Displaying 20 results from an estimated 800 matches similar to: "[samba as AD] Hidden attributes"
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> That's correct, I don't have "Unix Attributes" but through the advanced
> view I have access to all attributes.
>
> The ldbsearch command is not returning anything in my case, it gives me 0
> records - no matter which user I try, even the Administrator. I checked the
> command several times to make sure
2017 Jun 19
3
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 12:38:09 +0200
Viktor Trojanovic <viktor at troja.ch> wrote:
> Here is the DC's smb.conf:
>
>
> [global]
> workgroup = SAMDOM
> realm = SAMDOM.EXAMPLE.COM
> netbios name = DC
> interfaces = lo br-lxc
> bind interfaces only = Yes
> server role = active directory domain controller
>
2017 Jun 19
2
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 14:46:34 +0200
Viktor Trojanovic <viktor at troja.ch> wrote:
> On 19 June 2017 at 14:20, lingpanda101 via samba
> <samba at lists.samba.org> wrote:
>
> > On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> >
> >> That's correct, I don't have "Unix Attributes" but through the
> >> advanced view I have
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 9:12 AM, Viktor Trojanovic via samba wrote:
> On 19 June 2017 at 14:56, Rowland Penny via samba <samba at lists.samba.org>
> wrote:
>
>> On Mon, 19 Jun 2017 14:46:34 +0200
>> Viktor Trojanovic <viktor at troja.ch> wrote:
>>
>>> On 19 June 2017 at 14:20, lingpanda101 via samba
>>> <samba at lists.samba.org> wrote:
2016 Jul 04
0
[samba as AD] Hidden attributes
On 04/07/16 16:16, mathias dufresne wrote:
> Hi all,
>
> Is there a way to extract the whole attributes of objects, even hidden
> attributes, using ldbsearch or any samba tool?
Don't think you can get the hidden attributes over the wire, but you can
get them on the DC by explicitly asking for them.
>
> Hidden attributes have to be hidden from ldapsearch which can be used
2017 Jun 19
2
New AD user cannot access file share from member server
I missed to mention it. But I actually did try changing the CN=users to
OU=ouname, and even leaving it out. I don't know why it didn't return any
results before, it does now - see my reply to James.
On 19 June 2017 at 14:30, Rowland Penny via samba <samba at lists.samba.org>
wrote:
> On Mon, 19 Jun 2017 08:20:35 -0400
> lingpanda101 via samba <samba at lists.samba.org>
2016 Sep 07
4
Winbind / Samba auth problem after username change
Good Morning Rowland,
oh well, the bad side of the Internet... well the samba stuff was implemented by a former co-worker so I've to get into everything he did.
Here’s the information you’ve requested, additionally with my config files I know changed based on the samba wiki:
smb.conf:
cat /etc/samba/smb.conf
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.local
netbios name =
2016 Aug 17
3
SOLVED: WINBIND: UID and GID false mappings on domain member
I bump this only to say SOLVED and many thanks to Rowland.
Lessons learned:
1.
Indeed, my problems where related to not having a gidNumber for "Domain
Users".
After adding it I got real wbinfo --user-info on the domain member (file
server).
My test user could log in in his old home from the NT domain preserving the
old UID and GID.
2. (question = why?)
And login.bat was called at
2017 Jun 19
4
New AD user cannot access file share from member server
I run a very small Samba AD, consisting of a Samba AD DC and a Samba AD
Member Server, acting as file server.
Today, I added a new user to the AD but I simply can't manage to get access
to the file server - only for this user, all others are working fine.
My AD is rfc2307 based, so I manually have to add UID's. I did so for the
new user, the ID is within range and not in use. I double
2016 Sep 07
0
Winbind / Samba auth problem after username change
See inline comments.
On Wed, 7 Sep 2016 09:12:35 +0000
Julian Zielke <jzielke at next-level-integration.com> wrote:
>
>
>
> smb.conf:
>
Can you try this smb.conf:
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.local
netbios name = vmu09tcse01
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
server string = Samba AD Client Version %v
2016 Aug 17
0
SOLVED: WINBIND: UID and GID false mappings on domain member
On Wed, 17 Aug 2016 04:54:41 -0700 (PDT)
rawi via samba <samba at lists.samba.org> wrote:
> I bump this only to say SOLVED and many thanks to Rowland.
