Displaying 20 results from an estimated 2000 matches similar to: "ADS Domain Member Workgroup vs Realm"
2015 Feb 24
0
ADS Domain Member Workgroup vs Realm
I would say that workgroup = ZARTMAN should be right. Workgroups normally don't have dots in their name.
Than you should also try:
idmap config ZARTMAN:backend = ad
idmap config ZARTMAN:schema_mode = rfc2307
idmap config ZARTMAN:range = 10000-99999
One more thing is that it's not recommended to have a .local domain realm.
Have a look at this above glibc...
2015 Feb 23
1
Samba 3.6 AD Domain Member
I'm playing around with Domain Membership to a WIndows 2012 AD Server. It
appears I'm able to join the AD domain, but the domain member doesn't seem
to authenticate anything against the DC once joined. Here is my smb.conf
netbios name = Member
workgroup = ZARTMAN
security = ADS
realm = ZARTMAN.LOCAL
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and
2014 Oct 29
3
Samba4 provision, change private dir?
When you first provision an AD DC, is there a way to control where
samba-tool puts all of the AD data files?
--
Greg J. Zartman
Board Member
Koozali Foundation, Inc.
2755 19th Street SE
Salem, Oregon 97302
Cell: 541-5218449
SME Server user and community member since 2000
2016 Sep 11
2
Samba DNS Listening IP
Is it possible to change the DNS listening IP?
I'd like to run a dnscache service for primary LAN queries, but the only
way to do this with Samba seems to be iptables preroute configuration to
redirect port 53 requests.
Thanks,
--
Greg J. Zartman
Board Member, and Developer
Koozali SME Server
www.koozali.org
SME Server user, contributor, and community member since 2000
2014 Oct 25
4
Red Hat Implementation of Samba 4???
Does anyone know what Red Hat/Centos is going with Samba 4? I've looked at
their packages in COS 6.5 and 7 and it doesn't make sense. They seems to
be doing some kind of watered down or modified version of Samba 4 with some
of the tools disabled.
Are they still holding off from full AD implementation in their packages
because of the MIT Kerberos issues identified in previous
2014 Dec 28
1
Samba 4 Active Directory Quotas
On Sat, Dec 27, 2014 at 2:43 AM, Rowland Penny <rowlandpenny at googlemail.com>
wrote:
> Yes, samba4 comes with a script: oLschema2ldif
>
Humm... Not liking the errors in this method. Looking at the ldif, I
think we could rework this so that one could modify the LDAP schema
directly using LDAP syntax. In my case, I'm using Net::LDAP. Something
more like this:
dn:
2016 Oct 02
4
ldb-tools stand alone different than built-in?
I'm working with the Centos 7 packages for Samba 4.2.10 and I note that the
stock packages don't include the ldb tools (eg, ldbmodify, ldbsearch, etc).
I did find a stand along centos package that contains these tools from
here: https://wiki.samba.org/index.php/LDB
However, the stand along tools don't seem to be aware of the Active
Directory schema. For example, if I try to use
2014 Dec 23
2
Samba 4: Modify group members with LDAP
I'm wanting to change group members by writing to the Active Directory
using perl Net::LDAP.
I noticed that AD groups have the LDAP objects "member" to list the user
who is a member of this group. The user object then has the LDAP object
"memberOf" to record the groups the user is a member of.
I'm wondering if their is a mechanism in Samba AD that sets on of these if
2016 Aug 17
2
Storing Quotas in Active Directory
What is the best way to store file system quotas for users in the Active
Directory?
I'm not seeing any standard attributes for this, so it looks like the best
way is to extend the schema. Is this correct?
Thanks,
Greg
--
Greg J. Zartman
Board Member
Koozali SME Server
www.koozali.org
SME Server user, contributor, and community member since 2000
2016 Oct 03
2
ldb-tools stand alone different than built-in?
On Mon, Oct 3, 2016 at 10:39 AM, Sketch <smblist at rednsx.org> wrote:
>
> The standalone tools (as packaged by CentOS) don't have all of the
> extensions that are built when you build a Samba DC. If you have already
> rebuilt CentOS Samba packages with DC support, you need to add samba's ldb
> modules to ldb's module path.
