Displaying 20 results from an estimated 50000 matches similar to: "Security in relation to samba"
2014 Dec 06
1
OpenLDAP proxy to samba4 AD
Rowland,
The *openldap* will be the same that is already working on our campus
(technological courses).
I have samba3 on a freebsd, but the samba4 I will switch to Debian.
I believe that in addition to the *smb.conf*, I have to also copy the
following folders:
*/etc/samba/*
*/var/lib/samba/*
Proceeds?
On Sat, Dec 6, 2014 at 2:23 PM, Rowland Penny <rowlandpenny at googlemail.com>
wrote:
2014 Dec 06
2
OpenLDAP proxy to samba4 AD
I greatly appreciate the answers. Are of great value to me and to others
who like me do not have much experience.
Another question. :D
I believe that we will use debian as distribution for the new Samba4. What
I need to copy from the old to the new distro?
On Sat, Dec 6, 2014 at 12:49 PM, Rowland Penny <rowlandpenny at googlemail.com>
wrote:
> On 06/12/14 14:32, Elias Pereira wrote:
2014 Dec 22
5
Net groupmap list strange result
On 22/12/14 17:47, Elias Pereira wrote:
> And now, I run the command "samba-tool user list" and the result is as
> follows:
>
> *# samba-tool user list*
> *ldb_wrap open of secrets.ldb*
> *Could not find machine account in secrets database: Failed to fetch
> machine account password from secrets.ldb: Could not find entry to match
> filter:
2014 Dec 06
4
OpenLDAP proxy to samba4 AD
Hello Marc,
I appreciate your response, as well as the other members. Reading your
answer, I believe I found what I wanted. Option 3, the principle is what I
need right now. I'll try to explain.
Today in production, we have the samba3 + openldap. The samba3 is installed
on a freebsd, but has some problems that we can not detect. My boss does
not want to drop the openldap now. We have
2015 Oct 09
4
Migrate directories and files
hello guys,
In my tests lab did the migration ldap base of the old samba3 to Samba4
ADCD.
It's possible to migrate directories and files from users of the old samba3
to Samba4 ADDC?
--
Elias Pereira
2015 Mar 24
6
Samba4 + external ldap
After some reading and attempts, I managed to set the Samba4 with the
external openldap.
I tried to add a user through the command "smbpasswd", but an error
occurred, which follows below:
root at sol:~# smbpasswd -a billy
>
> smbldap_search_domain_info: Searching
>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>
> smbldap_open_connection: connection
2014 Dec 06
2
OpenLDAP proxy to samba4 AD
We already have a Openldap in production, with a samba3. What I am wanting
to do is install the Samba4, and still continue to use the "openldap" for
authentication of users in various services that are operating.
You think it's possible?
On Sat, Dec 6, 2014 at 2:41 AM, jacek burghardt <jaceksburghardt at gmail.com>
wrote:
> DO you mean using samba as ldap ? I am using
2015 May 21
4
Import idmap database error on classicupgrade process
>
> Then why can the upgrade not contact the ldap server ?
I dont know! :(
Was ldap running on another computer before ?
I installed a temporary openLDAP backend on the new host.
Can you post the smb.conf from the old PDC ? the one you are trying to
> upgrade from.
I sent my smb.conf to your private e-mail.
On Thu, May 21, 2015 at 3:08 PM, Rowland Penny <rowlandpenny at
2014 Dec 05
3
OpenLDAP proxy to samba4 AD
Someone managed to put to work the Samba4 with the openldap using
authentication through proxy?
Follow samba wiki, researched enough elsewhere, got some things but not
getting a total success.
I would like the opinion of more experienced friends.
Att.
--
Elias Pereira
2023 Apr 14
1
eduPerson schema on samba4
hi,
I created a lab to test adding the eduPerson schema.
