Displaying 20 results from an estimated 40000 matches similar to: "idmap problems"
2019 Jan 08
0
idmap problems
Hai,
I still dont understand the fuss about "domain admins" and no GID because im running this for 3 years now.
So... Again what was the problem here, i dont remember it.. (sorry)
In my opinion, the problem is not "domain admins", the problem is Administrator.
And because if that you need an other "administrator user", that is a copy of Administrator its
2019 Jan 08
1
idmap problems
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland Penny via samba
> Verzonden: dinsdag 8 januari 2019 11:13
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] idmap problems
>
> On Tue, 8 Jan 2019 10:36:49 +0100
> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> >
2014 Jan 30
3
smbxcals
HI ,
We have come up with a utility called smbxcals which is derived from
smbcals, where we no need to establish the client connection to perform
ACLs operations, by just giving the absolute path as a paratmeter can list
and set ACLs as below,
# smbxcacls /root/FOO/
REVISION:1
CONTROL:0x8404
OWNER:DEMOSP\Administrator
GROUP:DEMOSP\Domain Users
ACL:BUILTIN\Administrators:ALLOWED/OI|CI|I/FULL
2015 Apr 28
4
samba 4.2.1 copy idmap...and problems with bi-directional sysvolsync.
Hai,
?
Im try to get my id for administrator groups on both server the same.
?
with?4.1.17 the solution was simple..
we stop samba on both servers.
scp /var/lib/samba/private/idmap.ldb root at 192.168.0.2:/var/lib/samba/private/
?
started samba, and the id's where the same.
?
Im using winbindd now with samba 4.2.1
but...
?
DC1:? id administrator
uid=0(root) gid=100(users)
2015 Apr 30
10
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
Please read the reported bug and bjorn answer.. which does not help any to a solution of fix, or explenation.
But the big question now is, does someone somewhere know what bjorn is talking about.
i did search for "gencache" but no go here..
just from old documentation.
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/tdb.html
gencache.tdb Generic caching database.
2015 Apr 24
5
Strange GPO rights samba 4.2.1
Hai,
?
Im having a strange thing with sernet samba 4.2.1 on debian wheezy.
?
I installed 2 dc.s with my scripts.
?
i did setup the sysvol replication and now im seeing the following when i create new policies.
?
The default GPO's
drwxrwx---+ 4 root????????? BUILTIN\administrators 4096 Apr 24 10:17 {31B2F340-016D-11D2-945F-00C04FB984F9}
drwxrwx---+ 4 root????????? BUILTIN\administrators
2019 Jan 08
0
idmap problems
On Tue, 8 Jan 2019 12:38:22 +0100
L.P.H. van Belle <belle at bazuin.nl> wrote:
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Rowland Penny via samba
> > Verzonden: dinsdag 8 januari 2019 12:18
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] idmap problems
> >
>
2017 Jul 03
2
Can't create/update Group Policy in Samba 4.6.5
Hai,
In reponse to the why i recommend that.
Since this is a "windows" only share, i recomment to set it up for that usage, with results in better matching for windows rights.
Resulting in better working policies.
The current POSIX rights did not match to my needs and resulted in inconsistant policies.
This is why i use these for profiles and sysvol.
And this is my setup order:
2018 Apr 03
2
Unable to rejoin domain, LDAP error 50
I'm sorry, you're absolutely right. I'm not sure why I didn't follow your hint. My fault.
Now, it seems I have exactly the same output as you:
[root at dc private]# net rpc rights list accounts -U Administrator
Enter Administrator's password:
BUILTIN\Print Operators
SeLoadDriverPrivilege
SeShutdownPrivilege
SeInteractiveLogonRight
BUILTIN\Account Operators
2019 Nov 21
2
Samba4 - Printer Drivers install fails
Le 21/11/2019 ? 15:15, Rowland penny via samba a ?crit?:
> On 21/11/2019 14:00, Julien TEHERY via samba wrote:
>>> Not entirely sure, but why does 'Administrator' own something on a
>>> Unix machine, it should be 'root'.
>>>
>>> Rowland
>>>
>>>
>> Even with root as owner or chmod777 on target directory result in the
2015 Mar 03
2
Synchronization problems between Win2k8R2 and samba
Hello,
I have a small test network with a Win2k8R2 DC.
I've added a samba4 as second DC in this network.
The join seems to run smoothly.
