similar to: idmap config ad: can't resolve domain users' uids

dear experts, I would like to setup idmap config ad. I have already the uidNumber attribute populated on AD. But there is something very basic wrong with my config: [global] netbios name = ADDC realm = EXAMPLE.ORG workgroup = EXAMPLEAD dns forwarder = #trimmed server role = active directory domain controller log level = 3 log file = /var/log/samba/log.%m interfaces = eth0,

Il 16/02/18 12:58, Rowland Penny via samba ha scritto: > On Fri, 16 Feb 2018 12:39:37 +0100 > Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > [...] >> >> should I remove tout-court this part? > > Not sure I understand that, but it sounds like you are asking if you > should remove the lines, if so, the answer is yes. You understood correctly.

On Fri, 16 Feb 2018 12:39:37 +0100 Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > > On Fri, 16 Feb 2018 12:12:32 +0100 > > Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > > > >> dear experts, > >> > >> I would like to setup idmap config ad. I have already the uidNumber > >> attribute populated

Il 16/02/18 13:43, Rowland Penny via samba ha scritto: > On Fri, 16 Feb 2018 13:10:16 +0100 > Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > >> >> So just to recap: there were two problems: >> >> 1) the syntax mistake in smb.conf pointed up before; > > This wouldn't have helped. > >> 2) a logical mistake because wbinfo

hi all, I can't figure out why winbind can't find ad users with wbinfo calls. It happens on a member server, Debian GNU/Linux stretch, samba is 4.7.5 from Louis repository: [global] security = ADS workgroup = EXAMPLEAD realm = EXAMPLE.ORG idmap config * : backend = tdb idmap config * : range = 1000000-3000000 idmap config EXAMPLEAD:backend = ad idmap config

On Fri, 16 Feb 2018 14:26:57 +0100 Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > Il 16/02/18 13:43, Rowland Penny via samba ha scritto: > > On Fri, 16 Feb 2018 13:10:16 +0100 > > Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > > > >> > >> So just to recap: there were two problems: > >> > >>

Hai, Thank you for having trust in my packages.. :-) Now if you use my package, i suggest, do read the howto's also... All you need for a good setup on debian stretch is there. if anyone find/see's improvements, please tell me... Or change it on github, thats why its there. First is this an upgraded domain? Or a new domain? What does `getent passwd username` tell you. Same for `id

Hi, Not sure of the etiquette of this, so apologies if this is frowned upon, but a couple of months ago, this[1] question was asked. I'm trying to join a Samba 4.2.2 server to a Samba 3.4.7 PDC (e.g. Think NT4, not AD), which is also our OpenLDAP principal server. I'm failing because, although my "net rpc join" command seems to succeed, and the host entry is added to the

Il 03/06/15 13:58, Rowland Penny ha scritto: > On 03/06/15 12:42, Francesco Malvezzi wrote: >>> Hmm, '--with-ldap' is the default, so you don't really need to give it, >>> what OS are you compiling on ? what extra packages did you install >>> before you compiled samba ? >>> >>> Rowland >> >> it is Debian GNU/Linux Wheezy,

Il 04/09/18 06:00, Volker Lendecke ha scritto: > Hi! > > Technical description below, but the exec summary is: Yes, we have a > performance problem with gencache. > > On Wed, Aug 29, 2018 at 10:28:05AM +0200, Francesco Malvezzi via samba wrote: >> Hi all, >> >> I have a midsize AD domain with some 50k users but only 100 workstations >> joined. >>

> Hai, > > > It might be handing to tell your OS and samba version. > A copy of smb.conf is also very handy.. oops, sorry. samba-4.8.5 compiled from source on Debian GNU/Linux 9 (stretch). smb.conf is: [global] netbios name = ADDC realm = EXAMPLE.ORG workgroup = EXAMPLEAD dns forwarder = [redacted] server role = active directory domain controller log level = 1

On 23/09/2019 20:41, Andrew Bartlett wrote: > On Mon, 2019-09-23 at 11:25 +0200, Francesco Malvezzi via samba wrote: >> hi all, >> >> I updated a small domain with 8k object to samba-4.11.0 and the >> database >> conversion from v1 to v2 didn't take a noticeable time. >> >> On the other hand, in a larger domain with 67k object, where the >>

The config looks ok, thats great. :-) Its not needed to stop samba running : net cache flush If you run: net cache list and have a look, then flush it and look again. You see its empty. If you need to copy the idmap than it is needed to stop samba. Can you show me an output of. dpkg -l | egrep "tevent|tdb|ldb|talloc|cmocka" Im running latest versions of these. Own compile or

On 18/06/2023 16:29, Dale Renton via samba wrote: > On Sat, Jun 10, 2023 at 1:49?PM Rowland Penny via samba < > samba at lists.samba.org> wrote: >> Dale, just checking back on what you posted earlier and you had: >> >> create krb5 conf = no >> >> in your smb.conf >> >> Is that line still there ? >> If so, try removing it. >>

On Mon, 21 Oct 2024 17:01:36 +0200 Francesco Malvezzi via samba <samba at lists.samba.org> wrote: > hi all, > > I am maybe in the situation described here: > https://wiki.samba.org/index.php/Sysvolreset). > > The admins domains groups has indeed a gidNumber and alas I run a > > ./bin/samba-tool ntacl sysvolcheck > > What's more in my situation is that

Hi everybody, since a couple of years, user X can't join a computer to AD if the computer object has been created by user Y. It is KB5020276?Netjoin: Domain join hardening changes [1]. The documentation suggests a workaround, basically a group policy applied to all the domain controllers. Is it that possibile to apply group policies to a samba DC? The group policy I'm talking about

> Hmm, '--with-ldap' is the default, so you don't really need to give it, > what OS are you compiling on ? what extra packages did you install > before you compiled samba ? > > Rowland it is Debian GNU/Linux Wheezy, with: ii libldap2-dev:i386 2.4.31-2 i386 OpenLDAP development libraries ii libsasl2-dev

Another approach is to remove ?idmap_ldb rfc2307 = yes' from your DCs. You most likely don't need it, and it tends to complicate things unnecessarily. For more information, check out this article: http://samba.bigbird.es/doku.php?id=samba:no-need-for-use-rfc2307 Feedback welcome. On Oct 21, 2024 at 17:17 +0200, Rowland Penny via samba <samba at lists.samba.org>, wrote: > On

I'm trying to install samba4 with openldap, as from http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP, I have got the yesterday realease, last git commit: commit 2024d4fb27514869d78e9bb39085f98e80413529 Date: Mon Jan 25 12:41:48 2010 +0100 My system is GNU/Debian Linux Lenny. ./configure --prefix=/opt/samba4 make sudo make install all worked ./setup/provision from the source4

Luis, If there is consensus?on this, perhaps you could propose an edit to the Wiki explaining it there.? On Monday, October 21, 2024 at 10:51:18 AM CDT, Luis Peromarta via samba <samba at lists.samba.org> wrote: Another approach is to remove ?idmap_ldb rfc2307 = yes' from your DCs. You most likely don't need it, and it tends to complicate things unnecessarily. For more