similar to: Troubleshooting help?

Thank you Rowland! I guess that's part of my confusion, I'm not sure how to best debug where Centrify ends and Samba begins. But if these log.smbd errors indicate Centrify vice Samba, I'm good with that. My global smb.conf is (didn't bother with the commented out stuff): [global] security = ADS realm = <our domain name> workgroup = <our workgroup name> netbios name =

I probably should have lead with this, but I did not create or deploy this particular setup, I was charged with keeping it going after the main person left. I have zero experience with Samba or Centrify, or I should say *had* no experience until this. So, I frankly have very little idea of what most of these options are for or why they're set the way they are. I can certainly edit per your

On Fri, 25 Jan 2019 23:42:57 +0000 "Scott Z. via samba" <samba at lists.samba.org> wrote: > I'm terribly sorry if this isn't the proper place/method by which to > get help with troubleshooting Samba errors/issues, but it's the best > one I could find. I have an instance of Samba 4.8.3 running on a > Centos 7.6 VM server (kernel 3.10.0-957.1.3), along with

Hi, Is it possible to have non-authenticating shares on an server with security=ADS ? I have a RHEL server, with Centrify Express, and joined to a domain, but I would like to have a samba share that doesn't request a username/password for machines not on the domain. When I have a plain windows XP machine (not on the domain) attempt to connect, I get asked for a username/password. Is

On Mon, 28 Jan 2019 23:00:21 +0000 Scott Z. <sudz28 at hotmail.com> wrote: > What is your AD DC ? - Users log in to the domain but I don't really > have an insight into that piece. For my VM, my understanding is that > so long as it can verify the user requesting access to the share has > a valid login and are in the correct Active Roles group, they should > be able to

On Mon, 28 Jan 2019 17:19:03 +0000 Scott Z. <sudz28 at hotmail.com> wrote: > Thank you Rowland! I guess that's part of my confusion, I'm not sure > how to best debug where Centrify ends and Samba begins. But if these > log.smbd errors indicate Centrify vice Samba, I'm good with that. My > global smb.conf is (didn't bother with the commented out stuff): I have

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey folks, fyi: The planned release date for Samba 3.2.8 is February 03, 2009. Karolin - -- Samba http://www.samba.org SerNet http://www.sernet.de sambaXP http://www.sambaxp.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAklsVa0ACgkQKGi9fisXk1G+XwCfTKWiARlspK6dFKaSBpPCe5W1 PAcAnRLbGFF1ANS0qTmpSZRQ26PeEAvQ

Trying to cleanup warning messages like the following: Dynamic lookup of $domain at /etc/puppetlabs/puppet/modules/centrifydc/templates/centrifydc.conf.erb:222 is deprecated. Support will be removed in Puppet 2.8. Use a fully-qualified variable name (e.g., $classname::variable) or parameterized classes. Do I simply replace <%= domain %> with <%= ::domain %> ? Same goes with

Hi, Is it possible to have non-authenticating shares on an server with security=ADS ? I have a RHEL server, with Centrify Express, and joined to a domain, but I would like to have a samba share that doesn't request a username/password for machines not on the domain. When I have a plain windows XP machine (not on the domain) attempt to connect, I get asked for a username/password. Is

Details: Ubuntu 12.10 Samba version - Version 3.5.11-cdc-4.5.3-573 CentrifyDC version - CentrifyDC 5.0.2-396 Hi all, I am using Centrify Express to connect to my work domain, and I am using their version of Samba, hence the version listed above. I already posted this query to them, and they directed me to here, stating that this may be a Samba issue: Centrify forum

Below is the output. Thanks for the help. > Sys.getenv() BASH_FUNC_module() () { eval `/cm/local/apps/environment-modules/3.2.10/Modules/$MODULE_VERSION/bin/modulecmd bash $*` } COLUMNS 152 CPATH /cm/shared/apps/uge/8.2.1/include CVS_RSH ssh DISPLAY localhost:10.0 EDITOR

Hi, I'm looking a wiki or share experience for replace NIS authentication by an existing Active directory Server (W2003). The problem is on the management of id and gid. How to move 1000 actual NIS users to AD ? How to keep the same id and gid for this 1000 users ? What's happen with nfs linux server and acess with gid and/id ? Use the same user/password for linux and Windows clients

hi: our company want to use samba3+openldap with singal sign on. we have several branches.people would travel arround head quarter and branches with their notebooks. so we don't have roaming users, but we do have roaming computers. we want to use a single domain for every site, and we want every site keep working even when wan link is broken. my plan below: 1. place

I have two domain controllers running ubuntu (12.04 and 13.10) both with samba (4.1.6 and 4.1.7) installed and running (and with sssd on both machines to retrieve uid/gid from AD). I wish to set a share on ubuntu2 in the way so it could be accessible only from ubuntu1 (and by any user from ubuntu1, for instance by local root). I have found this solution though I'm not sure it solves my issue:

http://bugzilla.mindrot.org/show_bug.cgi?id=1364 Summary: default for ChallengeResponseAuthentication doesn't match sshd_config Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

I have samba configured with security=ads, and want to keep that so I can have properly authenticated access to file shares. However, I also would like to have anonymous access, even from non-domain accounts, to a printer. This latter part is giving me trouble. My (edited) smb.conf is at the end of this message. When I try to connect to the print share (via add printer) from a Windows system from

Hi, every one I'd like to introduce some new feature of our products. mg3000-r fxo gateway provides more feature to work with asterisk. 1.play asterisk ivr with no interuption. when the mg3000-r received call from co line, it wouldn't conect instantly.instead, it start call to asterisk ivr first,when the ivr ready, it connect the co line. this feature make user feel friendly.

Thank you but it just solve a problem. How about other? For example, You want to disable all Clients Firewall when they logging to their systems or set a specific proxy without Squid-cache. On Saturday, June 13, 2015 7:18 PM, Marc Muehlfeld <mmuehlfeld at samba.org> wrote: Hello Jason, Am 13.06.2015 um 16:36 schrieb Jason Long: > I mean is that If we have 2000 Linux clients

Hi all, I am not 100% sure if this is a -dev or a -user topic, but I am leaning towards the former. Feel free to cuss at me and tell me to ask -user, instead. I used to run a patchset that allowed full logs of everything taking place via OpenSSH. This also allowed me to replay any session, live or after the fact. I am fully aware of the security implications of logging everything, especially

I finally found it, thanks to a clue from https://wiki.archlinux.org/index.php/Active_Directory_Integration This works: kinit -k -t /etc/krb5.keytab 'WRN-RADTEST$' These don't work: kinit -k -t /etc/krb5.keytab kinit -k -t /etc/krb5.keytab host/wrn-radtest.ad.example.net kinit -k -t /etc/krb5.keytab host/wrn-radtest That is: the keytab contains three different principals: root