But, after the join, this command: ldapsearch -LLL -x -H
ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap_priv%2Fldapi -b
"dc=test,dc=dom" "(SAMAccountName=Administrateur)"
returns some strange results:
? some attributes like unicodePwd
2017 Mar 21
3
Problem sysvolreset
Hai,
Here you go my output of the R2008R2. (64bit)
1) original GPO from the install ( the domain controller policy )
Path : Microsoft.PowerShell.Core\FileSystem::C:\Windows\SYSVOL\domain\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}
Owner : BUILTIN\Administrators
Group : NT AUTHORITY\SYSTEM
Access : CREATOR OWNER Allow 268435456
NT AUTHORITY\Authenticated Users
2019 Jun 14
1
Automatically assigning uidNumber / gidNumber attributes
> Domain Admins is mapped as ID_TYPE_BOTH in idmap.ldb on the DC, this makes Domain Admins a group and a user.
I looked on a brand new test DC (with nss-winbind), and it looks like
it doesn't work right with winbind:
root at dc1# ls -l /var/lib/samba/sysvol/ad-test.vx/Policies/
total 16
drwxrwx---+ 4 3000004 ADTEST\domain admins 4096 Jun 13 21:41
{31B2F340-016D-11D2-945F-00C04FB984F9}
2019 Jun 11
2
Automatically assigning uidNumber / gidNumber attributes
Am 07.06.2019 um 17:48 schrieb Rowland penny via samba:
> On 07/06/2019 16:37, ?ukasz Michalski via samba wrote:
>> On 05.06.2019 22:40, Rowland penny via samba wrote:
>>>>
>>>> https://lists.samba.org/archive/samba/2019-June/223478.html
>>>> In this post, Rowland said "Oh good, 'Domain Admins' doesn't have a
>>>> gidNumber
2017 Apr 13
2
Access denied to change share security staff
On Thu, 13 Apr 2017 14:18:16 -0400
Rommel Rodriguez Toirac via samba <samba at lists.samba.org> wrote:
>
> I can change the permissions of share and I can change and add (or
> remove) the owners of that share using the Share permissions tab, but
> when try to change something with the Security tab there is when
> happen the Access denied. I work in that tab, When I open it
2017 Jul 06
4
Can't create/update Group Policy in Samba 4.6.5
Hi,
My DC doesn't know domains users and groups by name, only by uid/gid.
Ex: chmod mike:'EMPRESA\unix_admins' test
chown: invalid group mike:EMPRESA\\unix_admins
if run with GID work properly
chmod mike:30059 test
drwxr-xr-x 2 root 30059 4096 Jul 6 00:17 test
There is unix_admins group
wbinfo --gid-info 30059
EMPRESA\unix_admins:x:30059:
In File Server Domain Member
2016 Oct 13
2
Unable to set up home share correctly
Hi everyone,
after some struggling I have finally set up a Samba AD DC and a file
server more or less successfully. Unfortunately I am failing at one of
the last steps: the configuration of the home share, where I can't set
the permissions correctly which, as a consequence, seems to prevent the
creation of the users' folders on the home share
I am using the standard Samba packages on
2019 Sep 18
2
Sync UID/GUI between two DCs
Thank you for your answers Rowland.
I could go ahead.
Am 17.09.19 um 18:52 schrieb Rowland penny:
> On 17/09/2019 09:30, Simeon Peter wrote:
>> Am 17.09.19 um 17:08 schrieb Rowland penny via samba:
>>> Do not give the standard Windows users and groups a uid/gidNumber,
>>> most are never used on Unix, the main exception would be Domain Users.
>> OK, now I did it
2019 Jan 02
1
idmap problems
I've spent some time updating, upgrading and generally consolidating an old Samba AD. I've managed to remove a very old unsupported (4.2) Samba AD DC following migration to a couple of new DC's - that seems to have worked out OK. Workstation logons and GPO's working fine.
I'm now left with one problem after joining a new Samba (4.5.12) member server to the domain for file
2018 May 21
3
RSAT Hang
So, I setup Samba on Ubuntu 18.04, using the packaged Samba version. [Thanks Rowland/Louis et al.]
I'm doing some testing/tinkering using FreeNAS as a share, using the AD as the authentication back-end.
As part of that process, you need to add a computer account and change some security settings.
I setup RSAT and can see the AD tree, and add users etc.
When I try to switch to advanced view