similar to: Persistent Winbind gid cache

Thank you very much for your help Rowland ! And sorry for my English, I'm french. Le lun. 8 oct. 2018 à 18:38, Rowland Penny via samba <samba at lists.samba.org> a écrit : > > On Mon, 8 Oct 2018 18:11:39 +0200 > Prunk Dump <prunkdump at gmail.com> wrote: > > > Hi ! > > > > I use samba 4.5 ( Debian stable ) and to get the primary group I want, >

2017-06-21 14:29 GMT+02:00 Prunk Dump <prunkdump at gmail.com>: > Thank you very much Louis, Rowland, Mike ! > > I have made all the changes proposed by Louis but still have the same problem. > > -> kinit works now with /var/lib/samba/private/secrets.keytab > ------------------------ > ~# kinit -k -t /var/lib/samba/private/secrets.keytab FICHDC$ > ~# >

Hi samba team ! I'm face with a new problem on a new Samba PDC install (Debian 9). I don't know why, but systemd run multiples "rndc reconfig" commands during the init script. So the bind9 log file show : -> A successful start -> A failed reconfig (samba_dlz Ignoring duplicate zone) at each boot/reboot. So I need to restart bind9 each time manually. I created a wrapper

Hello Samba team ! I'am in a very delicate situation. After an upgrade to debian Stretch my DRS stopped working. I have three DCs (fichdc, fichds01, fichds02), all Debian Stretch, all with the same problem. Everything seems to be fine except DRS. -> File shares works -> DNS (with bind9 DLZ) works -> "kinit administrator" works -> "kinit -k FICHDC$" works ->

On Mon, 8 Oct 2018 18:11:39 +0200 Prunk Dump <prunkdump at gmail.com> wrote: > Hi ! > > I use samba 4.5 ( Debian stable ) and to get the primary group I want, > I change the user's primaryGroupID in AD. Bad idea > > I know this is usually a bad idea ( as said in the samba documentation > ). But in my case there is some arguments in favor of this method : There

On Tue, 20 Jun 2017 22:31:02 +1200 Andrew Bartlett via samba <samba at lists.samba.org> wrote: > On Tue, 2017-06-20 at 11:13 +0200, L.P.H. van Belle via samba wrote: > > Now choose, of > > dedicated keytab file = /etc/krb5.keytab > > To be clear, this parameter is not used in the AD DC. > > Thanks, > > Andrew Bartlett > Shouldn't that be

Hai Baptiste, You missed my first message but here it is again. . systemctl cat bind9 # /lib/systemd/system/bind9.service [Unit] Description=BIND Domain Name Server Documentation=man:named(8) After=network.target Wants=nss-lookup.target Before=nss-lookup.target [Service] EnvironmentFile=/etc/default/bind9 ExecStart=/usr/sbin/named -f $OPTIONS ExecReload=/usr/sbin/rndc reload

Mandi! Kacper Wirski via samba In chel di` si favelave... > I understand the OP, I was asking some time ago similar question, but it was > in relation to samba domain member. Thanks, Kacper. > I couldn't get backend: ad to work for > machine accounts, so i switched to idmap: rid and it solved everything. I > tried manually adding UID and GID to Domain Computer group and to

21.06.2017 11:45, L.P.H. van Belle via samba пишет: > I suggest before you upgrade do a very good read here. > > https://wiki.samba.org/index.php/Updating_Samba#Notable_Enhancements_and_Changes > > https://wiki.samba.org/index.php/Samba_Features_added/changed_(by_release) > And a summerize version for with all parameter changes as of upgrade from 4.2 up to 4.6 >

Hai Baptiste, What you can try; Type: ktutil (enter) rkt /etc/krb5.keytab rkt /var/lib/samba/private/krb5.keytab list Now check if you see, host/server.internal.domain.tld at REALM host/server at REALM (same (both) for nfs/.. at REALM) And NETBIOSNAME$@REALM If you see all, you can write this back to a new file. wkt /etc/krb5.keytab.new1 And if needed you can also cleanup the keytab

Hello, I can't get Kerberos authentication works with my Linux clients. Server : samba 4.1.4 (compiled from source) Client : Debian Wheezy with sernet-samba 4.0.17-8 Without Kerberos authentication, everything works : -> the domain users can log with pam_winbind (with ssh, gdm ....). -> "kinit myuser at MYREALM" works fine. -> "wbinfo -K MYDOM\\myuser" works.

