similar to: roaming profile does ­not ­work for "Domain Adm­ins"

Hi list, I am experimenting with two member servers (both samba4). I am using following configuration: membersrv:/etc/samba/smb.conf: ========================== [...] username map = /etc/samba/smbmap [...] membersrv:/etc/samba/smbmap: ========================= !root = MYDOM\johndoe MYDOM\foo MYDOM\bar MYDOM\Administrator Administrator So the domain users from my AD called "John Doe",

Hello list, I am facing an issue which I cannot explain myself. The roaming profiles don't work for users that are members of the group "Domain Admins". The [profiles] share on the member server was configured exactly as explained on the wiki for roaming profiles. It works like a charm for all domain users, *BUT*: if a user is member of the group "Domain Admins" it

Hello list, I am using the Microsoft ADUC (Active Directory Users & Computers) tool from the RSAT suite for creating and modifying my domain users. I am aware of the "copy" functionality which really is very nice to use. Unfortunately I am missing two important actions during the user-creation process which I try to describe: 1.) When I use the template feauture (by using the

Hey all, I decided to use the default ranges in the smb.conf of my member server, so I changed my smb.conf and it looks like that: ================================================== [global] netbios name = MEMBERSRV workgroup = MYDOM security = ADS realm = MYDOM.EXAMPLE.COM encrypt passwords = yes idmap config MYDOM:backend = ad idmap

> Comment from Rowland: > [...]an AD user without a uidNumber is merely a windows user Hi Rowland, just for my understanding, I have a question. If a domain user in my samba4 AD domain does not have been assigned with a "uid" on the [UNIX Attribute] tab of my ADUC tool, that user in general *cannot* access any of the shares of that particular member server? Is that correct? My

Hello, I am running Samba 4.1.12/Sernet on Debian Wheezy 64bit and I am about to setup my member server. The DC was provisioned with rfc2307 and extended attributes. I have assigned to the domain group called "Domain Users" the GID=10000. My member server was prepared with ACL+user_xattr and winbind support. My /etc/nsswitch.conf is using "winbind" for passwd+group, and

Hello list, using AD with rfc2307 provisioned and NIS extensions are available. In ADUC tool I choose the group "Domain Admins" and click on the [UNIX Attributes] tab. I activate it for my domain and choose the GID=500. When I execute on my member server "net cache flush && getent group 500" I get the result domain admins:x:500:johndoe,name1,name2 So far so good,

Hello list, my DC and member server is running Samba 4.1.12. The DC was provisioned with rfc2307 and NIS extensions. Through ADUC tool and the [UNIX Attribute] tab I assigned a uid to the AD user "testuser1" and I also assigned a gid to the AD group "Domain Users". The member server was configured according the official wiki of samba.org. Winbind was configured on the member

I am migrating a Freebsd 8.2 Samba 3.5.11 system to Freebsd 9.1 Samba 4.0.4. I copied over all of the users home directories, local accounts, and the tdb files. I ran the classic upgrade tool, got the server up and running, and users could login however they were on fresh local profiles rather than roaming profiles. In the log file for the station, I found the following message [2013/04/13

Greetings everybody! I'm trying to figure out how to get compiz install error-free in a prefix other than /usr. Because I currently don't "trust" compiz-packages on Ubuntu EdgyEft I have it install upstream to /home/mirco/compiz. I call configure like this: ./configure --prefix=/home/mirco/compiz --enable-librsvg --enable-gtk --enable-metacity --enable-dbus

Hi, i'm getting a coredump on a specific msg, i've attached the gdb. file on disk i noticed W=<vsize> is missing. 1571209735.M744550P1608.rwvirtual65,S=15886:2,S Best regards, mail.log Oct 18 14:41:39 rwvirtual10 dovecot: imap(johndoe at company.nl)<15868><qjTFpy6VPsMKAAok>: Error: Mailbox INBOX.Debug: UID=1041: read(/data/mail/

> Why do admins think they can enter people's private areas? It's nothing > to do with you. You are merely there to make sure the computers work. So > do just that. You do not dictate what others put in their profile. Just > leave your users alone. When they have a problem they will tell you. > Otherwise stay out. > Jo I know that my english is not very well as

This is the user DN: > cn=Klara Fall,ou=People,dc=[domainname],dc=de According to your Dovecot configuration > auth_bind_userdn = cn=%u,ou=People,dc=**[domainname]**,dc=de if you login with "klarafall" it will be expanded into cn=klarafall,ou=People,dc=[domainname],dc=de which is not the correct DN for Mrs Klara. So if you login with "Klara Fall" it should work,

Hello everybody, What is the best way to delete an user mailbox (ex: /var/mail/johndoe ) when all attachments (for all users) are in a common directory with SIS deduplication (ex: mail_attachment_dir = /var/mail/attachments ) ? Trying to delete user mailbox directory (rm) and do the command : doveadm -v purge -u johndoe leave all johndoe's attachments orphelin. Best regards,

I'm having a great deal of difficulty with integrating dovecot 2.0.9 with a new installation of samba4 4.1.11 and would appreciate anyones help who has this working. *Problem 1:* if dn= cn=Administrator,dc=ourhome,dc=net with dnpass = ***** ---------------I get NT_STATUS_LOGON_FAILURE but dn = "Administrator at ourhome.net" with dnpass = **** works I guess I shouldn't complain

On 01/12/14 00:08, ?? wrote: > Rowland Penny,??: > I test id Administrator as the wiki. > I run > chown Administrator(or other DomainUser) file I got > invalid User :Administrator > > ------------------ > ?? > 2014-12-01 > > ------------------------------------------------------------- > ????Rowland Penny > ?????2014-11-28 17:59:18 > ?????? >

So, a little bit more investigation shows a problem with idmap -> User - BUILTIN\Administrator uid = 30000 Group - BUILTIN\Administrators gid = 3000000 Group - SAMDOM\Domain Admins gid = 60000 POSIX file ownership is becoming 3000000:60000 It seems that the Administrators group group is set as the owner. What's more, 'Administrators' group name is not mapped when I list the

I have seen mentioned in other posts that when joining a DC with your linux client there is a way to do it and NOT use Powerbroker Open (new name for Likewise-Open). Where do I find this procedure? -- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] "Everyone deserves an award!!" Links: ------ [1]

Hello, I have a mixture of Polycom SP IP 500 and 300 phones. I have been reading through the administration manual to try and solve this problem, but I do not seem to be able to find the answers to my question. I figured I would ask here and see if anyone has some suggestions. The problem is kind of annoying. After dialing 4 digits, the phone seems to pause and miss the 5th digit, often

Hi, I'm having problems accessing home directories though NFS. This setup uses LDAP and Kerberos. Users defined on the local host work fine. This is what dovecot writes in the logs while trying to log in as the user johndoe: ---- Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnecting to LDAP server... Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnected to LDAP server after 1