There are 2 servers: NAS (which is DC) and CHEETAH (Which is domain member). Have spent long time in efforts to sync UID/GID across servers (these are used both from Linux over NFS and from Windows) - and finally wrote the scripts to make all users/groups (even including the builtin one, like

As stated in subject. I suppose in 'DC mode' no, but as DM i can define an alias for the machine? Looking at: https://bugzilla.samba.org/show_bug.cgi?id=1703 seems 'yes' to me... Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078

Dear All, I am trying to find a way to stop people who use phones after business hours (a policy the company wants to implement), we have cisco 7940 and 7910 phones and sadly they don't have a phone lock password system (on these ciscos it locks config menu changes but not the calls but the cisco 7920 has this feauture). So I was wondering is there a way to make this happen in asterisk??

Hi 4.0.8 file server in a 4.0.8 domain After a user logs in on a Linux client which is joined to the domain, smbd is constantly looking for files which don't exist: Here is the file server log after a user login to a Linux client has settled down: [2013/08/24 18:43:24.748511, 3] ../source3/smbd/vfs.c:1140(check_reduced_name) check_reduced_name [steve2/.icons/gnome] [/home/users]

I try to set up two "Match Group" directives in sshd_config. I have an LDAP server. All users including admins are part of the LDAP group users. The admins users are also part of the LDAP group wheel. For example: [~]groups admin1 admin1 : users wheel [~]groups users user1 : users On a client server to LDAP, I try to configure two "Match Group" directives in sshd_config as

On Tue, 2017-12-05 at 16:14 +0100, mj via samba wrote: > We haved used it on a domain member server, yes. > > Only one thing: when you have a compteraccount memberserver$ in your AD, > you cannot use "memberserver" as an alias on another machine) And you should register any such alias as a servicePrincpalName. Andrew Bartlett -- Andrew Bartlett