Displaying 20 results from an estimated 20000 matches similar to: "Samba 3.6.6, ADS, Winbind, no local Unix account"
2015 Jan 22
0
Samba 3.6.6, ADS, Winbind, no local Unix account
On 22/01/15 18:19, francis picabia wrote:
> We run AD on Windows servers and have Linux systems
> authenticate against AD with pam, for shares, cyrus mail, or shell logins.
> For shares on a Linux system we often have no local account.
>
> We've had success with Samba 3.5.10 and prior versions using
> security = ads with winbind, pam, nsswitch.conf, krb5.conf
> while there
2016 Aug 09
4
Man page for idmap_rid
On Tue, Aug 9, 2016 at 10:21 AM, Rowland Penny <rpenny at samba.org> wrote:
> On Tue, 9 Aug 2016 09:37:13 -0300
> francis picabia <fpicabia at gmail.com> wrote:
>
> > Thanks for the detailed response.
> >
> > It is very extensive for my purposes, but it still feels over
> > analytical for what we need. I believe the Unix UID doesn't exceed
>
2017 Jun 30
2
4.4.14 on solaris, using ads, can't read/write as user
On Thu, Jun 29, 2017 at 4:46 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Thu, 29 Jun 2017 16:28:38 -0300
> francis picabia via samba <samba at lists.samba.org> wrote:
>
> > On Thu, Jun 29, 2017 at 3:48 PM, Rowland Penny via samba <
> > samba at lists.samba.org> wrote:
> >
> > >
> > >
> > > Well, no it
2017 Jun 29
2
4.4.14 on solaris, using ads, can't read/write as user
On Thu, Jun 29, 2017 at 3:48 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
>
>
> Well, no it isn't actually on that page, you need to follow an
> hyperlink to this page:
>
> https://wiki.samba.org/index.php/Idmap_config_rid
>
>
It is really confusing. rid or tdb. I don't know what it wants because
the second link has both.
Here is the
2016 Aug 09
3
Man page for idmap_rid
On Mon, Aug 8, 2016 at 5:06 PM, Michael Adam <obnox at samba.org> wrote:
> On 2016-08-08 at 16:31 -0300, francis picabia wrote:
> > I'm reading the man page for idmap_rid over and over and I can't
> understand
> > it. I think it needs a rewrite so a normal user can understand. Using a
> > practical example.
>
> I admit it is a little terse.
> But
2017 Jun 29
2
4.4.14 on solaris, using ads, can't read/write as user
On Thu, Jun 29, 2017 at 2:36 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
>
>
> Your problems lie here:
>
> idmap config * : range = 16777216-33554431
> idmap config * : backend = rid
>
> Why use the range '16777216-33554431' ?
>
On a working Debian system with Samba 4.1, we have things
working OK with:
idmap config MYDOM : range
2016 Aug 08
2
why does add_local_groups come up in only one system's logs?
On Mon, Aug 8, 2016 at 10:54 AM, Rowland Penny <rpenny at samba.org> wrote:
> On Mon, 8 Aug 2016 10:24:03 -0300
> francis picabia <fpicabia at gmail.com> wrote:
>
> > I have a couple of Debian 8.5 systems set up in similar manner.
> > Samba is version 4.2.10-Debian
> >
> > Here is the essential config...
> >
> > # testparm
2017 Jun 29
2
4.4.14 on solaris, using ads, can't read/write as user
Thanks for your help. Here is a sanitized config from our dev system where
I'm testing the Solaris patch.
[global]
workgroup = MYDOM
netbios name = norm
security = ADS
log file = /var/log/samba/%m.log
max log size = 50
dns proxy = no
loglevel = 3
template shell = /usr/bin/bash
winbind use default domain = true
winbind enum users = yes
winbind enum groups =
2016 Aug 09
2
Man page for idmap_rid
On Tue, Aug 9, 2016 at 2:48 PM, Michael Adam <obnox at samba.org> wrote:
> On 2016-08-09 at 11:58 -0300, francis picabia via samba wrote:
> > On Tue, Aug 9, 2016 at 10:21 AM, Rowland Penny <rpenny at samba.org> wrote:
> >
> > > On Tue, 9 Aug 2016 09:37:13 -0300
> > > francis picabia <fpicabia at gmail.com> wrote:
> > >
> > >
2016 Aug 08
3
why does add_local_groups come up in only one system's logs?
