similar to: Disjointness between samba and distros?

On Tue, Feb 9, 2016 at 8:44 AM, Reindl Harald <h.reindl at thelounge.net> wrote: > > Am 09.02.2016 um 16:28 schrieb Jeff Sadowski: > >> Most major distros compile samba with out the ability to do AD DC (Ubutum, >> Fedora, Suse) >> Fedora's documentation since samba 4.0 has stated >> "We'll provide Samba AD DC functionality as soon as its support

Am 09.02.2016 um 16:28 schrieb Jeff Sadowski: > Most major distros compile samba with out the ability to do AD DC (Ubutum, > Fedora, Suse) > Fedora's documentation since samba 4.0 has stated > "We'll provide Samba AD DC functionality as soon as its support of MIT > Kerberos KDC will be ready." > This is even provided in 4.4.0rc1 build of samba for fedora

OK so I don't have a program tdbbackup. Where do I get it? On Mon, Jul 10, 2017 at 10:38 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > > > On Mon, Jul 10, 2017 at 9:45 AM, Jeff Sadowski <jeff.sadowski at gmail.com> > wrote: > >> In /usr/lib64/python2.7/site-packages/samba/provision/sambadns.py >> >> Update: It is failing in

In /usr/lib64/python2.7/site-packages/samba/provision/sambadns.py Update: It is failing in create_samdb_copy specifically here: # Copy root, config, schema partitions (and any other if any) # Since samdb is open in the current process, copy them in a child process try: tdb_copy(os.path.join(private_dir, "sam.ldb"), os.path.join(dns_dir,

On Mon, Jul 10, 2017 at 8:02 AM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Mon, 10 Jul 2017 06:43:37 -0600 > Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > > > Bind-9.11 is installed. How do you configure it? Does it need anything > > special in the config for samba to build the ...samba.../named.conf > > file that I should be able

Bind-9.11 is installed. How do you configure it? Does it need anything special in the config for samba to build the ...samba.../named.conf file that I should be able to include in my /etc/named.conf afterwards? My guess is that some directory is missing. But if I start fresh and configure samba with the internal dns it gets all the way through it's configuration with no errors. I've

correction samba-dc still doesn't come with samba-tool On Thu, Jul 28, 2016 at 10:13 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > I would like to start testing this? I saw a few months back Alexander > Bokovoy Released a build for F23 and I started using that. Now that F24 > is out I have to look for a way to upgrade. Is there a build for rawhide > with this?

On Fri, Jul 22, 2016 at 12:25 PM, Jeremy Allison <jra at samba.org> wrote: > On Fri, Jul 22, 2016 at 02:54:05PM +0200, Stefan Schäfer wrote: >> Hi List, >> >> I do my best to ask my question in english. ;-) >> >> Samba4 integrated heimdal kerberos to do the kerberos work for >> Active Directory. Some Linux Distributions like fedora/RedHat and >>

updating Fedora-rawhide this morning I see 4.5.0rc1 has arrived. And still no samba-tool so I looked at installing from source with dnf download --source samba rpm -i samba*src.rpm looking at the spec file I see a section %if ! %with_dc --without-ad-dc \ %endif How do I tell rpmbuild with_dc? On Mon, Aug 1, 2016 at 8:27 AM, mathias dufresne <infractory at gmail.com> wrote:

Il giorno dom, 19/02/2017 alle 21.17 -0700, Jeff Sadowski via samba ha scritto: > I was never able to build it in a way I have rebuild samba from rpm source on Centos 7 (samba 4.4.4) and Fedora (samba 4.5.5) with this procedure: > > [lesca at dodo rpmbuild]$ cat rebuild.txt > # > > # Install Development ... > sudo yum -y groupinstall 'Development Tools' > # sudo

I found what I needed to do DOMAIN=MIND.UNM.EDU SHORT=MIND authconfig --enablekrb5 --krb5kdc=${DOMAIN} --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN} --smbservers=${DOMAIN} --smbworkgroup=${SHORT} --winbindtemplatehomedir=/na/homes/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain

My smb.conf file now looks like so [global] #--authconfig--start-line-- # Generated by authconfig on 2017/10/30 10:47:34 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = MIND password server = MIND.UNM.EDU realm = MIND.UNM.EDU security = ads idmap config * : range = 2000-7999

I am trying to setup samba as a dc using bind dlz I'm not sure how much I need to setup on bind before I can use it. I did the following check. [root at dc1 ~]# named -V | sed 's/ /\n/g'| grep '\-\-' |grep -e gssapi -e dlopen '--with-dlopen=yes' '--with-gssapi=yes' I am using the default config for samba that came with Fedora Rawhide. I wanted to try out the

On Wed, Aug 3, 2016 at 1:43 AM, Rowland Penny <rpenny at samba.org> wrote: > > See inline comments > And Please keep replies to the list > > On Tue, 2 Aug 2016 15:08:26 -0600 > Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > > > Samba's wiki didn't have a walk through working example from A to Z. > > It is great don't get me wrong but I

# cat /proc/sys/kernel/ngroups_max 65536 # sysctl kernel.ngroups_max kernel.ngroups_max = 65536 Is there a way to change/look at AUTH_SYS? Seems I have 28 groups now as my user I tried created a test user with much less groups but it turns out it is on all those other groups. As such I tried winbind nested groups=no but this doesn't seem to change anything. On Tue, Dec 8, 2015 at 5:05

# id username|sed "s/,/\n/g"|wc -l 155 # id|sed "s/,/\n/g"|wc -l 28 On Tue, Dec 8, 2015 at 2:56 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > wbinfo -r username > shows the gid of it > and a bunch of -1's id guess for groups without gid's > my user belongs to 155 groups is there a problem with that many groups? > > On Tue, Dec 8,

On Sun, 19 Feb 2017, Jeff Sadowski via samba wrote: > I was never able to build it in a way I feel comfortable on Fedora. I would > want to build it using an RPM build process. I think I want an MIT build > but I don't know what all I would need to build either way. I thought it What do you hope to gain from an MIT build? The MIT kerberos user tools (kinit, etc) operate just fine

maybe it'll work when f27 comes out in a few days I'll wait for it. On Mon, Oct 30, 2017 at 3:05 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > for this machine it was unimportant. I will just use local accounts to > login it is only one user > I did remove sssd and went back to my original smb.conf but it still shows > > [root at squints ~]# getent passwd

I tried using samba's internal dns server just to see if this made a difference, but it did not. On Sat, Jul 30, 2016 at 9:06 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > It is. I am using bind and include the .../samba/private/named.conf in my > primary bind file and changed the group of .../samba/private to named so > named could read the files. > > On Sat,

Is the primary DNS on the windows machine set to the AD domain controller? On Jul 30, 2016 4:42 PM, "Jeff Sadowski" <jeff.sadowski at gmail.com> wrote: > following here > https://www.samba.org/samba/docs/using_samba/ch12.html > I decided to use explorer to test getting to it and I notice I can connect > to the server using the Administrator user and password and see