similar to: Unable to convert first SID ( user DOMAIN\Administrator )

Hai Rowland, > > No, you haven't done anything wrong and yes the provision > does set Domain Users to '100' in idmap.ldb. > Ow.. This i did not know, only wondering why its not BUILTIN\users ( how it is in windows ). Do you know as of which version this is? Of as of start, i really never noticed this. > > Do not remove Domain Users, but you are correct,

Small update. And changed the subject, was : [Samba] Domain member server: user access . My last test was done with 4.6.7. Now upgraded a DC to 4.6.8 ( and last result in 4.6.7 was 10000 ) root at rtd-dc1:~# wbinfo -G 100 S-1-5-21-2934682428-2610421433-476865461-513 root at rtd-dc1:~# wbinfo -G 10000 S-1-5-21-2934682428-2610421433-476865461-513 root at rtd-dc1:~# wbinfo

Hai, Does anyone know more if this is adressed or point me to the bug report? There should be one, but i cant find it. Im finding the following again, tested with samba 4.4.5, now samba 4.5.3. These reports go back to the year 2013. I searched in my mail samba folder for S-1-5-18 The problem. I create a "computer" Scheduled task. Now this task MUST run as : SYSTEM (S-1-5-18)

Hai,   Since im still having problems reading the man smb.conf about the NTLM settings, im asking here. How do i allow NTLM auth for my proxy.   I have been playing around with :           client NTLMv2 auth         raw NTLMv2 auth         ntlm auth         lanman auth   i’ve added the proxy user to the winbind_privileged group. and did set the needed rights. chgrp winbindd_priv

net groupmap list ntgroup='Domain Users' Domain Users (S-1-5-21-2934682428-5134513513-42425326-513) -> NTDOM\domain users But i did assign a GID myself. ( GID 10000 ) I noticed this. wbinfo --group-info='Domain Users' NTDOM\domain users:x:10000: wbinfo --gid-info 10000 NTDOM\domain users:x:10000: wbinfo --gid-info 100 NTDOM\domain users:x:100: So i have 2 GID for Domain

Hi, I have posted the following message to Squid-Users forum ( squid-users at lists.squid-cache.org). "I have migrated of Samba 4.2.1 to Samba 4.6.3 as DC, but now my Squid authentication doesn't work. In samba 4.2.1 is working properly. This is my authentication block: auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b DC=empresa,DC=com,DC=br -D

Hi. I use winbind + squid on Debian Buster to authenticate users + authorize them based on groups they are in. It all works, well, good, but winbind's CPU utilization peaks can reach up to 100%. The same solution ran OK on Debian Jessie with up to 20% CPU utilization at most. The configuration of Buster must have been updated based on the samba version leap/shift compared to Jessie. On

> Op 3 jun. 2017 om 23:07 heeft Rowland Penny via samba <samba at lists.samba.org> het volgende geschreven: > > On Sat, 3 Jun 2017 21:49:15 +0100 > Alex Matthews via samba <samba at lists.samba.org> wrote: > >> I feel you have missed the point of my original post, or maybe I >> wasn't clear enough. This is not a freshly provisioned install, this

Hai, > > I think you are misunderstanding what I wrote ;-) Thats possible yes.. Lucky you better in explaining then me in english. ;-) > > If you open 'idmap.ldb' and search for 513 (Domain Users > RID), you will > find: > > dn: CN=S-1-5-21-1768301897-3342589593-1064908849-513 > cn: S-1-5-21-1768301897-3342589593-1064908849-513 > objectClass: sidMap

Dear colleagues and samba-experts, I installed a samba-file-server as a samba domain-member using debian jessie-packages, following the samba-manual "Setting up Samba as a Domain Member". I can access the shares and create files but there are issues concerning security. As proposed I am using RSAT (on a german Windows 10 Pro, logged in as Domain Administrator) to set details

Upgraded to Samba 4.11.2 and I?ve now too started seeing the message: get_share_mode_lock: get_static_share_mode_data failed: NT_STATUS_NO_MEMORY A lot. I modified the source in source3/locking/share_mode_lock.c a bit in order to print out the values of the service path, smb_fname & old_write_time when it fails and it seems they are all NULL? [2019/11/14 14:24:23.358441, 0]

Hai,   Im setting up a new proxy and im testing a bit around. Goal is, get everyting working with minimal changes to the system.   Setup: Debian 8 with NFS nfsv3 and v4 (krb) automounts,  winbind 4.5.3 , squid 3.5.24 (with ssl support) Which is basicly a copy of my other proxy but a new install with more systemd and less packages used.   Working: -          ssh logins with AD users.

Dear All, we are experiencing severe problems with Samba 2.2.0 (with quota support) running on a dual processor (400MHz) Sun E450 running Solaris 2.7. This is used as a central file server for student diskspace, accessed by approx 1200 PCs running NT 4. Up until recently we experienced some, what we assume to be, loading issues with connections during the middle of the day being slow.

On 15/04/16 13:43, L.P.H. van Belle wrote: > Ok, i have tested a bit more also. > > Now i have this problem also on some other servers with D. Jessie. > > The sernet 4.2.11 debian wheezy works fine as far i can see now. > > All my member servers have these settings ( see below),. > Versies used are > 4.1.17 (all ok) ( debian jessie packages ) > 4.2.20 (fail wbinfo -u)

Yeah, i have an output of log level 10 while i do a wbinfo -u. As for the packages below. 4.1.17, yes, im upgrading these as we speak, but now on hold due to this problem. 4.2.20 .. error typo, is Version 4.2.10-Debian 4.3.7.. yeah, but 4.3.8 is not in debian, the 4.3.7 is the package version debian used for the latest CVE fixes. Im waiting until 4.4.2 is out of experimental so i can

Gordon Messmer wrote: > On 06/09/2016 11:43 AM, Valeri Galtsev wrote: >> When databases are concerned, I would never rely on a snapshot of their >> storage files. Either stop relevant daemon(s), then do fs snapshot, or >> better though do dbdump and restore databases from dump when you need to >> restore it. > > Dumping and restoring files can be *really* slow, so

On Fri, 2018-09-07 at 20:14 +0200, Luca Olivetti via samba wrote: > El 7/9/18 a les 17:59, Marco Gaiarin via samba ha escrit: > > > It is better to install squid/freeradius in the same host of a DC, or > > don't bother at all so they can be installed also on a DM? > > I don't know if it's better but I'm running freeradius with ntlm_auth on > a

I'm encountering lots of Oct 31 11:14:25 postamt dovecot: pipe() failed: Too many open files errors around midday ever since the latest upgrade to 1.0.7. The errors appear in pairs like this one: Oct 31 11:20:01 postamt dovecot: pipe() failed: Too many open files Oct 31 11:20:01 postamt dovecot: imap-login: Internal login failure: user=<username>, method=PLAIN, rip=193.175.174.239,

Hi root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes ...some error information... Checked 3647 objects (2 errors) root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix Checking 3647 objects Checked 3647 objects (0 errors) root at dc1:~ # getfacl /usr/local/samba/var/locks/sysvol/ getfacl: Removing leading '/' from absolute path

Hi here are the commands in the order I ran them: root at dc1:~ # systemctl stop samba root at dc1:~ # net cache flush root at dc1:~ # samba-tool ntacl sysvolreset root at dc1:~ # net cache flush root at dc1:~ # samba-tool ntacl sysvolcheck root at dc1:~ # systemctl start samba root at dc1:~ # smbclient //localhost/sysvol -UAdministrator -c 'ls' Enter Administrator's password: