similar to: `getent passwd` not working with ad backend

Displaying 20 results from an estimated 20000 matches similar to: "`getent passwd` not working with ad backend"

2019 Jan 24
1
`getent passwd` not working with ad backend
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, January 24, 2019 9:33 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: > On Thu, 24 Jan 2019 08:57:21 +0000 > Harpoon via samba samba at lists.samba.org wrote: > > > Hi all, > > I've been reading and it seems like ad backend has many features that > > I'd like to use. However, despite browsing many
2019 Jan 15
4
SSH SSO without keytab file
Hai, Lets start here. Handy for us to know. OS? Samba version? AD or member setup? And I suggest, set this in the ssh server. # GSSAPI options GSSAPIAuthentication yes Restart the ssh server and try to SSO login. If its a AD server this should work. Yes, you dont get home dir etc, end up in / after login, but lets check if this works. Greetz, Louis > -----Oorspronkelijk
2019 Jan 24
0
`getent passwd` not working with ad backend
> Did you assing uid/gid's to the user/groups? > https://wiki.samba.org/index.php/Maintaining_Unix_Attributes_in_AD_using_ADU > C I added uid/gid to the new users and groups. I dont have access to ADUC so can't check atm. Here's how I added new group: `samba-tool group add lag --gid-number 16000 --nis-domain SAMDOM` Here's how I added new user: `samba-tool user
2019 Jan 18
1
SSH SSO without keytab file
Thanks for the prompt reply! > I did see that you are using Administrator, and thats the problem. > Administrator is mapped to root ( most of the time ), > if you assigned Administrator UID = 0 then you have a problem, because only root = uid 0. > > Never ever give Administrator a UID/GID I am using tdb backend. It mapped administrator account to 12000:10000. > So try again
2019 Jan 18
4
SSH SSO without keytab file
Hai, > -----Oorspronkelijk bericht----- > Van: Harpoon [mailto:harp00n at protonmail.com] > Verzonden: vrijdag 18 januari 2019 9:24 > Aan: L.P.H. van Belle > CC: samba at lists.samba.org > Onderwerp: Re: [Samba] SSH SSO without keytab file > > Thanks for the prompt reply! Your welkom. > > > I did see that you are using Administrator, and thats the problem.
2019 Jan 24
0
`getent passwd` not working with ad backend
Hai, > Here's how I added new group: > > `samba-tool group add lag --gid-number 16000 --nis-domain SAMDOM` > > Here's how I added new user: > > `samba-tool user create user23 --unix-home=/home/%U > --uid-number=14800 --login-shell=/bin/bash --gid-number=16000 > --nis-domain SAMDOM` Yes, thats fine too.. > > On the DC, I checked the new user: >
2019 Jan 18
3
SSH SSO without keytab file
I actually spent the entire last day getting 'ad' backend to work. Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd` ... Use : getent passwd username Check if wbinfo -u works also. As tip, if you try these. id username getent passwd username wbinfo -u | grep username If all work and show your usename,
2019 Jan 18
3
SSH SSO without keytab file
> ............ > > > You can, provided you have a user.map in smb.conf > > Oeps, Ah yes, forgot that, because he was testing on the DC. > And DC's dont use the user.mapping. > > Thanks for the correction. With regard to tdb ipmap, I set this parameter on domain member. Domain controller has no such parameter set. I'll look into the other useful suggestions you
2019 Jan 24
0
`getent passwd` not working with ad backend
On Thu, 24 Jan 2019 08:57:21 +0000 Harpoon via samba <samba at lists.samba.org> wrote: > Hi all, > I've been reading and it seems like ad backend has many features that > I'd like to use. However, despite browsing many forums and docs, I am > still unable to get domain users list using `getent passwd` while > using `ad backend`. If I change backend to tdb, then I can
2019 Jan 18
1
SSH SSO without keytab file
> > > ............ > > > > > > > You can, provided you have a user.map in smb.conf > > > > > > Oeps, Ah yes, forgot that, because he was testing on the DC. > > > And DC's dont use the user.mapping. > > > Thanks for the correction. > > > > With regard to tdb ipmap, I set this parameter on domain member. > >
2019 Oct 16
13
Samba AD-DC idmap config
