Displaying 20 results from an estimated 9000 matches similar to: "netsamlogon_cache.tdb & winbind."
2017 Oct 10
3
winbind inconsistent group membership
I have 4 Samba 4.7.0 DCs. I have 3 clients using samba-winbind.x86_64
0:4.6.2-11.el7_4 with an identical configuration, which produce
inconsistent user group membership for multiple users. I've tried using
all 4 DCs explicitly (e.g., realm = dc01.mediture.dom), net cache flush
and restarting winbind. I've also tested cloning a user and setting up
the user as identical as possible:
2014 Jun 11
1
Expiry of entries in netsamlogon_cache.tdb
I think we're suffering from bug 8641 at the moment:
https://bugzilla.samba.org/show_bug.cgi?id=8641
where the netsamlogon_cache.tdb entries are not expiring.
We use AD groups for our (redhat) server auth, and also use server-side group
auth for NFS (with the --manage-gids flag). So if a user is not in a group on
the server, they're denied access to files as per group permissions.
2017 Mar 07
5
[Announce] Samba 4.6.0 Available for Download
======================================================
"Nothing you wear is more important
than your smile."
Connie Stevens
======================================================
Release Announcements
=====================
This is the first stable release of Samba 4.6.
Please read the release notes carefully before upgrading.
UPGRADING
=========
ID Mapping
----------
We
2017 Mar 07
5
[Announce] Samba 4.6.0 Available for Download
======================================================
"Nothing you wear is more important
than your smile."
Connie Stevens
======================================================
Release Announcements
=====================
This is the first stable release of Samba 4.6.
Please read the release notes carefully before upgrading.
UPGRADING
=========
ID Mapping
----------
We
2005 Oct 25
1
winbind or netsamlogon_cache.tdb issue
Hello,
i am using samba 3.0.9 (winbind in particular) on RHES server for a squid
project : to authenticate users or check in they are member of some groups on
AD W2K servers.
It has been working fine for one year.
Last week, we have defined new AD groups to use for this project.
The problem that i am facing, is that for some users, the check to see if
the user is in the group is working fine,
2019 Jul 18
2
getent passwd shows old name for renamed user
W dniu 2019-07-18 o?21:39, ?ukasz Michalski via samba pisze:
> W dniu 2019-07-18 o?21:22, Rowland penny via samba pisze:
>
>> On 18/07/2019 20:20, ?ukasz Michalski via samba wrote:
>>> W dniu 2019-07-18 o?18:46, Rowland penny via samba pisze:
>>>
>>> I changed uid, sAMAccountName, msFU30Name from 'foo' to 'bar' using
>>> ADUC
2018 Jun 01
3
winbind, nsswitch, AD and group membership caching?
Folks;
using samba+winbindd+pam+nsswitch to make several Linux servers
authenticate against an AD domain, I do have my setup mostly working
now:
- AD users are able to ssh into the machine.
- wbinfo -g / -u does list all domain users.
- getent group / getent passwd does list Unix and AD users.
However, after changing some users group memberships in AD, I didn't
manage to propagate this
2019 Jul 18
2
getent passwd shows old name for renamed user
On 18/07/2019 20:20, ?ukasz Michalski via samba wrote:
> W dniu 2019-07-18 o?18:46, Rowland penny via samba pisze:
>> On 18/07/2019 17:36, Kris Lou via samba wrote:
>>> Might have something to do with this bug:
>>> https://bugzilla.samba.org/show_bug.cgi?id=11482
>>>
>>> You can find and make the relevant changes with ADSI Edit.
>>>
2023 Jun 30
2
Group memberships on Linux AD Member (syncing randomly)
Hi,
I'm running Samba Active Directory 4.16.9 with packages from Sernet.
Domain members are Linux servers (Ubuntu 20.04, RHEL 8) with Sernet
Samba 4.16.x.
I'm getting crazy with group memberships syncing from AD to Linux
members. It is completely random as when changes in AD group are visible
in Linux OS (or more precise: winbind), it might take minutes, hours or
days as when these
2008 Aug 18
4
samba + ads / user and group update-probem
Hello subscribers,
we have a problem with keeping our group memberships up to date. If we e.g. remove a group membership from a user, we don?t see any change when trying "wbinfo -r j.doe" or "groups j.doe". Even after hours there ist no update. We also tried restarting smb, nmb, winbindd.
