Displaying 20 results from an estimated 11000 matches similar to: "Unable to convert first SID ( user DOMAIN\Administrator )"
2017 Sep 26
8
Domain member server: user access
Hai Rowland,
>
> No, you haven't done anything wrong and yes the provision
> does set Domain Users to '100' in idmap.ldb.
>
Ow..
This i did not know, only wondering why its not BUILTIN\users ( how it is in windows ).
Do you know as of which version this is? Of as of start, i really never noticed this.
>
> Do not remove Domain Users, but you are correct,
2017 Sep 26
3
Resolving inconsistant on DC with AD backend. GID 100 and 10000
Small update.
And changed the subject, was : [Samba] Domain member server: user access .
My last test was done with 4.6.7.
Now upgraded a DC to 4.6.8 ( and last result in 4.6.7 was 10000 )
root at rtd-dc1:~# wbinfo -G 100
S-1-5-21-2934682428-2610421433-476865461-513
root at rtd-dc1:~# wbinfo -G 10000
S-1-5-21-2934682428-2610421433-476865461-513
root at rtd-dc1:~# wbinfo
2017 Jan 24
4
Security Principals, and SID's mapping bug
Hai,
Does anyone know more if this is adressed or point me to the bug report?
There should be one, but i cant find it.
Im finding the following again, tested with samba 4.4.5, now samba 4.5.3.
These reports go back to the year 2013.
I searched in my mail samba folder for S-1-5-18
The problem.
I create a "computer" Scheduled task.
Now this task MUST run as : SYSTEM (S-1-5-18)
2017 Feb 15
2
question about ntlm
Hai,
Since im still having problems reading the man smb.conf about the NTLM settings, im asking here.
How do i allow NTLM auth for my proxy.
I have been playing around with :
client NTLMv2 auth
raw NTLMv2 auth
ntlm auth
lanman auth
i’ve added the proxy user to the winbind_privileged group.
and did set the needed rights.
chgrp winbindd_priv
2019 May 13
1
debian 10: errors with my server samba-ad
net groupmap list ntgroup='Domain Users'
Domain Users (S-1-5-21-2934682428-5134513513-42425326-513) -> NTDOM\domain users
But i did assign a GID myself. ( GID 10000 )
I noticed this.
wbinfo --group-info='Domain Users'
NTDOM\domain users:x:10000:
wbinfo --gid-info 10000
NTDOM\domain users:x:10000:
wbinfo --gid-info 100
NTDOM\domain users:x:100:
So i have 2 GID for Domain
2017 Jun 03
3
failed to call wbcGetpwnam/wbcGetgrnam/wbcGetpwsid WBC_ERR_DOMAIN_NOT_FOUND
> Op 3 jun. 2017 om 23:07 heeft Rowland Penny via samba <samba at lists.samba.org> het volgende geschreven:
>
> On Sat, 3 Jun 2017 21:49:15 +0100
> Alex Matthews via samba <samba at lists.samba.org> wrote:
>
>> I feel you have missed the point of my original post, or maybe I
>> wasn't clear enough. This is not a freshly provisioned install, this
2017 May 22
4
Problems with Samba 4.6.3 Authentication
Hi,
I have posted the following message to Squid-Users forum (
squid-users at lists.squid-cache.org).
"I have migrated of Samba 4.2.1 to Samba 4.6.3 as DC, but now my Squid
authentication doesn't work.
In samba 4.2.1 is working properly.
This is my authentication block:
auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b
DC=empresa,DC=com,DC=br -D
2019 Aug 13
3
winbind - frequent high CPU utilization
Hi.
I use winbind + squid on Debian Buster to authenticate users + authorize
them based on groups they are in. It all works, well, good, but winbind's
CPU utilization peaks can reach up to 100%. The same solution ran OK on
Debian Jessie with up to 20% CPU utilization at most.
The configuration of Buster must have been updated based on the samba
version leap/shift compared to Jessie.
On
2017 Mar 29
6
Failed to enumerate objects in the container. Access is denied.
Dear colleagues and samba-experts,
I installed a samba-file-server as a samba domain-member using debian jessie-packages, following the samba-manual "Setting up Samba as a Domain Member".
I can access the shares and create files but there are issues concerning security.
As proposed I am using RSAT (on a german Windows 10 Pro, logged in as Domain Administrator) to set details
2019 Nov 14
6
get_share_mode_lock: get_static_share_mode_data failed: NT_STATUS_NO_MEMORY
Upgraded to Samba 4.11.2 and I?ve now too started seeing the message:
get_share_mode_lock: get_static_share_mode_data failed: NT_STATUS_NO_MEMORY
A lot. I modified the source in source3/locking/share_mode_lock.c a bit in order to print out the values of the service path, smb_fname & old_write_time when it fails and it seems they are all NULL?
