Displaying 20 results from an estimated 4000 matches similar to: "Winbind authentication from different domain not working"
2018 Feb 17
4
Winbind authentication from different domain not working
config smb.conf
[global]
realm = DOMAINB
workgroup = DOMAINB
security = ADS
template homedir = /home/%U
template shell = /bin/bash
winbind expand groups = 1
winbind separator = +
winbind use default domain = Yes
idmap config domainb : range = 3000001 - 4000000
idmap config domainb : backend = rid
idmap config domainc : range = 2000001 - 3000000
idmap config domainc : backend = rid
2018 Feb 17
0
Winbind authentication from different domain not working
On Sat, 17 Feb 2018 16:17:43 +0100
"C. de Man" <c.deman82 at gmail.com> wrote:
> I’ve removed the following line from smb.conf:
>
> > winbind use default domain = Yes
> Although we are using it on a different server (who has direct access
> to all DC’s from both domains). And we are able to logon with
> credentials from a different domain. by using "ssh
2016 Nov 28
0
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
I noticed that smbclient worked on some solaris 11 machines but not
others. The issue a slightly different version of libarchive on the
machine (0.12 vs 0.13), even though I thought all machines had been
patched to the same level. So I decided to recompile.
When recompiling samba 4.4.7 on solaris 11 I saw the following warning
Checking for header krb5.h
2016 Nov 22
0
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
In summary
* DomainA Samba classic domain- PDC and BDC are running Samba
4.4.7. The PDC is called "SambaPDC."
* DomainB Windows AD domain , level 2008, domain controller is
Windows 2012 or 2012R2 (you are correct that there are not primary and
backup controllers in AD)
* DomainC Windows AD domain, level 2008, domain controllers are
Windows 2008
I need to get
2018 Feb 17
0
Winbind authentication from different domain not working
I’ve removed the following line from smb.conf:
>
>> winbind use default domain = Yes
> Although we are using it on a different server (who has direct access to all DC’s from both domains).
> And we are able to logon with credentials from a different domain.
> by using "ssh -l DOMAINA+username SERVER02"
>
>> We now come to the domain ranges, they must not
2016 Nov 29
1
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
The trusts aren't really working with Windows 2008 either (where DOMAINC
is the Windows 2008 domain.)
# /usr/local/samba/bin/net rpc trustdom establish DOMAINC
Enter DOMAINA$'s password:
Could not connect to server DOMAINC_DC
Trust to domain DOMAINC established
#
Active Directory Domains and Trusts MMC on the Windows 2008 AD DC
(DOMAINC_DC) seems to think the
2016 Nov 22
2
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
I am not sure if this is relevant
root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainB
Enter DOMAINA$'s password:
Could not connect to server DomainB_DC
Trust to domain DomainB established
root at sambaPDC:~#
root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainC
Enter DOMAINA$'s password:
Could not connect to
2005 Jul 04
2
Questions regarding ADS
I 've spent the last week troubleshooting a configuration issue regarding
samba not being able to connect to other domains beside the domain of which
it 's a member server (samba 3.0.14a, krb 1.3.6, w2k).
I have some doubts perhaps someone can answer...
Suppose this scenario:
Samba name : SAMBA
Main domain: DOMAINA (domain controller = DCA)
Others domains : DOMAINB, DOMAINC (domain
2010 Jul 27
1
Cyrus Virtual Domains: Domain migration from Cyrus
hi,
we want to migrate from Cyrus 2.x to Dovecot 1.x (!). We use the virtual
domain feature from Cyrus for a better disk partitioning:
/var/imap/domain.a/user/foo ..
/var/imap/domain.b/user/foo ..
/var/imap/domain.c/user/foo ..
In a exported skiplist DB, it shows like:
=================
domain.a!user.foobar 0 int foobar at domain.a lrswipcda postmaster at domain.a
domain.a!user.han 0 int han
2016 Nov 22
0
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
I am trying to configuring Samba 4 classic PDC to trust Windows 2012
domain "DomainB" - the PDC is running Windows 2012 but the forest and
domain functional levels are still Windows 2008. On the Win 2012 PDC I
try to set up an incoming trust, but it fails with "The local security
authority is unable to obtain an RPC connection to the active directory
domain controller
2017 Mar 19
0
Share files to users from two domains with winbind
Hello.
I need the file server to authenticate users from two domains. Of DOMAINA
that the file server has joined and users of DOMAINB that maintains a trust
relationship with DOMAINA.
I have two domain forests (DOMAINE and DOMAINB), and a trust relationship
exists between both. DOMAINA servers are running with samba version 4.5
(with CentOS 7 system) the DOMAINB server is running with windows
2018 Feb 17
2
Winbind authentication from different domain not working
We are running winbind(4.6.2) on member server(CentOS 7) connected to a Active directory domain.
1 Forest with 2 domains with a 2 way trust between them.
We want users from “DOMAIN A” be able to logon(via SSH) on a server "SERVER01" in “DOMAIN B”.
This works well if the “SERVER01" in "DOMAIN B” can talk directly to “DOMAIN A” but when their is a firewall between “SERVER01”
2013 Apr 17
2
Can we update idmap documentation for 3.6?
Just when I thought I had idmap changes correct for 3.6, I realize I
have a setup that's not quite right:
getent passwd
->No AD users
getent passwd DOMAINA\\aduser
aduser:*:1001601:1000513::/home/aduser:/bin/bash
Shouldn't "getent passwd" show both local and AD users?
Samba has had such an identity crisis over the years with idmap
documentation. Depending, on where you
2016 Nov 22
2
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
See inline comments:
On Tue, 22 Nov 2016 12:04:57 -0500
Gaiseric Vandal via samba <samba at lists.samba.org> wrote:
> I am trying to configuring Samba 4 classic PDC to trust Windows
> 2012 domain "DomainB" - the PDC is running Windows 2012 but the
> forest and domain functional levels are still Windows 2008. On the
> Win 2012 PDC I try to set up an incoming trust,
2016 Nov 18
2
Wbinfo does show users from trusted domain / RPC error
I tried recreating the trusts.
I start by setting up trusts on Windows side, using Active Directory
Domains and Trusts on the DomainB AD server. . I specify the the
samba domain (DOMAINB) but before I can even specify trust type or
direction I get the following:
Cannot continue
Trust relationship can not be created…
The local security authority is unable to obtain an RPC
2008 Nov 21
0
Accessing shares from 2 domains
We are splitting our users into 2 domains(DOMAINA and DOMAINB (changed for security reason)). I am having problems getting users who log into their workstation on DOMAINA to access a samba share on DOMAINB. We are using W2K3 servers as our AD with LDAP. Samba shares on are CentOS5.1 servers. I Can anyone point me to some docs on how to set this up? I have been rumbling through google for the past
2015 Jun 03
0
ID command does not show up correct group memberships on Winbind
Hi,
I have these following configurations:
Active Directory 1 = DomainA.com
AD1 Primary Group = Domain Users
AD1 Group 1 = Linux (member: DomainB\ad2testuser1)
Server joined = linux1.DomainA.com (configured Kerberos and Winbind
Samba4 from sernet)
Active Directory 2 = DomainB.com
AD2 Primary Group = Domain Users (member: DomainB\ad2testuser1)
AD2 User 1 = ad2testuser1
note:
(1)
2004 May 21
0
winbind issues with AD domain trust
I'm setting up Samba in an environment with 2 Active Directory domains setup
with a one way trust (DOMAINA -> DOMAINB). Samba is in DOMAINA. From
looking at the logs (see below) it appears that winbind is having troubles
getting the credentials for the domain controller in DOMAINB.
I can get tickets, using kinit, for accounts in both domains. I can join
DOMAINA just fine. Running
2024 Jan 30
0
Using winbindd socket directory for multiple domains
Hello
We have a setup on Ubuntu to join multiple AD domains and authenticate
using NTLM_auth with freeRadius. Since there're multiple ADs domains
involved, we were using "WINBINDD_SOCKET_DIR" environment variable to
use the correct cache directory for each domain.
Everything looks fine and all worked when using samba 4.7.9 running on
Ubuntu 16.04.
Now, we're upgrading to the
2005 Nov 30
0
Cross-subnet browsing
I have two domains which are on different subnets, connected by a routed
OpenVPN tunnel. The domains trust each other.
Domain A has the WINS server. Domain B is confused to use Domain A's WINS
server. The VPN pushes the WINS server as part of its DHCP options as
well.
>From either domain, I am able to use smbclient to see the shares on the
other domain's PDC. I have to specify -W