Anyone has an idea?
Some additional info:
|samba/winbind-version: 3.2.0-17.fc9
2018 Oct 08
4
Persistent Winbind gid cache
Hello Samba team !
I'm network administrator in a french high school where I store my
user/group ID using rfc2307. My client stations use Winbind to query
rfc2307 attributes.
Each new years, as all my students move to another class, almost all
my user's gid are updated in AD.
This gid is very important in my network because pam_mount mount only
the share corresponding the to user's
2005 May 04
2
winbind cache time?
Hello,
according to 'man smb.conf': Default: winbind cache time = 300
I have not changed it in smb.conf, but when I remove some user
from some group, command "groups DOMAIN+user" still shows
that user belongs to the group even after a few hours after removing
the user from that group. Any ideas why?
samba 3.0.15pre2.
Regards,
Nerijus
2006 Jul 07
2
Problem with tdb files.
Hi All:
I have problems with maintain tdb files. From samba doc, these files are =
classified into persistent and temporary. From the man page of smbd, =
these file are classified into persistent and not. However, there are =
some files no need to backup but need to be persistent =
(netsamlogon_cache.tdb), and some files need to backup but not need to =
be persisten (registry.tdb). There are also
2020 May 25
3
Nested groups when using RFC2307
Hi,
Just noticed, I am unable to use nested groups when relying on RFC2307
for filesystem permissions, am I wright? What have I missed?
(Samba 4.12 on Buster, 2008R2 domain level)
Any migration path to stop using RFC2307 and go to pure idmap without
loosing all permissions on a 6T filesystem? Is that a solution?
Regards,
--
*Marcio Merlone*
2017 Aug 25
4
AD Group update lag / cache, firewall related?
August 25, 2017 3:12 PM, "Rowland Penny via samba" <samba at lists.samba.org> wrote:
> On Fri, 25 Aug 2017 13:54:21 +0000
> "A. James Lewis" <james at fsck.co.uk> wrote:
>
>> It's not offline.... and groups do usually filter through...
>> sometimes immediately, sometimes never... but usually with a
>> significant delay...
>>
2017 Mar 07
0
[Announce] Samba 4.6.0 Available for Download
Hai,
Can anyone tell me the "adviced" extra package versions for this release.
I did a checkup at :
https://www.samba.org/ftp/?C=M;O=D
And i noticed the following.
Ldb from 1.1.27 to 1.1.28, as mentiond in the changelog
Talloc from 2.1.8 to 2.1.9, not mentioned in the changelog.
Tdb 1.3.11 to 1.3.12, not mentioned in the changelog.
Tevent 0.9.31 stays at 0.9.31 no change.
2017 Jun 30
2
User management scripts in AD mode...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> > I'm again a bit confused... ;-(((
> Yes I can see that ;-)
;-)
Sorry for the late answer, but i was busy on other things...
> Hope this helps, but feel free to ask any questions.
I try to summarize:
a) as i supposed 'RFC2307 group membership' are totally ignored by
samba, so i can use RFC2307 schema to
2017 Aug 25
4
AD Group update lag / cache, firewall related?
Hey again all,
After the rather excellent assistance from a few of you on the list over the last week... I wonder if you will be able to answer the cause of another rather long standing issue I've had for a long while.
We have a couple of Linux hosts using winbind for authentication, and AD groups for access to various privileges... but for some reason or another... possible firewalls
2017 Jun 23
2
User management scripts in AD mode...
Mandi! Rowland Penny via samba
In chel di` si favelave...
Sorry, i come back to that:
> Not sure what you are getting at here, if you add a user to a group in
> AD, you not only get a record in the group object, you also get a
> record in the users object
>
> dn: CN=Unixgroup,CN=Users,DC=samdom,DC=example,DC=com
> .....
> member: CN=Rowland
2017 Sep 28
4
Trusted domain with different short name to DNS name.
Hey,
I have 2 trusted domains to deal with, "DEV" and "TODEV", and I have configured smb.conf like this:-
[global]
workgroup = MAIN
security = ADS
realm = MAIN.DOMAIN.LOCAL
idmap config *:backend = tdb
idmap config *:range = 95000-99999
idmap config MAIN:backend = rid
idmap config MAIN:range = 100000-999999
idmap config DEV:backend = rid
idmap config DEV:range =