similar to: Samba-tool use of --random-password

Cool, I'll have a look at this too, thanks All! ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815 2236, eMail: mariopiorusso at ie.ibm.com IBM Ireland Product Distribution Limited registered in Ireland with number 92815. Registered Office: IBM House, Shelbourne Road,

Thanks Sven, good Idea let's see if i am getting this right: 1) use MS ADSI editor to add few more attributes to the "users" class 2) use ldapmodify from my ubuntu server to populate those attributes would that work? ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX:

Arg... that's a problem now.. we are not allowed to complie third party software in our dev enviroment, we are only allowed to use packages (that's why we use sernet-samba, which in fairness is great!). any plan to release a proper patch? ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin,

On 08/05/15 12:49, Mario Pio Russo wrote: > Hi all > > just going back to this, Steve can you please expalin where did you take > this number from? 11644473600 > > that seems not to work correctly on my system so I was lookin g how to > tailor down the right value > > thanks > > >

Thanks Kelvin I'm a bit confised tho, is this patch already avaiable? if yes, what is the parameter that disable ssl into the smb.conf? Maybe the guys from Enterprise samba have already included the patch into their releases so it's just a maatter of enabling the flag. I'm using sernet-samba-4.2.2 Thanks!

On 6/4/2015 9:57 AM, Mario Pio Russo wrote: > guys sorry to take this thread onboard once more, but I still can't get > this sorted. > > I have compiled the latest tarball from samba, 4.2.2 . compilation works > fine and after that I am able to upgrade from samba 3 with the following > command: > > samba-tool domain classicupgrade --dbdir=/var/lib/samba-ccdc1/dbdir/

thanks Rowland! btw, when will samba 4.2.2 released? looking foward to it! (I need the bug of the RDP fixed :D) thanks! ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815 2236, eMail: mariopiorusso at ie.ibm.com IBM Ireland Product Distribution Limited registered in

well that's peculiar, as I am experiencing something different. in fact from ADUC I can see all the users belonging to the "domain users" groups. the authentication, however, does not work on that group, and the share "scrap" cannot be accessed with this config: valid users = @"Domain Users" however, I have created an auxiliarry group called domainusers

OR is there any way, or magical hidden parmeter in the smb.conf that allows to enumerate the users in the Domain Users? tbh this has a huge impact on the file share server as many directorys have "domain users" as group ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353

On 15/07/15 15:10, Mario Pio Russo wrote: > OR > > is there any way, or magical hidden parmeter in the smb.conf that allows to > enumerate the users in the Domain Users? tbh this has a huge impact on the > file share server as many directorys have "domain users" as group I don't think you understand this at all :-) If a user is a member of an AD domain, then they are

sorry guys , I think I didn't explain well. basically I have a samba 4 domain (created by upgrading+migrating a samba 3 PDC). For every new user that we add to this domain I need to save some additional info which are very specific for our company/department, but the problem is that I cannot create custom attributes into the Samba4 ldap back-end. For this reason I was thinking to use some

ok, what do you suggest then? maybe changing the authentication to another group like "domainusers" ? ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815 2236, eMail: mariopiorusso at ie.ibm.com IBM Ireland Product Distribution Limited registered in Ireland with

Good Day all I am going to create few scripts that uses the ldapmodify in order to populate and samba4 Domain, I was wondering , what is the full list of attributes that a samba 4 domain supports? thanks ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815 2236, eMail:

guys sorry to take this thread onboard once more, but I still can't get this sorted. I have compiled the latest tarball from samba, 4.2.2 . compilation works fine and after that I am able to upgrade from samba 3 with the following command: samba-tool domain classicupgrade --dbdir=/var/lib/samba-ccdc1/dbdir/ --use-xattrs=yes --realm=ccdc.lan /etc/samba/smb-ccdc1.conf 2>&1 | tee

Hello Mario.. first.. sernet has samba 4.2.2 release. i suspect these settings are for the RDP.. > server services = -winbindd +winbind > auth methods = winbind, sam but if u use it like about, remove the auth mehods line. samba 4.2 with 4.1 winbind beheavor, and a working rdp. : + server services = -winbindd +winbind ( and the defaults, see below ) samba 4.2

Your mixing 2 things here. >the upgrade works fine as far as I can see, samba starts and I >am able to >RDP using my domain admin rights. however I am not able to RDP >using any >other user. > >the error i get is: > >"The connection is denied because the user account is not >authorized for >remote login" > >however the user I am testing is member

Good Day All Sorry if this is a repeated email, but I need some information about how to disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is reporting the POODLE vulnerability and we are not allowed to have any of that in our environment. the nessus scan reports poodle vulnerability on all these ports: 443, 636, 3269 I had a look at previous posts but couldn't find a

Hi all just going back to this, Steve can you please expalin where did you take this number from? 11644473600 that seems not to work correctly on my system so I was lookin g how to tailor down the right value thanks ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815

great thanks Steve ___________________________________________________________________________________________ Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1 815 2236, eMail: mariopiorusso at ie.ibm.com IBM Ireland Product Distribution Limited registered in Ireland with number 92815. Registered Office: IBM House, Shelbourne Road, Ballsbridge, Dublin 4 (Embedded

Hi Rowland yes you got it right, I have a samba 4 installation and I'd like to delegate the authentication to an external ldap server. I have noticed that in samba 4 we do not have the attribute "password", so my question is: if I use Samba4+Openldap (as backend) and in OpenLdap I manually add the attribute "password" to each user entry, and password as a link to SASL