similar to: Several questions about winbind[d]

Displaying 20 results from an estimated 10000 matches similar to: "Several questions about winbind[d]"

2015 Jun 30
2
Several questions about winbind[d]
@Andrew: I expect these lines came from RDP issue workaround which should be happening with previous Samba version. I removed all these lines as now, with 4.2.2 Samba version RDP and RSAT are working well without them. I removed also each and every idmap lines, commented most of winbind lines too and now my smb.conf is: ------------------------------------------------------------ [global]
2015 Jun 30
2
Several questions about winbind[d]
2015-06-30 12:42 GMT+02:00 Rowland Penny <rowlandpenny241155 at gmail.com>: > On 30/06/15 11:17, mathias dufresne wrote: > >> @Andrew: I expect these lines came from RDP issue workaround which should >> be happening with previous Samba version. I removed all these lines as >> now, >> with 4.2.2 Samba version RDP and RSAT are working well without them. >>
2016 Feb 10
3
ldbadd issue on Samba 4.1.13 AD DC
On 2/9/2016 3:48 PM, Rowland penny wrote: > On 09/02/16 19:59, Allen Chen wrote: >> Hi there, >> >> I have Samba 4.1.13 AD DC compiled on CentOS 6.2 (32bit). Everything >> is working fine. >> >> Issue: ldbadd cannot re-add a deleted user account. >> What I did: >> 1. save user account >> # ./bin/ldbsearch -H /usr/local/samba/private/sam.ldb
2015 Oct 19
5
Samba 4 + Squidguardian
On 19/10/15 16:46, mathias dufresne wrote: > AD from Samba or Microsoft is mainly a database for storing users (and > associated stuffs). It comes also with stuffs (protocols) to connect and > retrieve information. > > How the client uses these information is, as always, a choice from that > specific client. > > Your AD client is your Squid/Squidguard(ian) server. Its job
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote: > That's correct, I don't have "Unix Attributes" but through the advanced > view I have access to all attributes. > > The ldbsearch command is not returning anything in my case, it gives me 0 > records - no matter which user I try, even the Administrator. I checked the > command several times to make sure
2017 Jun 19
3
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 12:38:09 +0200 Viktor Trojanovic <viktor at troja.ch> wrote: > Here is the DC's smb.conf: > > > [global] > workgroup = SAMDOM > realm = SAMDOM.EXAMPLE.COM > netbios name = DC > interfaces = lo br-lxc > bind interfaces only = Yes > server role = active directory domain controller >
2016 Jul 04
2
[samba as AD] Hidden attributes
Hi all, Is there a way to extract the whole attributes of objects, even hidden attributes, using ldbsearch or any samba tool? Hidden attributes have to be hidden from ldapsearch which can be used through network and so, remotely. ldbsearch can be used only locally by root, which [should] limit who is using it, so perhaps I thought it was possible : )
2017 Jun 19
2
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 14:46:34 +0200 Viktor Trojanovic <viktor at troja.ch> wrote: > On 19 June 2017 at 14:20, lingpanda101 via samba > <samba at lists.samba.org> wrote: > > > On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote: > > > >> That's correct, I don't have "Unix Attributes" but through the > >> advanced view I have
2015 Dec 28
2
Authentication to Secondary Domain Controller initially fails when PDC is offline
On 12/24/2015 11:32 AM, Rowland penny wrote: > On 24/12/15 15:32, mathias dufresne wrote: >> And to get mentioned entries list I used: >> "samba_dnsupdate --verbose --all-names | grep Default-First-Site-name" >> >> This list 8 DNS records related to Default Site. >> >> Next was to change Default-First... by the name of another AD Site >> (sed
2015 Nov 11
4
How to configure Winbind to use uidNumber and gidNumber
On 2015-11-10 at 13:57 +0000, Rowland Penny wrote: > On 10/11/15 13:42, mathias dufresne wrote: > >Thank you for this quick answer Louis. > > > >On DC: > > > >On DC I had to add one line to have winbind retrieving uidNumber AD field > >rather than having Winbind chosing some random UID for my users. > >This line is: > > > >idmap_ldb:use
2017 Jun 19
2
New AD user cannot access file share from member server
