similar to: getent only displays local users & groups

I have read numerous posts regarding this issue without finding a resolution. I have a fresh Samba AD DC & a Samba Member server. the member server has been setup using idmap config ad wbinfo -u & wbinfo -g both work and list the domain users & groups getent passwd & getent group both only display the local member server users and groups >From what I have read I understand

On Sun, 27 Nov 2016 10:33:04 +1100 Henry <dercni at gmail.com> wrote: > On Sat, Nov 26, 2016 at 8:30 PM, Rowland Penny via samba > <samba at lists.samba.org> wrote: > > On Sat, 26 Nov 2016 12:25:23 +1100 > > Henry <dercni at gmail.com> wrote: > > > >> thanks again Rowland however I must have something wrong as I have > >> double checked

On Fri, 25 Nov 2016 12:34:57 +1100 Henry <dercni at gmail.com> wrote: > Thanks Rowland. > > getent passwd => lists all local users > > getent passwd administrator => returns nothing on DC or member. > > I have created an AD user called "henry" and assigned a uid > getent passwd henry => returns nothing 'getent' will only display domain

Hi Timo/list, We have a scenario in which some email accounts on dovecot (stored in mdbox, separate paths for indexes, email, ALT storage and also using SIS for attachments, LDAP directory) need their names changed. I know we could just change the mail LDAP attribute (and leave mailMessageStore alone) so they keep the same directories on disk, but this would throw a spanner in the works for

Thanks, I suppose what I'm trying to gain is some clarity on what choice is best for a given application. How do I know if it's better for me to use a raid card or not, to include flash-cache on it or not, to use ZFS or not, when combined with a small number of SSDs in Replica 3. On Mon, Apr 9, 2018 at 10:49 AM, Alex Crow <acrow at integrafin.co.uk> wrote: > On 09/04/18

On 30/01/16 11:55, Henry McLaughlin wrote: > root at aphrodite:~# getent passwd administrator On a domain member this is quite correct, what you are missing from your smb.conf is something like this line: username map = /etc/samba/samba_usermapping with 'samba_usermapping' containing: !root = SAMDOM\Administrator SAMDOM\administrator NOTE: replace 'SAMDOM' with your domain

Thanks, The 3 servers are new Lenovo units with redundant PS backed by two huge UPS units (on for each bank of power supplies). I think the chances of losing two nodes is incredibly slim, and in that case a Disaster Recovery from offsite backups would be reasonable. My requirements are about 2TB, highly available (so that I can reboot one of the 3 servers without taking down services). Beyond

On 09/04/18 16:49, Vincent Royer wrote: > > > Is a flash-backed Raid required for JBOD, and should it be 1gb, 2, > or 4gb flash? > > RAID and JBOD are completely different things. JBODs are just that, bunches of disks, and they don't have any cache above them in hardware. If you're going to use ZFS under Gluster, look at the ZFS docs first. Short answer is no.

Hi Alex, Nice information about forest type. Regarding listing domain users, have you tried to set up samba with: winbind use default domain = no? 2016-07-11 19:50 GMT+02:00 Alex Crow <acrow at integrafin.co.uk>: > > > On 11/07/16 13:55, Alex Crow wrote: > > Hi List, > > > > I am currently testing inter-forest trusts between a pair of AD > > domains.

On 30 January 2016 at 23:16, Rowland penny <rpenny at samba.org> wrote: > On 30/01/16 11:55, Henry McLaughlin wrote: > >> root at aphrodite:~# getent passwd administrator >> > > On a domain member this is quite correct, what you are missing from your > smb.conf is something like this line: > > username map = /etc/samba/samba_usermapping > > with

Yes, this does not make sense. If I have member file servers, and I want to be in control of which groups can access what, surely winbind needs to be able to get a GID from AD? It may be different in our case as we migrated from classic Samba, but every non-builtin group we have has a GID assigned and it works perfectly. Indeed, if I create a new group without assigning a Unix GID, it is not

Database size would interest us here, with and without trust if you have these metrics. Global catalog is supposed to stored some attributes of almost all objects of all trusted domains, if me understanding is correct and we have no real idea about what that means in concrete terms. 2016-07-12 12:55 GMT+02:00 Alex Crow <acrow at integrafin.co.uk>: > On 12/07/16 09:36, mathias dufresne

On 09/04/18 19:02, Vincent Royer wrote: > Thanks, > > I suppose what I'm trying to gain is some clarity on what choice is > best for a given application.? How do I know if it's better for me to > use a raid card or not, to include flash-cache on it or not, to use > ZFS or not, when combined with a small number of SSDs in Replica 3. > > How few is "small

root at aphrodite:~# getent passwd administrator root at aphrodite:~# wbinfo -u administrator krbtgt guest root at aphrodite:~# cat /etc/samba/smb.conf [global] netbios name = APHRODITE security = ADS workgroup = DOMAIN realm = AD.DOMAIN.COM.AU log file = /var/log/samba/%m.log log level = 1 dedicated keytab file = /etc/krb5.keytab

> Apart from DC2 not having this line: > > idmap_ldb:use rfc2307 = yes > > Both smb.conf files look ok. > Can you elaborate on your problem and show a few examples. > > Rowland > > Surely the above line is required to obtain consistent UID, SID and name mappings on all servers? Can the OP try adding it to their DC2, restarting services, and check again? I was

On Sat, 26 Nov 2016 12:25:23 +1100 Henry <dercni at gmail.com> wrote: > thanks again Rowland however I must have something wrong as I have > double checked everything... > > Group: Domains Users has GID of 10000 > User: henry has UID of 10000 > can the user and group have the same number? Yes, this is me on my Unix domain member: rowland at devstation:~$ getent passwd

On 12/8/2016 5:16 AM, Alex Crow via samba wrote: > > > On 07/12/16 16:23, L.P.H. van Belle via samba wrote: >> Just check, yes all my pc's ( dhcp and static ) are owner of the DNS >> records. >> >> NTDOM\COMPUTERNAME$ is set on the record and every pc its own record. >> >> ! one thing, i do use Bind9_dlz with samba and not internal DNS. >> I

On 11/02/15 18:16, Marc Muehlfeld wrote: > Hello Alex, > > Am 11.02.2015 um 16:20 schrieb Alex Crow: >> We are looking at moving from a Samba NT4-Style domain to Samba 4 AD. >> >> We currently have two NT4-style domains set to to trust each other. Is >> this possible with S4 AD domains? > Your FAQ is answered here: >

On 22/06/16 10:48, Volker Lendecke wrote: > Hello! > > Sorry to say that, but this list lives in user space. If your kernel > crashes, you should contact your CentOS support for help. > > Regards, Volker > > Hi, Thanks, just found it odd that it was only that process having problems. Alex -- This message is intended only for the addressee and may contain confidential

On 12/07/16 09:36, mathias dufresne wrote: > Hi Alex, > > Nice information about forest type. > Regarding listing domain users, have you tried to set up samba with: > winbind use default domain = no? Hi, Yes I have, and it works as expected (ie all from the local domain are prepended with DOMAIN\, but does not solve anything for by trusted domain accounts on member servers.