similar to: Maintaining Unix Attributes in AD - best practice?

On Thu, 24 May 2018 12:12:54 +0200 Henry Jensen via samba <samba at lists.samba.org> wrote: > Hello, > > we are testing migration from a NT style Samba 3 domain to a Samba 4 > AD domain. As we are keeping RFC2307 Unix Attributes in the AD we also > want to add them to future accounts. > > Because the Unix Attributes tab is no lopnger available since Windows > 10, I

Em 24/05/2018 07:42, Marco Gaiarin via samba escreveu: > Mandi! Henry Jensen via samba >> Are there any solutions for this in the works or what is the best way? > For a web interface, give 'LAM' (LDAP Account manager) a try... Hi, I am in the exact same situation as the OP right now. I just took a look at LAM, but it seems that maintaining unix attributes is a PRO only

Hello, Can I add multiple mails in Samba4 ? I wan't auth user via mail but user have mailbox with multiple domain. I want have one acount one user multiple mailbox. Is posible to do that ? -- Z poważaniem / Yours sincerely Zenon Matuszyk mobile: 00 48 797 004 938 e-mail: zenon.matuszyk at networkers.pl www: http://www.networkers.pl

On Thu, 23 Aug 2018 20:33:22 +0200 Roland Gruber via samba <samba at lists.samba.org> wrote: > Hi Marcio, > > On 23.08.2018 20:21, Marcio Vogel Merlone dos Santos via samba wrote: > > I am in the exact same situation as the OP right now. I just took a > > look at LAM, but it seems that maintaining unix attributes is a PRO > > only feature, am I right? > >

Mandi! Rowland Penny via samba In chel di` si favelave... > Not sure what you are proposing is going to work, AD expects every user > to be a member of Domain Users, even though there is nothing in AD to > show membership. Ah. > Do you require this user to visible on all domain machines ? [...] > It might help if you could explain how you are going to use your new > user

Mandi! Rowland Penny via samba In chel di` si favelave... > Why don't you do what most people do, use kerberos. Create the user > with a random password, set password to never expire, set the users > shell to /bin/false. Now set exim to use kerberos (don't ask me how, I > don't use exim) Seems not possible:

Caming from Samba in NT mode with OpenLDAP backend i've created a bunch of ''things'' (apps, web tools, ...; but also printers and so on) that rely on reading ''public'' data in LDAP. With OpenLDAP ''public'' was a easy concept: anonymous access was the default, and ACL protect more sensitive data (mostly, passwords). Now i've to redo some

On Fri, 10 Nov 2017 14:43:08 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > gaio at albus:~$ ldapsearch -x -H ldap://vdcsv1:3268/ -b > > > DC=ad,DC=fvg,DC=lnf,DC=it "(uid=gaio)" > > > Try: > > ldbsearch -H ldap://vdcsv1:3268 -P -b

On Thu, 9 Nov 2017 11:08:26 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! L.P.H. van Belle via samba > In chel di` si favelave... > > > I dont beleave it. > > Eh. «De gustibus non disputandum est». ;-) > > > > The setup for the Ad in the link below is the same but if you want > > access without auth, Have you tried to

On Thu, 2017-11-09 at 11:08 +0100, Marco Gaiarin via samba wrote: > Mandi! L.P.H. van Belle via samba > In chel di` si favelave... > > > I dont beleave it. > > Eh. «De gustibus non disputandum est». ;-) > > > > The setup for the Ad in the link below is the same but if you want access without auth, > > Have you tried to query the GC ports. ( 3268 or

Mandi! Denis Cardon via samba In chel di` si favelave... > You can put your service accounts in an OU and add a GPO that deny > logon/services/tasks locally. Shortly come back. I've created a 'Restricted' OU, a 'Restricted' group (i'm short in fantasy, today ;) and i've created an 'mta' user, both user and group in 'Restricted' OU, of course.

Am 02.07.2018 um 11:01 schrieb Rowland Penny via samba: > On Mon, 2 Jul 2018 10:19:29 +0200 > Jakob Lenfers via samba <samba at lists.samba.org> wrote: > You can extend the schema, Samba even supplies a script to turn > openldap schemas to Active directory ldifs and it has the imaginative > name of 'oLschema2ldif' Thanks, will check it out. >> - Is it feasible

I dont beleave it. That 5 years old now, normaly i'll dig into it, but exim... I dropped exim about 15 years ago.. First thing i do on debian... apt-get install --purge postfix That installs postfix and removes exim and purges exims config.. ;-) The setup for the Ad in the link below is the same but if you want access without auth, Have you tried to query the GC ports. ( 3268 or 3269

Hi Marco, On 29.11.2017 12:56, Rowland Penny via samba wrote: >> LAM works as expected in AD mode, but i've noted that i cannot use the >> ''tree view'' apart pointing it to some sub-OU. EG, if i set as base >> dn my domain base dn: please active "Follow referrals" and also "Paged results" in your server profile:

[I'm subscribed, but with mail deliverying turned off. I will read the thread on web archive, but please CC me... i'm subscribed to the italian samba list, but there's no answer there...] I manage some samba domain (samba3 as in debian stable), using LDAP as backend and smbldap-tools. The domains born as windows-only, and they are still windows-prevalent, but i'm inserting here

I see LAM-related announcment here, so i hope i'm not too much offtopic. I use LAM (LDAP Account manager) by many years, previously on OpenLDAP/Samba ''NT mode'' domains, now on AD mode. LAM works as expected in AD mode, but i've noted that i cannot use the ''tree view'' apart pointing it to some sub-OU. EG, if i set as base dn my domain base dn:

Hello, We have some computers from a lab that the operating system is ubuntu and are in the domain. I need the "alunos" group to have permissions in the tty and dialout group, since they need to use some arduinos. I have tried the following: net groupmap add ntgroup=alunos sid=1121 type=domain unixgroup=tty net groupmap add ntgroup=alunos sid=1121 type=domain unixgroup=dialout But

On 13/09/2019 14:57, Marco Gaiarin via samba wrote: > Mandi! Christopher Sean Hilton via samba > In chel di` si favelave... > >> I've been trying to find news on the smbldap-tools package from IDEALX >> but my google searches have been fruitless. In my FreeBSD port build >> run yesterday I noticed that the port is listed as *broken* because >> the download

Reding the thread in list about gluster, i've found that in your samba packages 4.5.12+dfsg-2+deb9u2~bpo8+1 there's no vfs_glusterfs module, only the manpage. root at vdmsv1:~# grep glusterfs /var/lib/dpkg/info/samba*.list /var/lib/dpkg/info/samba-vfs-modules.list:/usr/share/man/man8/vfs_glusterfs.8.gz root at vdmsv1:~# grep /vfs/ /var/lib/dpkg/info/samba*.list

Reading here i've understod that for LDAP query it is better to use SAMAccountName as 'login', but today i've found: https://docs.microsoft.com/it-it/windows/desktop/ADSchema/a-samaccountname so, 'SAMAccountName' is a compatibility field with NT mode, limited to 20 chars. Someone here use 21 chars logins? ;-) -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66