similar to: Samba4 + Winbind

Hello everyone, I'm using Samba4 in my CentOS server, and it was just fine. I could always use ldap commands like 'ldapsearch' and 'ldapadd' and I had no problem. But one day, I don't know why, I couldn't use more ldapsearch or ldapadd. They return this: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) I'm using the same command as always, like:

Hello Marc, Thanks for your documentation. Well I followed what you wrote, perhaps my wbinfo command fails when I try to test the connectivity. # wbinfo --ping-dc checking the NETLOGON dc connection failed failed to call wbcPingDc: WBC_ERR_WINBIND_NOT_AVAILABLE Could not ping our DC My smb.conf is now this: # Global parameters [global] netbios name = DEVLUCAS1 realm =

Hello Vinicius, I did it and this was the answer: ldapsearch -H "ldaps://devsamba.lucas.ufes.br:636" -w '*********' -D "cn=administrator,cn=users,dc=lucas,dc=ufes,dc=br" -x -b "dc=lucas,dc=ufes,dc=br" -d1 ldap_url_parse_ext(ldaps://devsamba.lucas.ufes.br:636) ldap_create ldap_url_parse_ext(ldaps://devsamba.lucas.ufes.br:636/??base) ldap_sasl_bind

Your smb.conf is for a Domain Controller. Winbind is meant to run on member servers. You are setting up a domain controller or you are joining this samba to an existing domain? Em 04/01/2017 10:25, Lukz Ferris via samba escreveu: > Rowland, > > > I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm doing something wrong. > > > This is what I tried

Hello Rowland, You shouldn't use 'ldaps' and ':636', in fact you shouldn't use ':636' at all. OK, mini-howto coming up ;-) The DC is dc1.samdom.example.com The AD domain DN is dc=samdom,dc=example,dc=com There is this line in the DC smb.conf: tls certfile = tls/cert.pem The reverse dns zone has been created and operational The client is

Hello Brian, Sorry to my late answer, I did what you suggest previously This error suggests a problem with your certificate. If it used to work previously, then check it hasn't expired. openssl s_client -connect devsamba.lucas.ufes.br:636 copy-paste the certificate into a pem file, including begin/end lines openssl x509 -in mycert.pem -noout -enddate And check your root CA

Hello, I am currently testing for Samba4. The creation of the domain and the secondary Dc implementation works well. But by performing tests for a fail over situation I realized that when the DC that created the domain is in fail over the linux client machine can no longer retrieve the list of users from the domain. I would like to know if a person has already faced this situation and if so how he

Just a thought if the client machines are still getting a listing in the DNS for the failed machines wouldn't this be a problem? How would the programs know not to use the failed server? Is there a way to temporarily move the failed machines out of dns listings? On Fri, Feb 24, 2017 at 8:52 AM, Vinicius Bones Silva via samba < samba at lists.samba.org> wrote: > No, the question is

HI, on debian i use pam winbind by adding the file /usr/share/pam-configs/winbind and enable this. Is there another way on RHEL? i have configure RHEL that wbinfo -u gives me the users and getent passwd also. id <username> is not possible. It tells me user unknown. With authconfig i have enable winbind for authentication. Im Using RHEL6 and Samba 4.4.9 Best wishes OLIVER WERNER

Hi everybody, I'm setting up a Samba under RHEL 7.0, just a simple samba server. But I'm having trouble with blocking access to shares, to be specific with domain block. I'm using default config in samba.conf, just added the share's config. While blocking by network range it works. Even when some IPs in the network 172.25.0.X are subdomains of example.com, they are not blocked.

I'm not sure whether this is a Dovecot issue or a Samba issue, but as it deals with authentication I think it's worth trying the samba experts first. Here's the scenario ... I have an AD/DC running Samba 4.4.14. I have 3 AD users: mark, sue, dennis. Mark and Dennis use both Windows 7 and Linux (also running PAM-enabled Samba 4.4.14) domain member workstations. Sue is Windows 7

Hello! Taking advantage of the email, I tried to make an ldap query with tls and I had an error .. Version Samba 4.4.4 samba-tool testparm -v --suppress-prompt|grep tls ldap ssl = start tls tls cafile = tls/ca.pem tls certfile = tls/cert.pem tls crlfile = tls dh params file = tls enabled = Yes tls keyfile = tls/key.pem tls

Can I keep invisible folder to windows clients without renaming it by suffix '.' in front of file with samba 4?

Hai,   Since im still having problems reading the man smb.conf about the NTLM settings, im asking here. How do i allow NTLM auth for my proxy.   I have been playing around with :           client NTLMv2 auth         raw NTLMv2 auth         ntlm auth         lanman auth   i’ve added the proxy user to the winbind_privileged group. and did set the needed rights. chgrp winbindd_priv

Hello, I have installed an samba ad1 and an samba ad2 with replication. On the dc1 "samba-tool drs showrepl" say "... was successful" On dc2 there is the same. When dc1 goes down I get an Error (on my client): Active Directory Users and Computers error: "server is not operational" What is wrong here? For my understand that is no Replication, when one goes down and

While working on my existing member file server smb.conf config file I found an entry for "veto files" like the following: veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/ The "man smb.conf" entry says: veto files (S) This is a list of files and directories that are neither visible nor accessible. Each entry in the list must be

using testparm of 4.6.0rc2 against the smb.conf of a production server (the production server is not using rc2, dont worry) produces the error: [root at fwborda1 samba-460rc2]# testparm /root/smb.conf Load smb config files from /root/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[netlogon]" Processing section "[sysvol]"

On Thu, 27 Oct 2016 10:51:08 -0200 Vinicius Bones Silva via samba <samba at lists.samba.org> wrote: > Wait, now I'm confused. Idmap lines do not need to be set up on the > DCs? Then how does windows figure's out the ids in the Unix > Attributes tab? I thought you needed both rfc2307 and idmap on the > DC and the members. > > > The DCs have idmap.ldb, this

I've just done a yum update and a reboot on one of our CentOS 7 DCs, which has taken Samba from sernet-samba-4.5.1-6 to sernet-samba-4.5.5-13. I now notice that the Samba log files contain errors since the update. The error message is: "../lib/util/modules.c:48(load_module) Error loading module '/usr/lib64/samba/vfs/acl_xattr.so': /usr/lib64/samba/libsmbregistry-samba4.so:

Hello James, About the warning, I only accept it and try to create a new attribute/class. However, when I put all the parameters (name, OID, syntax...), the system accuses that the server is unable to proceed. Do you know if Samba's schema is closed, that cannot be modified? Lucas On 11/1/2016 11:18 AM, Lukz Ferris via samba wrote: > Hello everyone, > > > I'm trying to