similar to: request: HOWTO for Samba4.latest AD PDC

Ok, I have some results. On Mon, Nov 23, 2015 at 7:03 PM, Robert Watson <robert at gillecaluim.com> wrote: > I don't have a solution other than creating gpo on a win7 client. I got > the same issue with a win 10 clients > On Nov 23, 2015 3:30 PM, "Jeff Dickens" <jeff at seamanpaper.com> wrote: > >> Running the sernet distribution of Samba 4.2 on

From http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ProfileMgmt.html: Disabling Roaming Profile Support The question often asked is, ?How may I enforce use of local profiles?? or ?How do I disable roaming profiles?? There are three ways of doing this: In smb.conf Affect the following settings and ALL clients will be forced to use a local profile: logon home =

I have a Samba PDC (Ubuntu 12, OpenLDAP 2.4.28, Samba 3.6.3), and at two remote sites, I have some Samba BDCs. For now I've manually entered the DCs as WINS servers on the workstations I'm using for testing. At the remote sites, I can log in with an account that has no logon path or logon home specified, and it works perfectly. But at the main site, when I try to log on to one of these

So I am still stuck. For reference here is the smb.conf on the member server: root at florence:~# more /etc/samba/smb.conf [global] netbios name = FLORENCE security = ADS workgroup = IOL realm = IOL.SEAMANPAPER.COM log file = /var/log/samba/%m.log log level = 1 dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab

On Sat, Nov 7, 2015 at 11:19 AM, Rowland Penny <rowlandpenny241155 at gmail.com > wrote: > On 07/11/15 16:02, Krutskikh Ivan wrote: > >> Hi, >> >> I need to change ownership of server files to user/group defined in active >> directory ( using rfc2307 and unix attributes). Chown returns no error, >> but >> 'ls -lia' shows that file ownership

On Wed, Nov 18, 2015 at 6:00 AM, Rowland Penny <rowlandpenny241155 at gmail.com > wrote: > On 18/11/15 10:27, Jeff Dickens wrote: > >> >> >> On Nov 18, 2015 4:35 AM, "Rowland Penny" <rowlandpenny241155 at gmail.com >> <mailto:rowlandpenny241155 at gmail.com>> wrote: >> > >> > On 17/11/15 23:09, Jeff Dickens wrote:

-- Hi. I'm running Ubuntu Precise 12.04 LTS. I created some virtual machines using vmbuilder, and then migrated those from their .qcow files to lvm. However, those virtual machines are still using disk type "file": Code: <disk type='file' device='disk'> <driver name='qemu' type='raw'/> <source

Created a new thread because I screwed up and top-posted. So I am still stuck. For reference here is the smb.conf on the member server: root at florence:~# more /etc/samba/smb.conf [global] netbios name = FLORENCE security = ADS workgroup = IOL realm = IOL.SEAMANPAPER.COM <http://iol.seamanpaper.com/> log file = /var/log/samba/%m.log log level

Hi, I am authenticating users on our linux servers using nslcd/pam_ldap. Authentication is fine, however, it is not possible for the user to change the password from the server. Is there a way to make it work ? [Guilherme at server ~]$ passwd Changing password for user Guilherme. passwd: Authentication token manipulation error Oct 8 14:37:53 server passwd: pam_unix(passwd:chauthtok): user

On 31/05/18 18:44, Andrew Bartlett via samba wrote: > So there is also an easier option in the long term. Plus we will make > the online demote clean up the extra records. That would be great, because I've just cleaned up about 40 entries using the Windows DNS Manager gui tool! I also learnt a lot about adding extra NS and PTR records using this gui tool (mydomain.com and

Yup, compiled it myself and did not change the path. The query to the ldb returned the same thing on both DC1 and DC2. DNS and /etc/hosts are also fine, DC1 dns points to DC2 and DC2 to DC1. Everything seems to be completely fine... I was looking into this issue because I was doing the sysvol replication and noticed that the sysvol path had a '300000' as the group owner on DC2, where on

Hey, By "through LDAP" I meant that our linux servers would look for the users using pam_ldap. Anyway, I was able to "fix" this by mapping gidNumber to gidNumber instead of primaryGroupID on nslcd.conf. $ id uid=10000(Guilherme) gid=10001(it) grupos=10001(it) On Fri, Aug 21, 2015 at 4:28 PM, Rowland Penny <rowlandpenny241155 at gmail.com > wrote: > On 21/08/15

On Wed, 4 Oct 2017 16:17:17 +0200 Harsh Kukreja <h.kukreja at ium.edu.na> wrote: > I would suggest setting up a new server, join this to the domain as a > new DC, transfer the FSMO roles to this and then demote the old DC. > This way, you can change the OS and the Samba version at the same > time. > > Rowland > > Thanks Rowland > > I like to ask when I build

I have removed use_auhtok from /etc/pam.d/system-auth and now passwd is "kind of" working... I am still able to login with my old password and the new one also. But only on the linux servers that are authenticating through LDAP. On my workstation only the old password (the one I was trying to change through passwd(ssh)) works. I have noticed that my user now has a userPassword

On 20/08/15 18:26, Guilherme Boing wrote: > Yes, you are correct. > > The users where the UID 3000000 was the owner were users that belong to > Domain Admins group. > Is this the correct behaviour ? I have other users that are in different > groups (e.g. Marketing) and whenever they create a new file, their own UID > shows up as the owner of that file, not the

Hi Rowland, This is a CentOS 6.7 server. I was able to make some progress. I have edited /etc/pam.d/system-auth, and now it looks like: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account

Just replied to another thread with the same problem... This is on a member server, not the DC. No the second chgrp command with the escaped space doesn't work. Getent returns big numbers for the uids and gids.... too big, I think. root at florence:/home# getent passwd Administrator administrator:*:4294967295:4294967295::/home/IOL/administrator:/bin/false root at florence:/home# getent

Yes, it is an AD DC. The thing is, the only way I know to change the user password is from a Windows workstation (CTRL+ALT+DEL and go to Change password). I was trying to achieve the same thing through another Linux server that is not the AD DC. So I thought that it would be possible for them to change their AD passwords through "passwd", but it didn't seem to work properly, because

Hello, I want my domain users to be able to connect to our linux servers using their AD username through LDAP. I am using nslcd and pam_ldap to do so, but I am having some hard time trying to figure out why the GID is not working properly. # getent passwd Guilherme Guilherme:*:10000:*513*:Guilherme:/home/Guilherme:/bin/bash # getent group|grep 513 # id Guilherme uid=10000(Guilherme) gid=513

I just noticed that my fresh install of Samba 4.2.3 has the same behaviour. I have a share (\\samba\it_share)) and some users when creating files have the UID as 3000000 and some have their correct UIDs. Share permissons are being controlled by Windows ACLs. On Wed, Aug 19, 2015 at 1:58 PM, Mark Foley <mfoley at novatec-inc.com> wrote: > More information, > > It appears I've