Displaying 20 results from an estimated 5000 matches similar to: "getent problems with new Samba version"
2017 Jan 25
2
getent problems with new Samba version
Sorry for the serial posting, but ... anxious ...
I think there must be a bug in Samba 4.4.8, this all worked with 4.2.14.
To summarize (details in attached messages), since upgrading from Samba 4.2.14 to 4.4.8, getent
returns the wrong UID:GID. This is causing permission errors in programs like dovecot who try
to read/write to Maildir files having the correct UID:GID.
With 4.4.8 I now have
2017 Jan 26
2
getent problems with new Samba version
on Wed, 25 Jan 2017 20:15:49 -0500 Gaiseric Vandal wrote:
> Would "testparm -v" show you the path of all the files used ? Are there any idmap settings?
Gaiseric, thanks for your response. the `testparm -v` gave me:
private dir = /var/lib/samba/private
So, I guess that means the sam.ldb in that directory is the one being used, not the one in
/etc/samba/private. That helps.
2017 Jan 26
0
getent problems with new Samba version
Would "testparm -v" show you the path of all the files used ? Are there any idmap settings?
It looks like the newer version is using winbind to allocate uid's (based on the high ID numbers.) Maybe because it does not see uid's already allocated.
The domain member may be showing correct id's because of caching.
-----Original Message-----
From: samba
2017 Jan 25
0
getent problems with new Samba version
More information (possibly too much).
Since "things" are defined in sam.ldb, I compared before and after the Samba 4.2.14 to 4.4.8
update. Here are the sam.ldb related files from the old 4.2.14 version:
-rw------- root/root 4247552 2014-10-20 23:54 etc/samba/private/sam.ldb
-rw------- root/root 4689920 2017-01-14 11:09 etc/samba/private/sam.ldb.bak
drwx------ root/root
2017 Jan 26
2
getent problems with new Samba version
On Thu, 26 Jan 2017 21:54:49 +0000 Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Thu, 26 Jan 2017 16:26:02 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > On Thu, 26 Jan 2017 19:36:33 +0000 Rowland Penny wrote:
> > > > > Have you tried checking in AD with ldbsearch or ldbedit for the
> > > > > actual
2017 Jan 27
2
getent problems with new Samba version
More experimentation ...
I stopped Samaba, ldbedit'ed the /var/lib/samba/private/idmap.ldb and changed the line
xidNumber: 3000026
to
xidNumber: 10001
killed the cache and restarted Samba. As I hoped, the wbinfo now showed
$ wbinfo -i mark
HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/bash
which was NOT the case in my message below after killing the cache. In that previous
2017 Jan 26
2
getent problems with new Samba version
On Thu, 26 Jan 2017 19:36:33 +0000 Rowland Penny wrote:
> On Thu, 26 Jan 2017 14:09:49 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > On Thu, 26 Jan 2017 09:56:10 +0000 Rowland Penny wrote:
> > >
> > > On Thu, 26 Jan 2017 02:35:43 -0500
> > > Mark Foley via samba <samba at lists.samba.org> wrote:
> >
> > I
2017 Jan 26
2
getent problems with new Samba version
On Thu, 26 Jan 2017 09:56:10 +0000 Rowland Penny wrote:
>
> On Thu, 26 Jan 2017 02:35:43 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > on Wed, 25 Jan 2017 20:15:49 -0500 Gaiseric Vandal wrote:
> >
> > > Would "testparm -v" show you the path of all the files used ? Are
> > > there any idmap settings?
> >
>
2017 Jan 16
5
Apparent Maildir permission issue
I've just upgraded from Slackware 14.1 to 14.2. I've not done anything with dovecot -- it's the
same version that was running before the upgrade. However, now I'm getting a permission error:
/var/log/maillog:
Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm:
2017 Jan 17
2
Apparent Maildir permission issue
Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark))
Just wanted to point out that you have at different UID for the folder
than your EUID (gotten from userdb/passdb).