On Mon, Aug 8, 2016 at 12:43 PM, Rowland Penny <rpenny at samba.org> wrote:
> On Mon, 8 Aug 2016 11:48:42 -0300
> francis picabia <fpicabia at gmail.com> wrote:
>
> > On Mon, Aug 8, 2016 at 10:54 AM, Rowland Penny <rpenny at samba.org>
> > wrote:
> >
> > > On Mon, 8 Aug 2016 10:24:03 -0300
> > > francis picabia <fpicabia at
2017 Aug 21
2
Setup of Samba with Solaris 11.3 to provide Unix File Shares to Windows Users
Dear Rowland,
our windows admin assured me that they have set uidNumber and gidNumber in
the range. I have requested screenshots for confirmation.
Now we are one step further: "getent passwd | grep mdecker" now lists the
AD account.
mdecker:*:13667:7142:Decker, Martin:/home/MYDOM/mdecker:/bin/false
With "getent passwd mdecker" however, it shows
2017 Aug 18
2
Setup of Samba with Solaris 11.3 to provide Unix File Shares to Windows Users
Dear List,
I am trying to set up Samba 3.6.25 (solaris 11.3 packaged) to provide
unix file shares to windows users.
I can successfully list groups and users with wbinfo -u / wbinfo -g,
but I do not get any data with "getent group" or "getent passwd". In AD, we
have set "gidNumber" Attribute for Group "Domain Users" to a value in the
specified range
2016 Aug 08
2
why does add_local_groups come up in only one system's logs?
I have a couple of Debian 8.5 systems set up in similar manner. Samba is
version 4.2.10-Debian
Here is the essential config...
# testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
2016 Aug 10
2
Man page for idmap_rid
On Wed, Aug 10, 2016 at 11:04 AM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Wed, 10 Aug 2016 10:42:11 -0300
> francis picabia via samba <samba at lists.samba.org> wrote:
>
> >
> > On a few dozen systems running Linux and Solaris and in production,
> > MYDOM\username = username as far as we are concerned. It isn't
> > unique
2016 Aug 09
2
why does add_local_groups come up in only one system's logs?
On Mon, Aug 8, 2016 at 4:16 PM, Rowland Penny <rpenny at samba.org> wrote:
> On Mon, 8 Aug 2016 15:27:44 -0300
> francis picabia <fpicabia at gmail.com> wrote:
>
> > OK, that was my bad for copy/pasting some config lines I found with
> > a report of "this works!" on a bug report (only the second login
> > connects bug).
> >
> > I've
2016 Aug 09
4
Man page for idmap_rid
On Tue, Aug 9, 2016 at 3:07 PM, Jeremy Allison via samba <
samba at lists.samba.org> wrote:
> On Tue, Aug 09, 2016 at 07:50:12PM +0200, Michael Adam via samba wrote:
> > On 2016-08-09 at 17:58 +0100, Rowland Penny via samba wrote:
> > > On Tue, 9 Aug 2016 13:37:18 -0300
> > > francis picabia <fpicabia at gmail.com> wrote:
> > >
> > >
>
2016 Aug 10
2
Man page for idmap_rid
On Tue, Aug 9, 2016 at 4:56 PM, Steve Ankeny via samba <
samba at lists.samba.org> wrote:
> On 08/09/2016 03:29 PM, francis picabia via samba wrote:
>
>> We've modified our smb.conf shares about 10 years ago to have
>> valid users with MYDOM\user and it has worked very well. It is
>> still working well for the most part.
>>
>
> 10 years ago Samba was
2016 Aug 08
4
Man page for idmap_rid
I'm reading the man page for idmap_rid over and over and I can't understand
it. I think it needs a rewrite so a normal user can understand. Using a
practical example.
Step 1: determine the highest UID in use for your /etc/passwd file
(can we assume everyone has a passwd file?)
Step 2: I don't know...
Optionally at this point, document how to plug that into the formula
RID = ID +
2017 Aug 18
2
Setup of Samba with Solaris 11.3 to provide Unix File Shares to Windows Users
Thank you for your feedback. I have changed the parameters, but still no
success.
winbind use default domain = yes
idmap config * : range = 1000000-1999999
idmap config MYDOM : range = 100-999999
Regards,
Martin
2017-08-18 15:00 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org>:
>
> See inline comments:
>
> On Fri, 18 Aug 2017 14:40:54 +0200
>
2016 Dec 06
2
Join QNAP to a Samba AD
Hello,
No it's a AD classicupgraded from a Samba 3 PDC
Here's a user example from my DC
uid=1116(MYDOM\begr00) gid=513(MYDOM\domain users) groupes=513(MYDOM\domain us
ers),1151(MYDOM\evaluation),1214(MYDOM\procedures),12021(MYDOM\s13cadre),12041
(MYDOM\s13-grh),1264(MYDOM\zsbw),1001(MYDOM\s13),3000005(BUILTIN\users)
my first user start at uid 1001 (1000 was the