Following the guidance here, https://wiki.samba.org/index.php/Idmap_config_ad, I added idmap lines to my smb.conf file on my Samba 4.7 AD-DC server on Ubuntu 18.04. Samba no longer starts and testparm reports that the idmap ranges for the default * domain and the AD domain are overlapping. Here's my smb.conf file (FWIW, if I don't comment security = ADS, server role is set to Member
2016 Nov 24
5
getent only displays local users & groups
I have read numerous posts regarding this issue without finding a resolution. I have a fresh Samba AD DC & a Samba Member server. the member server has been setup using idmap config ad wbinfo -u & wbinfo -g both work and list the domain users & groups getent passwd & getent group both only display the local member server users and groups >From what I have read I understand
2018 Jan 08
3
R: R: R: cannot list/access samba share from Windows client
Ok. I’ve done root at SRVLNXWINTRA01:/home/data# nano /etc/samba/smb.conf modified idmap config COM_SPOLETO : backend = rid to idmap config COM_SPOLETO : backend = ad root at SRVLNXWINTRA01:/home/data# systemctl restart smbd nmbd winbind root at SRVLNXWINTRA01:/home/data# net cache flush root at SRVLNXWINTRA01:/home/data# getent passwd com_spoleto\\andrea.rossetti root at
2017 Nov 19
2
Samba to Domain Member Server Configs Messed Up, Now getent fails
Hi List Absolute confused newb here. Again. I noticed that the user gid and uids on my DCs were different from the uids and gids I would find on the domain member file server. ( I created users with samba-tool). User UIDs on the DCs would start in the 30000XX range, while on the file server, the uid would start in the 1000XX range. In an attempt to rectify this, I changed the smb.conf from
2017 Nov 20
2
samba 4 ad member - idmap = ad for machine accounts
Samba - General mailing list wrote > On Mon, 20 Nov 2017 10:43:58 -0700 (MST) > tomict via samba &lt; > samba at .samba > &gt; wrote: > On Unix there are users, groups and computers, whilst on > Windows there are users, groups and special users that are also > computers ;-) > > You posted that you have added uidNumber and gidNumber attributes to > the users
2019 Jan 02
1
idmap problems
I've spent some time updating, upgrading and generally consolidating an old Samba AD. I've managed to remove a very old unsupported (4.2) Samba AD DC following migration to a couple of new DC's - that seems to have worked out OK. Workstation logons and GPO's working fine. I'm now left with one problem after joining a new Samba (4.5.12) member server to the domain for file
2024 Nov 14
3
Very strange: Samba is unable to access one of its own files
On Thu, 14 Nov 2024 11:17:11 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > On 11/14/24 10:48, Rowland Penny via samba wrote: > > The only things that a Samba AD DC pulls from AD is the uidNumber > > and gidNumber attributes (if they are set) and only then if > > 'idmap_ldb:use rfc2307 = yes' is set in the DCs smb.conf. > >
2016 Oct 09
4
Problem with one User after upgrade to 4.5.0
On 10/09/2016 02:51 AM, Rowland Penny via samba wrote: > Have you by any chance got another 3001108 'xidNumber' in idmap.ldb ? > If you give a user a 'uidNumber' attribute, the contents of this will be > used instead of the 'xidNumber' in idmap.ldb, hence you do not need to > (and probably shouldn't) use numbers in the '3000000' range. I managed to
2019 Oct 22
3
Samba domain users AWOL from Samba file server.
Using samba-tool on my samba DC, I created several users. On my separate samba file server, joined to the domain, all the users are listed as belonging to Domain Users ( getent group "Domain Users"). However, several domain users are missing from the passwd database on the file server (i.e., nothing returned when I run getent passwd user3). Why would that be? Each user has its own
2017 Feb 20
3
id maping
Hello, I have install samba ad. On AD the config look like # Global parameters [global] netbios name = DC1 realm = SAMDOM.EXAMPLE.COM server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate workgroup = SAMDOM server role = active directory domain controller idmap_ldb:use rfc2307 = yes # Default idmap config for local BUILTIN accounts and