[2019/11/14 14:24:23.358441, 0]
2017 Feb 01
1
winbind question. (challenge/response password authentication)
Hai,
Im setting up a new proxy and im testing a bit around.
Goal is, get everyting working with minimal changes to the system.
Setup: Debian 8 with NFS nfsv3 and v4 (krb) automounts, winbind 4.5.3 , squid 3.5.24 (with ssl support)
Which is basicly a copy of my other proxy but a new install with more systemd and less packages used.
Working:
- ssh logins with AD users.
2001 Dec 13
4
Severe problem with Samba
Dear All,
we are experiencing severe problems with Samba 2.2.0 (with quota support) running on a
dual processor (400MHz) Sun E450 running Solaris 2.7. This is used as a central file server for
student diskspace, accessed by approx 1200 PCs running NT 4. Up until recently we
experienced some, what we assume to be, loading issues with connections during the middle of
the day being slow.
2016 Oct 19
3
auth problems with samba 4.4.6 (winbind) *(suppected bug)
Hai,
I had some users today that couldnt login.
Windows stopped at the “Welcome” screen.
Now, i checked the logs and i noticed a change in winbind.
i noticed 2 logs files with increase a 1000% in size. log.winbindd-idmap and log.wb-NTDOM
Before ( samba 4.4.5 ) log.winbindd-idmap
[2016/09/30 11:32:37.040567, 0] ../source3/winbindd/winbindd.c:280(winbindd_sig_term_handler)
2017 Sep 26
0
Domain member server: user access
Hai,
>
> I think you are misunderstanding what I wrote ;-)
Thats possible yes.. Lucky you better in explaining then me in english. ;-)
>
> If you open 'idmap.ldb' and search for 513 (Domain Users
> RID), you will
> find:
>
> dn: CN=S-1-5-21-1768301897-3342589593-1064908849-513
> cn: S-1-5-21-1768301897-3342589593-1064908849-513
> objectClass: sidMap
2016 Jun 09
2
remote backup
Gordon Messmer wrote:
> On 06/09/2016 11:43 AM, Valeri Galtsev wrote:
>> When databases are concerned, I would never rely on a snapshot of their
>> storage files. Either stop relevant daemon(s), then do fs snapshot, or
>> better though do dbdump and restore databases from dump when you need to
>> restore it.
>
> Dumping and restoring files can be *really* slow, so
2016 Apr 15
1
Domain member seems to work, wbinfo -u not
On 15/04/16 13:43, L.P.H. van Belle wrote:
> Ok, i have tested a bit more also.
>
> Now i have this problem also on some other servers with D. Jessie.
>
> The sernet 4.2.11 debian wheezy works fine as far i can see now.
>
> All my member servers have these settings ( see below),.
> Versies used are
> 4.1.17 (all ok) ( debian jessie packages )
> 4.2.20 (fail wbinfo -u)
2016 Apr 15
5
Domain member seems to work, wbinfo -u not
Yeah, i have an output of log level 10 while i do a wbinfo -u.
As for the packages below.
4.1.17, yes, im upgrading these as we speak, but now on hold due to this problem.
4.2.20 .. error typo, is Version 4.2.10-Debian
4.3.7.. yeah, but 4.3.8 is not in debian, the 4.3.7 is the package version debian used for the latest CVE fixes.
Im waiting until 4.4.2 is out of experimental so i can
2007 Oct 31
3
dovecot: pipe() failed: Too many open files
I'm encountering lots of
Oct 31 11:14:25 postamt dovecot: pipe() failed: Too many open files
errors around midday ever since the latest upgrade to 1.0.7.
The errors appear in pairs like this one:
Oct 31 11:20:01 postamt dovecot: pipe() failed: Too many open files
Oct 31 11:20:01 postamt dovecot: imap-login: Internal login failure: user=<username>, method=PLAIN, rip=193.175.174.239,
2018 May 21
3
RSAT Hang
So, I setup Samba on Ubuntu 18.04, using the packaged Samba version. [Thanks Rowland/Louis et al.]
I'm doing some testing/tinkering using FreeNAS as a share, using the AD as the authentication back-end.
As part of that process, you need to add a computer account and change some security settings.
I setup RSAT and can see the AD tree, and add users etc.
When I try to switch to advanced view
2017 Aug 10
3
idmap question
Hi all,
What is the real purpose if the following lines when using idmap-rid or
idmap-ad:
# Default idmap config for local BUILTIN accounts and groups
idmap config * : backend = tdb
idmap config * : range = 3000-7999
When using the next two lines
# idmap config for the SAMDOM domain
idmap config SAMDOM : backend = rid [or ad]
idmap config SAMDOM : range = 10000-999999
AD users will be in