similar to: does ldapsearch work in Samba4

I'm very confused. I have a Samba4 AD/DC which works great for Windows Authentication with our Windows 7 workstations. Now, I am trying to implement single-sign-on for our coming-soon Linux workstations. All web documentation I've so far found on this references OpenLDAP as the server and describes server-side commands such as kadmin and slapd-config to get things set up on the

On Thu, 08 Oct 2015 21:52 Rowland Penny wrote: > What you cannot do is use GPO's like windows does, everything else is > possible, you just need to setup the clients correctly. Excellent! I've been messing around with GPOs on Windows AD domains for years, more extensively this past year with Samba4 AD/DC and I absolutely hate them. In my opinion they are yet another attempt by

On Oct 8 2015 09:32 Rowlan Penny wrote: > It might help if you were to explain just what you require from single-sign-on ? Well, perhaps I'm mistaken, but is this not the #1 reason to install Samba4? >From reading this list over the past couple of months it does not seem that Authenticating users on Windows workstations is the main thing people do. But, is not the ability to

Dear all, i install samba-sernet-ad 4.2 on a Centos 7.2 Linux. I also install phpldapadmin to connect to the domain with the Administrator distinguished name. >From phpldapadmin, i am able to connect as anonymous, but when i try to provide Administrator Distinguished name and password, authentication failed. I received this error : stronger authentication required (8) for user. I then try

Rowland - thanks for your reply. I did send a message after this one you responded to with several other questions, but I'll pursue questioning on GID/UID in this reply as that is what you've mainly discussed. But, please check out that next email for other questions. Thanks. For a particular domain user in the AD, wbinfo gives: $ wbinfo -i mark HPRS\mark:*:3000026:100:Mark

On 11.10.2016 17:22, Harry Jede via samba wrote: > Am Dienstag, 11. Oktober 2016 schrieben Sie: >> On 11.10.2016 13:52, Harry Jede via samba wrote: >>> On 10:43:49 wrote Gavrilov Aleksey via samba: >>> Until now, you have destroyed your domain. >>> Is the ldap directory on localhost in production or is this pc in a >>> test lab? >> a copy of the

On Sat, 10 Oct 2015 10:18 Rowland Penny wrote > ... the two ranges ('idmap config *' & 'idmap config HPRS') have to be separate > ranges that do not overlap, but there is also another range that doesn't appear > in smb.conf, this is the local users & groups that start at 0 and your idmap > ranges must not overlap this range as well and how do you do this

Sorry for the serial posting, but ... anxious ... I think there must be a bug in Samba 4.4.8, this all worked with 4.2.14. To summarize (details in attached messages), since upgrading from Samba 4.2.14 to 4.4.8, getent returns the wrong UID:GID. This is causing permission errors in programs like dovecot who try to read/write to Maildir files having the correct UID:GID. With 4.4.8 I now have

"Ah, but what if you have Unix clients" I do have Unix clients. They work just fine. The Samba AD/DC is the DHCP server. The Windows and Linux clients get their IP addresses and everyone can see all the hosts on the domain. for example: >From the domain controller (host name MAIL) $ host mark # mark is a Windows 7 workstation MARK.hprs.local has address 192.168.0.55 $ host

On Sat, 10 Oct 2015 16:07 Andrew Bartlett wrote > For the pain that you are about to endure, I can only offer my apologies. Apologies accepted! :) Seriously though, the Samba team has done a great job with the AD stuff. I was pretty much able to drop Samba4 in as a replacement for our SBS 2008 with virtually no issues. What issues I had were mostly Microsoft idiosyncracies (refer to my GPO

On 20/08/15 15:24, Mark Foley wrote: > Guilherme Boing, on 19 Aug 2015 14:31 you wrote: > >> I just noticed that my fresh install of Samba 4.2.3 has the same behaviour. > Did you get a solution? > > Odd, but this topic doesn't seem to be getting much traction. I wonder what > people are using Samba4 for. Outside of hard-cord samba-junkies who love > spending hours

I've just upgraded from Slackware 14.1 to 14.2. I've not done anything with dovecot -- it's the same version that was running before the upgrade. However, now I'm getting a permission error: /var/log/maillog: Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm:

Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark)) Just wanted to point out that you have at different UID for the folder than your EUID (gotten from userdb/passdb). Aki On 16.01.2017 23:09, Mark Foley wrote: > More

I've been using bind9 and DHCP on Samba 4.1.0 thru 4.1.17 and Slackware 64 14.1 for many months now in a production environment and it works just fine. There are a few tweaks here and there to get bind/dhcp to play nicely with Samba ... Note, conf file locations are Slackware, but you'll know where the same thing goes in your distro. In the examples below, my Domain IP range is

Comments interspersed with yours ... --Mark -----Original Message----- > Date: Sun, 06 Sep 2015 20:00:11 -0500 > From: Rick Romero <rick at havokmon.com> > To: dovecot at dovecot.org > Subject: Re: How to "Windows Authenticate" > > Hmm. I would expect to see 'mark at hprs.com'. Whatever your full domain > name is. Full user at domain would be

On Thu, 27 Aug 2015 23:03:39 -0400 Robert Moskowitz <rgm at htt-consult.com> wrote: > > On 08/27/2015 08:45 PM, Jim Seymour wrote: > > On Thu, 27 Aug 2015 17:00:28 -0400 > > Robert Moskowitz <rgm at htt-consult.com> wrote: > > > >> Ah, LDAP is included within Samba, I find. Don't install provided > >> one... [snip] > > >

Hi, I'm trying to migrate samba 3 NT domain to samba 4 AD, we have migrated data and it seems correct, but now we need to connect with ldapsearch but always receive errors like ldap_bind: Strong(er) authentication required (8) additional info: BindSimple: Transport encryption required. command used is /usr/bin/ldapsearch -H ldap://server -x -LLL -z 0 -D

Hi friends: I was installed Samba4 ver 4.5 on openSuSE 42.1 Leap, the smb.conf is: # Global parameters [global] netbios name = SERVERDOM realm = POLRMVAR.MTZ.SLD.CU workgroup = POLRMVAR dns forwarder = 10.44.0.5 server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc [netlogon]

On 21/07/16 06:08, Mark Foley wrote: > OK! I deleted the /etc/passwd entry for user mark and I modified my /etc/nsswitch.conf to: > > passwd: compat winbind > group: compat winbind > > I couldn't get sendmail working with this at first -- I didn't know what to [re]start to get > the new nsswitch config to take, so I rebooted. Probably I just had to restart sendmail,

If I had time I would be all over this - but IMHO the main problem is that Dovecot != Exchange.? Even in small environments - unless I'm out of date, there's no calendar, tasks or contact lists within Dovecot. Your next best best is to use something like Horde that would allow you to auth via ActiveSync (on Outlook 2013 clients) and manage everything else that the users will want, with