Aki
On 16.01.2017 23:09, Mark Foley wrote:
> More
2018 Jun 19
1
Fixing sysvol permissions
On Tue, 19 Jun 2018 12:52:46 -0400
Mark Foley via samba <samba at lists.samba.org> wrote:
> Given no responses on this question for a few days, I'm concluding
> that we're out of ideas on this problem. Let me propose a couple of
> ideas. Apparently, the basic Windows FOLDER and SHARE permissions
> are correct according to Louis' recommendations (see message below).
2017 Jan 16
2
Apparent Maildir permission issue
I've gotten errors like this when it was actually a selinux denial. If you're running
selinux, check those logs too.
Bill
On 1/16/2017 4:09 PM, Mark Foley wrote:
> More info ...
>
> This is the only user having this permission problem. All other Thunderbird/dovecot users are
> getting mail file. They all have the same permissions set on their Maildir folder.
>
> --Mark
2019 May 28
2
samba-tool group removemembers, not working
On Tue, 28 May 2019 11:04:01 +0200 Denis Cardon <dcardon at tranquil.it> wrote:
> Hi Mark,
>
> > Because of other issues using ADUC, I tried to remove a domain member using:
> >
> >> samba-tool group removemembers "Domain Computers" MARKA\$
> > Removed members from group Domain Computers
> >
> > As shown, it say it "Removed
2016 Jul 21
2
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
On 21/07/16 06:08, Mark Foley wrote:
> OK! I deleted the /etc/passwd entry for user mark and I modified my /etc/nsswitch.conf to:
>
> passwd: compat winbind
> group: compat winbind
>
> I couldn't get sendmail working with this at first -- I didn't know what to [re]start to get
> the new nsswitch config to take, so I rebooted. Probably I just had to restart sendmail,
2016 Jul 21
3
sendmail getting domain\user as email userId [formerly: How to GSSAPI/Kerberos authenticate with Dovecot]
Hi Mark,
I've had the same trouble with the DOMAIN\user on my DCs, and as Rowland
has already pointed out, the "winbind use default domain = yes" configure
option is not honored on a DC. My guess is that is because a Samba DC can
only be a DC for one domain, so that is why it isn't honored. If I do
"getent passwd username" on my DCs, they all return
2015 Oct 09
2
Samba AD PDC , LDAP and Single-Sign-On
Rowland - thanks for your reply. I did send a message after this one you
responded to with several other questions, but I'll pursue questioning on
GID/UID in this reply as that is what you've mainly discussed. But, please check
out that next email for other questions. Thanks.
For a particular domain user in the AD, wbinfo gives:
$ wbinfo -i mark
HPRS\mark:*:3000026:100:Mark
2019 Aug 21
2
Authenticating Samba Share with Domain Administrator
I have a NAS (Linux/Slackware 14.2) that is a domain member. "Normal" AD Windows users can map
shared directories just fine without having to enter Credentials. If I try doing that with the
domain Administrator it prompts me for the credentials, then fails. On the NAS I can get an
"OK" status with ntlm_auth using the administrator credentials. I cannot 'su -' to the
2016 Jul 20
2
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
Mike, excellent suggestion! I will definitely experiment with that nsswitch change. Rowland
also mentioned adding RFC2307 to the AD settings for the user(s).
If, as you say, my MTA will find the home directory with the nss windbind setting, that would
be fantastic! I would definitely removed the AD users from /etc/passwd.
I don't know if nsswitch.conf settings are now mentioned in the
2019 Mar 04
2
getent not working after installing firewall
On Mon, 4 Mar 2019 17:18:31 +0000 Rowland Penny wrote:
>
> On Mon, 04 Mar 2019 11:48:00 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > On Mon, 4 Mar 2019 14:50:38 +0000 Rowland Penny wrote:
> > >
> > > On Mon, 04 Mar 2019 09:15:12 -0500
> > > Mark Foley via samba <samba at lists.samba.org> wrote:
> > >
>
2019 Aug 28
2
Authenticating Samba Share with Domain Administrator
On Thu, 22 Aug 2019 08:04:10 +0100 Rowland penny <rpenny at samba.org> wrote:
>
> On 21/08/2019 22:47, Mark Foley via samba wrote:
> > I have a NAS (Linux/Slackware 14.2) that is a domain member. "Normal" AD Windows users can map
> > shared directories just fine without having to enter Credentials. If I try doing that with the
> > domain Administrator it