>
> Lessons learned:
>
> 1.
> Indeed, my problems where related to not having a gidNumber for
> "Domain Users".
> After adding it I got real wbinfo --user-info on the domain member
> (file server).
>
2017 Jun 19
0
New AD user cannot access file share from member server
That's correct, I don't have "Unix Attributes" but through the advanced
view I have access to all attributes.
The ldbsearch command is not returning anything in my case, it gives me 0
records - no matter which user I try, even the Administrator. I checked the
command several times to make sure there are no typos. I even changed the
objectclass from "person" to
2017 Jun 19
0
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 08:20:35 -0400
lingpanda101 via samba <samba at lists.samba.org> wrote:
> On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> > That's correct, I don't have "Unix Attributes" but through the
> > advanced view I have access to all attributes.
> >
> > The ldbsearch command is not returning anything in my case, it
>
2017 Jun 19
0
New AD user cannot access file share from member server
On 19 June 2017 at 14:20, lingpanda101 via samba <samba at lists.samba.org>
wrote:
> On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
>
>> That's correct, I don't have "Unix Attributes" but through the advanced
>> view I have access to all attributes.
>>
>> The ldbsearch command is not returning anything in my case, it gives me 0
2017 Jun 19
0
New AD user cannot access file share from member server
On 19 June 2017 at 14:56, Rowland Penny via samba <samba at lists.samba.org>
wrote:
> On Mon, 19 Jun 2017 14:46:34 +0200
> Viktor Trojanovic <viktor at troja.ch> wrote:
>
> > On 19 June 2017 at 14:20, lingpanda101 via samba
> > <samba at lists.samba.org> wrote:
> >
> > > On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> > >
2017 Jun 19
0
New AD user cannot access file share from member server
On 19 June 2017 at 15:31, lingpanda101 via samba <samba at lists.samba.org>
wrote:
> On 6/19/2017 9:12 AM, Viktor Trojanovic via samba wrote:
>
>> On 19 June 2017 at 14:56, Rowland Penny via samba <samba at lists.samba.org>
>> wrote:
>>
>> On Mon, 19 Jun 2017 14:46:34 +0200
>>> Viktor Trojanovic <viktor at troja.ch> wrote:
>>>
2017 Jun 19
0
New AD user cannot access file share from member server
Not sure if it matters but here is the AD object of a user with no issues:
[root at GJSERVER ~]# ldbsearch -H /var/lib/samba/private/sam.ldb -b
'ou=office,dc=samdom,dc=example,dc=ch' -s sub
"(&(objectclass=person)(samaccountname=jd))"
# record 1
dn: CN=John Doe,OU=OFFICE,DC=samdom,DC=example,DC=ch
objectClass: top
objectClass: person
objectClass: organizationalPerson
2016 Sep 07
2
Winbind / Samba auth problem after username change
- It really ends in local. So I guess I can leave this one.
- I've corrected the double entry in nsswitch.conf
The command returns:
# getent passwd | grep ren_test
ren_test4:*:12521:10513:ren_test4:/home/NLI.LOCAL/ren_test4:/bin/bash
What I copied into the message before was our object directly from the DC.
I thought you said "ldapsearch", not ldbsearch ;-)
Well here's the
2014 Mar 29
2
one day AD use -> samba-tool dbcheck reports "Normalisation error for attribute 'objectClass'"
Hi all,
Our migration is coming along nicely, everything seems to work like it
should... I thought... Only samba-tool dbcheck reports five errors:
root at dc1:~# samba-tool dbcheck
Checking 1143 objects
ERROR: Normalisation error for attribute 'objectClass' in
'CN=phdseminar,CN=Users,DC=my,DC=samba,DC=domain'
Values/Order of values do/does not match: ['top',
2016 Oct 04
2
especify a DN by using ldbsearch
Hi @ll:
I need to get the objectClass of some objects by giving theirs DistinguishedNames.
I've try with this: #ldbsearch -H 127.0.0.1 dn='CN=nameTest,CN=Users,DC=example,DC=com'
But:
# returned 3 records
# 0 entries
# 3 referrals
Any idea?
How Can I to specify a DN in ldbsearch command.
Thanks.
___________________________________________
Felipe_ González_Santiago
The