Thank again for your help ! 2018-01-12 21:26 GMT+01:00 Rowland Penny <rpenny at samba.org>: > The problem is, you are thinking in the wrong direction ;-) > If you give a user a uidNumber, or a group a gidNumber, these will be > used instead of the xidNumbers found in idmap.ldb, you do not need to > alter idmap.ldb at all. > The way ADUC works, is by using a couple of

Le mer. 21 ao?t 2019 ? 14:34, Rowland penny via samba <samba at lists.samba.org> a ?crit : > On 21/08/2019 09:04, Prunk Dump via samba wrote: > > Le mar. 20 ao?t 2019 ? 14:30, L.P.H. van Belle via samba > > <samba at lists.samba.org> a ?crit : > >> Hai, > >> > >>> In short. My network design previously work with Debian Stretch >

Hello ! I am the network administrator of a French high school. I have already configured a BIND9 server with dynamic DNS update from the ISC DHCP server for my zone : lyc-guillaume-fichet.ac-grenoble.fr And I would like to add a samba4 server in this zone. How can I add the samba's DNS entries to this existing zone keeping my previous static and dynamic entries ? I can't use directly

Le mar. 20 ao?t 2019 ? 14:30, L.P.H. van Belle via samba <samba at lists.samba.org> a ?crit : > > Hai, > > > > > In short. My network design previously work with Debian Stretch > > Servers and clients and some Windows clients (not many). > > > > Debian Stretch use Samba 4.5.16 so there is no unix_primary_group > > option for the clients. So I have

On 20/08/2019 11:16, L.P.H. van Belle via samba wrote >> The problem with that is, 'id' gets its info from the same place that >> 'getent' does, so the OP will still get the wrong group ;-) >> >> Rowland > Maybe i did not understand the question then. > In: id username |awk -F"=" '{ print $2 }'|cut -d"(" -f1 > $2 = GID

Le mer. 21 ao?t 2019 ? 17:04, Rowland penny via samba <samba at lists.samba.org> a ?crit : > > On 21/08/2019 15:14, Prunk Dump via samba wrote: > > Le mer. 21 ao?t 2019 ? 14:34, Rowland penny via samba <samba at lists.samba.org> > > a ?crit : > > > >> On 21/08/2019 09:04, Prunk Dump via samba wrote: > >>> Le mar. 20 ao?t 2019 ? 14:30, L.P.H.

On Mon, 15 Jan 2018 16:18:57 +0100 Kacper Wirski via samba <samba at lists.samba.org> wrote: > Hello, > I understand the OP, I was asking some time ago similar question, but > it was in relation to samba domain member. I couldn't get backend: ad > to work for machine accounts, so i switched to idmap: rid and it > solved everything. I tried manually adding UID and GID to

Hello. If you want. I have already implemented something like this : ############################### # get user rfc2307 attributes # ############################### # get the new uid # userUid=$(s4ldbsearch -H $samDatabase -s base -b CN=$shortDomain,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,$baseDN msSFU30MaxUidNumber | grep 'msSFU30MaxUidNumber:') if [ -z "$userUid"

Le lun. 19 ao?t 2019 ? 11:01, L.P.H. van Belle via samba <samba at lists.samba.org> a ?crit : > > Hai, > > Fist of all, i must say it not very wise to have you NFS server on the AD-DC. > > I do about the same but my NFS server is on a member. > > Have you configured /etc/nsswitch.conf ? > If not do that. > > If you run : id username > I see :