Displaying 20 results from an estimated 4000 matches similar to: "help, please, troubleshooting winbind testing during setup of Samba 4 AD member server"
2015 Jan 13
1
help, please, troubleshooting winbind testing during setup of Samba 4 AD member server
On 13/01/15 01:07, BISI wrote:
> Found it! (Thanks to Louis van Belle and Rowland Penny for their
> guidance).
>
> The wiki page for
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> *really* needs a note about this to be added. It will save a lot of
> frustration and wasted time for others coming behind.
>
> The reason I say this is that a
2015 Jan 09
0
help, please, troubleshooting winbind testing during setup of Samba 4 AD member server
Hai,
Did you assign any UID/GID to users/groups in the AD.. i think not.
If No, please do so first else you wont see any output.
how : https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
My advice use the windows ADUC to set the GID/UID
If Yes.. Ok.. thats strange,..
post your (sanitized) smb.conf
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: d3r3kshaw at
2015 Jan 13
0
help, please, troubleshooting winbind testing during setup of Samba 4 AD member server
Found it! (Thanks to Louis van Belle and Rowland Penny for their guidance).
The wiki page for
https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server *really*
needs a note about this to be added. It will save a lot of frustration
and wasted time for others coming behind.
The reason I say this is that a default Windows Server 2008 R2 install,
*does not provide* the necessary tools
2014 Dec 31
6
Member Server Setup Assistance
Hello Stefan,
I learned the hard way about .local. I understand going forward.
I do have an issue with the member server. Following along with the wiki
I get stuck at 'Testing the Winbind user/group mapping'. Wbinfo works as
expected but not
#*id DomainUser*
#*getent passwd*
#*getent group*
#*chown DomainUser:DomainGroup file*
#*chgrp DomainGroup file*
etc.
I receive
2014 Dec 31
3
Member Server Setup Assistance
Rowland,
I set a user with a uid and domain users group with a gid but I'm
still unable to view them using 'id'. I do notice a few strange
observations. If I go to another user to attempt to assign a uid. I get
the default value of 10000. I would expect 2001 given I set the first
user with uid 2000. Groups however appear to increment.
On 12/31/2014 10:52 AM, Rowland Penny
2014 Dec 31
2
Member Server Setup Assistance
Hi Rowland,
I did. Unfortunately something is still amiss. I do receive a
response from 'getent group domain users'(users:x:100).
On 12/31/2014 12:26 PM, Rowland Penny wrote:
> On 31/12/14 17:23, James wrote:
>> Rowland,
>>
>> I set a user with a uid and domain users group with a gid but I'm
>> still unable to view them using 'id'. I do
2014 Dec 31
2
Member Server Setup Assistance
Hi Rowland,
passwd: compat winbind
group: compat winbind
'getent passwd tuser' results in a blank terminal line.
On 12/31/2014 1:12 PM, Rowland Penny wrote:
> On 31/12/14 17:55, James wrote:
>> Hi Rowland,
>>
>> I did. Unfortunately something is still amiss. I do receive a
>> response from 'getent group domain
2014 Dec 31
2
Member Server Setup Assistance
Rowland,
I decided to start over with a fresh install and attempted again.
Only change I made was to start my mappings at 10000. I gave 'Domain
Users' group gid 10000 and 'tuser' has uid 10001. Still didn't work btw.
dn: CN=Test User,CN=Users,DC=domain,DC=local
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Test User
sn:
2015 Jan 01
3
Member Server Setup Assistance
Hi Rowland,
I forgot to tell you the results were from my Domain Controller and
not the member server. Member server returned something to the effect of
'user not found'. I am only starting the 3 services(smbd,nmbd and
windbindd) listed in the wiki. Should I be starting Samba with command
line switches to start as a member server? Is that even possible?
Thanks for you
2014 Dec 31
4
Member Server Setup Assistance
Hello,
I'm following along with the wiki(Setup a Samba AD Member Server)
and I have a question after reading the 'Set up a basic smb.conf'
section. Do I need to extend the schema in order for my member server to
successfully join and service file shares? Do I need to configure a
krb5.conf file? Thanks.