I took the schema from the link below and followed the wiki to add the
schema.
hxxps://
github.com/REFEDS/eduperson/blob/master/schema/activedirectory/eduPerson.adschema.ldf
I split the ldif into 3 parts.
attrs.ldif
classes.ldif
auxiliaryClass.ldif
At first there was no error when adding the ldifs with the commands given
in the wiki. To
2017 May 09
1
samba4 AD - some doubts and concerns
Thanks Adam for your answer!! "not enter the domain" means that the machine
not found our domain (samba3 pdc/nt4) for auth.
-------------------------
What is the best way to put a new samba4 AD server on the "air"?
*Note*: *Today I have samba3 nt4 and at the moment I can not just turn it
off and start another. I need to do this side by side.*
On Tue, May 9, 2017 at 5:28 PM,
2015 Mar 24
2
Fwd: Samba4 + external ldap
On 24/03/15 18:40, Elias Pereira wrote:
> I had tried with the "root", but also gave error: *Could not find the
> username.*
>
> The first time this happened I ran the following command:
>
> root at sol:~# smbpasswd -a root
> smbldap_search_domain_info: Searching
> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
> smbldap_open_connection: connection
2020 Sep 29
1
samb4 DC on aws
Andrew,
Just passing the public IP of our samba to samba_dnsupdate is enough to
replicate the data correctly?
samba_dnsupdate --verbose --all-names --current-ip=PUBLIC_IP
On Fri, Sep 25, 2020 at 6:39 AM Andrew Bartlett <abartlet at samba.org> wrote:
> On Thu, 2020-09-24 at 14:59 -0300, Elias Pereira via samba wrote:
> > Hello,
> >
> > Has anyone already installed
2018 Jan 11
2
Deploy software in fileserver folder
Hey Luke, thanks for the help!!! It's working now!!!
God bless you and your family!! :D
Remember that GPOs need to run as the context of either the computer or the
> user. Computers typically do not have access to many folders on a file
> server, even as "Everyone". That is why the NETLOGON folder works.
>
> If you're deploying as a USER configuration, then it
2018 Jan 10
2
Deploy software in fileserver folder
Which GPO? Computer or User Configuration?
Remember that GPOs need to run as the context of either the computer or the
user. Computers typically do not have access to many folders on a file
server, even as "Everyone". That is why the NETLOGON folder works.
If you're deploying as a USER configuration, then it should run as the
context of the user, meaning the Everyone permission
2018 Jan 11
2
Deploy software in fileserver folder
Hi Elias,
> I thought it worked, but after I uninstalled the software that I deployed
> via user scope, it did not reinstall. I selected the "Redeploy application"
> option, but it also did not work.
The user scope GPO are run with the privileges and access tokens of the
logged on user, so the user have local admin rights for install and need
access rights to the share you
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
The saga continues...
I've spent a whole day with log level 5 and 7 and no error. All I have to
do is return the log to the default and the error reappears.
I monitored the "LDAP Query: Duration", but I didn't notice any crashes in
the queries.
I don't know if it's a long time, but some queries took 1.5s.
Is there anything else I can do?
On Mon, Mar 25, 2024 at
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
1.5 seconds is pretty long, I would look into what those queries are.
I would also look into repeated queries, sometimes these things are
clients stuck in a loop where they don't complete because they expect
some termination condition.
Andrew Bartlett
On Tue, 2024-04-02 at 09:25 -0300, Elias Pereira via samba wrote:
> The saga continues...
> I've spent a whole day with log level 5
2024 Apr 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
Hello Andrew,
1. What is the explanation for the fact that when the log level is set to 5
or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but when it is at the
default log level, it does?
Another point I've noticed before is that when I run the command
"samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes" (*Checked
15337 objects (0 errors)*), and in another
2016 Aug 05
2
Samba4 with external bind - best practices?
You do what you want!
The point is the clients must resolve everything.
You have two options:
A - client resolver is non-DC DNS server: here the non-DC DNS server must
be configured to forward DNS requests about AD to AD DNS servers (to DCs)
B - client resolver is AD DNS server: here AD DNS server(s) used as
resolver(s) must be configured to forward any non-AD DNS request to non-DC
DNS server.