I missed to mention it. But I actually did try changing the CN=users to OU=ouname, and even leaving it out. I don't know why it didn't return any results before, it does now - see my reply to James. On 19 June 2017 at 14:30, Rowland Penny via samba <samba at lists.samba.org> wrote: > On Mon, 19 Jun 2017 08:20:35 -0400 > lingpanda101 via samba <samba at lists.samba.org>
2015 Nov 10
2
How to configure Winbind to use uidNumber and gidNumber
Thank you for this quick answer Louis. On DC: On DC I had to add one line to have winbind retrieving uidNumber AD field rather than having Winbind chosing some random UID for my users. This line is: idmap_ldb:use rfc2307 = yes as explained in https://wiki.samba.org/index.php/Setting_up_RFC2307_in_AD That's a start. Unfortunately winbind is still giving my users GID number set to 100,
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 9:12 AM, Viktor Trojanovic via samba wrote: > On 19 June 2017 at 14:56, Rowland Penny via samba <samba at lists.samba.org> > wrote: > >> On Mon, 19 Jun 2017 14:46:34 +0200 >> Viktor Trojanovic <viktor at troja.ch> wrote: >> >>> On 19 June 2017 at 14:20, lingpanda101 via samba >>> <samba at lists.samba.org> wrote:
2015 Dec 24
2
Authentication to Secondary Domain Controller initially fails when PDC is offline
Hi James and everyone, There is a real issue with samba_dnsupdate and DNS records creation with Samba 4 as AD when it comes to AD Sites. Samba does not seems to create at all any Site relevant DNS record. As AD relies on DNS to find DC on the correct AD site, if no DNS entry is created related to AD Site, no usage of AD Sites. Here Win client ask for domain 11:37:28.671044 IP
2015 Dec 28
1
Authentication to Secondary Domain Controller initially fails when PDC is offline
On 12/28/2015 9:21 AM, Rowland penny wrote: > On 28/12/15 14:06, James wrote: >> On 12/24/2015 11:32 AM, Rowland penny wrote: >>> On 24/12/15 15:32, mathias dufresne wrote: >>>> And to get mentioned entries list I used: >>>> "samba_dnsupdate --verbose --all-names | grep Default-First-Site-name" >>>> >>>> This list 8 DNS
2015 Dec 24
2
Authentication to Secondary Domain Controller initially fails when PDC is offline
And to get mentioned entries list I used: "samba_dnsupdate --verbose --all-names | grep Default-First-Site-name" This list 8 DNS records related to Default Site. Next was to change Default-First... by the name of another AD Site (sed is still working :p) I was able to create DNS entries which were missing for one of my sites. Next, test: Back on one Windows on the network associated
2016 Apr 05
5
DNS issues after FSMO seize
2016-04-04 14:20 GMT+02:00 Rowland penny <rpenny at samba.org>: > On 04/04/16 10:23, mathias dufresne wrote: > >> SOA means "this DNS se'rver can modify the zone". >> > > No it doesn't, it stands for 'Start Of Authority' and contains who to > contact for the domain records. > Rowland... thank you again Captain Obvious. Yes SOA means
2016 Mar 29
2
Permission denied on GPT.ini (Event ID 1058)
I'm not an expert in idmap (at all in fact :p) but I thought idmap stuffs were here to replace RFC2307 UID/GID declared into AD/LDAP objects. In others words, if you configure correctly idmap into smb.conf I expect you don't need any more declaring UID/GID for machine accounts. Anyway here my machines get access to their GPO: I tested one computer's GPO this morning, the one giving
2016 Mar 29
3
Permission denied on GPT.ini (Event ID 1058)
To see which DC is used by Windows client: open a MSDOS console, type "set", look for LOGONSERVER=\\<your_dc> <your_dc> is the DC used to connect on. If issue comes from one DC I would have on sysvol synchronisation between DC, ACL on all sysvol, DNS entries (but I don't think that's a DNS issue if you have only GPO issue). 2016-03-29 14:51 GMT+02:00 Sébastien Le
2015 Jul 23
2
4.2.2 as AD with 2 DCs: database incoherency
On 23/07/15 16:23, mathias dufresne wrote: > Hi all, > > I tried "samba-tool ldapcmp" several times to solve this issue, without > success. > > On DC acting as full FSMO: > dc20:~# samba-tool ldapcmp ldap://dc00.ad.dgfip.lan > ldap://dc20.ad.dgfip.lan domain > ERROR(ldb): uncaught exception - ldb_wait: Time limit exceeded (3) > File