>
This is what I suspected.
2016 Oct 03
2
ldb-tools stand alone different than built-in?
On Mon, Oct 3, 2016 at 12:10 PM, Sketch <smblist at rednsx.org> wrote:
>
> I would assume they would work if you built Samba against them so that
> it's ldb modules were built for the same version. But that seems like a
> lot of work when you can just use the CentOS ldb-tools package.
>
Well the ldb-tools package from COS doesn't work, as we've discussed
2016 Aug 19
1
Storing Quotas in Active Directory
On Thu, Aug 18, 2016 at 7:07 AM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
>
> Hi Greg, I take it what we discussed last time didn't work.
>
I did in fact create some custom schema mods that can store the quota
information, but it just seems to be an odd way to do it. I am surprised
that others uses Samba 4 on *nix file servers don't talk about this
2014 Dec 27
2
Samba 4 Active Directory Quotas
I've been messing around with disk quotas for users and have seen some who
have extended the Samba 4 AD schema to include a quota attribute. For
example, I found this schema extension here:
http://fossies.org/linux/quota/ldap-scripts/quota.schema
Is there a common method for doing this?
--
Greg J. Zartman
Board Member
Koozali SME Server
www.koozali.org
SME Server user, contributor, and
2014 Nov 12
1
Query AD from commandline
I'm working on building some perl code to query a Samba AD and list various
things.
I'm wondering if there is something like samba-tool for query user from the
AD other than just the username? I see that I can use and LDAP perl
module to query the LDAP side of the AD, but wanted to see if Samba has a
utility for doing this.
Thanks!
--
Greg J. Zartman
Board Member
Koozali Foundation,
2015 Feb 24
1
idmap_ad and UID vs UIDnumber
I note from the man pages, that idmap_ad will only map users/groups IF you
set the UIDnumber in the active directory. In lookin in my active
directory, there is a "Unix Attributes" tab with "UID" in that tab that you
can set. There is also and "Attributes Editor" tap where you can look at
all attributes and edit the "UIDnumber"
I just want to verify that
2014 Nov 12
2
Samba 4 "Trigger" when user is created???
I am working to deploy Samba4 on the SME Server: A customized version of
Centos with a web management GUI and configuration API.
One of the challenges we see is how we synchronize our SME Server
configuration API with users who are created using tools outside of *nix.
For example if a user were created using the windows administration tools.
Are there any triggers in Samba that could be set to
2014 Oct 25
1
Samba 4, smb server service option
What does the smb server service option do?
Does anyone know if there are any docs for the different server service
options?
Thanks,
--
Greg J. Zartman
Board Member
Koozali Foundation, Inc.
2755 19th Street SE
Salem, Oregon 97302
Cell: 541-5218449
SME Server user and community member since 2000
2014 Oct 27
1
Samba internal DNS + 2nd DNS
I'm workign to setup Samba4 and my current centos server deployment uses
TinyDNS/DNSCache for the DNS. Understanding that it is best to use Sambas
internal DNS for AD, I'm wondering how others are doing DNS? I really
don't want to use BIND.
Should my DHCP server send ddns updates to Samba's internal DNS for client
leases?
Thanks,
--
Greg J. Zartman
Board Member
Koozali
2014 Nov 14
1
Samba 4 Restrict User Create
Is it possible to restrict where users can be created in a Samba 4 AD
Domain?
What if I want to restrict user creation to only the server where samba is
running?
Thanks,
--
Greg J. Zartman
Board Member
Koozali Foundation, Inc.
2755 19th Street SE
Salem, Oregon 97302
Cell: 541-5218449
SME Server user and community member since 2000
2014 Nov 20
1
Single Sign-on for UI development (Re: Samba-tool --simple-bind-dn?)
I'm going to rephrase my question
Are any of you using any time of single signon technology to interact with
active directory in a development project? I'd like to be able to grab
the authentication with a user first authenticates as a domain admin via,
say Apache, and then re-use this auth to give this admin a list of domian
user.
Not sure of the best approach.
--
Greg J. Zartman