--
-James
2015 Jan 02
4
Member Server Setup Assistance
Hi Rowland,
If you don't mind I like to post my member server configuration as
I attempt again. This is how my member server(Ubuntu 12.04) is
configured after fresh install and prior to Samba build. Anything I'm
missing that could cause my issue as I proceed? I assume no other
prerequisites must be done on the other DC's either? Thanks.
/*# From Wiki for DC build*/
apt-get
2014 Dec 01
2
Setup_a_Samba_AD_Member_Server can get the id of user.
On 01/12/14 00:08, ?? wrote:
> Rowland Penny,??:
> I test id Administrator as the wiki.
> I run
> chown Administrator(or other DomainUser) file I got
> invalid User :Administrator
>
> ------------------
> ??
> 2014-12-01
>
> -------------------------------------------------------------
> ????Rowland Penny
> ?????2014-11-28 17:59:18
> ??????
>
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
I've gotten a bit further. It appears my use of '.local' is causing
the issue from what I've researched. I ran '|/etc/init.d/avahi-daemon
stop'. |This allowed me to successfully join the domain.
Enter administrator at DOMAIN.LOCAL's password:
Using short domain name -- DOMAIN
Joined 'PFMEMBER1' to dns domain 'domain.local'
DNS Update
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
I had a typo in my hosts file which is the reason my initial DNS
update failed. Corrected and joined again. Successfully joined and
updated DNS A record. I then made sure to give 'Domain users' a id of
10000. I am now able to run' getent passwd' and see all my domain users!
YES! However I still see something that confuses me. When I run 'id
tuser' I get
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
I did forget to change it. Is it as simple as renaming now or did I
screw up?
On 1/2/2015 12:18 PM, Rowland Penny wrote:
> On 02/01/15 17:07, James wrote:
>> Rowland,
>>
>> I had a typo in my hosts file which is the reason my initial DNS
>> update failed. Corrected and joined again. Successfully joined and
>> updated DNS A record. I then made
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
That did it! Thank you so much. I do have a question regarding the
'getent' command before setting up file shares. When I run 'getent group
Domain\ Users' I get
domain_users:x:10000:user1,user2,user3,user4,user5,user6,user7,user8
Why does it show these specific users? I would assume it would only show
my 'tuser'. I don't have uid's set for anyone
2015 Jan 19
1
re-using a member server?
OK - I must be close, but I'm lost...
I have a sernet member server that I built and joined to a test
win2008R2 AD Domain Controller ("the AD-DC").
(Version 4.1.14-SerNet-Debian-9.wheezy)
I used Louis van Belle's setup script (manually executed, just 'cause
I'm that kind of guy).
https://secure.bazuin.nl/scripts/4-setup-sernet-samba4-MEMBER-wheezy.sh
The
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
Thanks for the clarification. It appears the member server is
joined and I have created a share.
[demoshare]
path = /srv/samba/test
read only = no
I have enabled ACL support and given 'SeDiskOperatorPrivilege' per the
wiki. I can navigate to the share using Windows Explorer. If I set the
share permissions to only me(Full Control). I can't access the share.
2015 Jan 02
2
Member Server Setup Assistance
Rowland,
That was the issue. Windows computer management console showed 0
connections. That obviously wasn't correct. A reboot corrected the
issue. ACL's working as expected. I probably should have ran a 'netstat'
to verify.
Any best practices on who should or shouldn't have uid's or gid's
set in AD? I've read where the Administrator account should
2015 Jan 05
2
Member Server Setup Assistance
Rowland,
Thanks so far for the assistance. I have a question about setting
up shares on a member server. How do I map to users or groups that do
not display in AD(Everyone,System,Authenticated Users)?
On 1/2/2015 2:08 PM, Rowland Penny wrote:
> On 02/01/15 18:59, James wrote:
>> Rowland,
>>
>> That was the issue. Windows computer management console showed 0