similar to: idmap backend ad well-known-sids 512 & 513

Hi, on our samba 4 domain member server we use the vfs objects module 'recycle'. Unfortunately we ran into a strange permission problem with deleted folders. The newly created folders in the recycle folder have the wrong permission. The deleted file(s) itself has the correct group (rw) permissions. The shares correct permissions: getfacl Papierkorb/ # file: Papierkorb/ # owner: root #

Setup a DC using 4.0.3 - all appears to go fine... Setup a second DC and everything works fine to here...but I'm not sure if replication is actually working or not. Here's what I get from ./samba-tool drs showrepl I've also done. [./samba-tool drs kcc -Uadministrator dc2.samba.somedom.local] in an attempt to fix the replication problem. (or what I think is a problem.) [The outbound

Hello. I'm trying to perform a classic upgrade from Samba 3.6.6 with LDAP backend on Debian to 4.1.6 on Ubuntu on a new machine. The samba-tools creates the following *smb.con*f: *# cat /etc/samba/smb.conf** *[global] workgroup = SOMEDOM realm = somedom.local netbios name = SOMEDOM server role = member server passdb backend = samba_dsdb server

Maybe this is a stupid idea, but what we are doing here is using just the domain name for all sorts of services, i.e. LDAP. So instead of pointing a client to dc1.somedom.contoso.com or dc2.somedom.contoso.com, we point them to somedom.contoso.com which is then resolved to both and the client can pick. Best regards Johannes Am Mo., 23. Nov. 2020 um 17:02 Uhr schrieb Rowland penny via samba <

Hi list, I've a strange issue with Windows 7 (also occurs on 8.1) when accessing shares on domain controllers. If I use IP address or in-domain FQDN (server.domain.name), all is right. If I use another DNS entry pointing to the same IP, share access fails with following message (translated from french) : \\somehost.somsuffix\someshare is not accessible. […] Invalid parameter Issue

Hi, No change According to netbios aliases documentation, it only modify NETBIOS announce, but I'm using DNS to access the host (and it is correctly resolved since smbclient access works, shares list works on windows) Regards Le 13/07/2015 15:53, Zerwes, Klaus a écrit : > set > > netbios aliases = > > in the global section of smb.conf > > Good luck > > Klaus

with getfacl userprofiles appear that domain admins has no permission, and I have configured as appear in wiki profiles, but only step that I can't configure is chgrp doamin admins # getfacl /local/var/profilesad/usertest/ getfacl: Removing leading '/' from absolute path names # file: local/var/profilesad/usertest/ # owner: 20087 # group: 513 user::rwx user:20087:rwx user:3000001:rwx

Hi, I have installed samba 4.4.4 and configured and works perfect, now I need to configure roaming profiles and reading https://wiki.samba.org/index.php/Shares_with_Windows_ACLs I have detected that I can't configure chgrp "Domain Admins" /srv/samba/Demo/ I'm creating this share on our dc, but seem that with # getent group "Domain Admins" any samba AD group is

Hi, compiled from sources with # ./configure # make # sudo make install 2016-07-07 12:34 GMT+02:00 Trenta sis <trenta.sis at gmail.com>: > Hi tried with: > > winbind enum users = Yes > winbind enum groups = Yes > > > and winbind in nsswitch but same output, no result with getent from users and groups from samba 4 ad > > > 2016-07-07 11:40 GMT+02:00 Trenta

# Global parameters [global] interfaces = bond0 log file = /var/log/samba/%m.log log level = 5 auth:5 winbind:8 printcap name = /dev/null realm = SOMEDOM.AT security = ADS username map = /etc/samba/user.map winbind refresh tickets = Yes winbind use default domain = Yes workgroup = ARBEITSGRUPPE idmap config arbeitsgruppe:unix_nss_info = yes idmap config arbeitsgruppe:range =

So, I'm wondering if anyone has a "howto" on promoting a non-master DC to FSMO/Operation master and making it the Primary DC? [I don't see it in the Wiki and searching doesn't produce anything for me.] In my particular case, I have a couple of test DC's I've setup. Rather than tear them down, I might like to just move them into production/final testing and then

Hello, On my system, nssswitch is like this : passwd:???? files sss shadow:???? files sss group:????? files sss So I assumed that it works with SSSD, I do not notice any issue with Samba. My share is accessible, permissions acls are working. The only thing I noticed is maybe NTLMv2 is always used by default with Samba. /[2019/06/18 09:51:44.542476,? 3]

That's my ldif I can import successfully. The problem is not passing the password for the Samba4... dn: cn=usertest,cn=users,dc=dominio,dc=local objectClass: usertest sAMAccountName: usertest displayName: User Test homeDirectory: /home/usertest uid: usertest cn: usertest uidNumber: 10211 userPassword:: e1NTSEF9Mk1Ya0NSTGsxQjRDbGhmcnk5MTYybEFMOEVoTFowUkg= sn: usertest givenName: usertest --

The 2 commands works : # getent passwd MYDOMAIN\\usertest MYDOMAIN\\usertest:*:10430:14513:user TEST:/home/usertest:/bin/bash # getent group MYDOMAIN\\"Utilisateurs du domaine" MYDOMAIN\utilisateurs du domaine:x:14513: I have to put "Utilisateurs du domaine" instead of Domain\ Users because the Windows AD is a french AD. Le 19/06/2019 ? 12:32, Rowland penny via samba a

So I re run the test with domain users gid 14513 Still not working (sssd stopped, nsswitch.cnf with? "files winbind" for passwd group, # net cache flush + restart winbindd smb) On the samba server : # wbinfo -i MYDOMAIN\usertest MYDOMAIN\usertest:*:10430:*14513*:user TEST:/home/usertest:/bin/bash In log, I have : myw7worstation.log /[2019/06/19 12:04:29.496822,? 1]

Thank Rowland, imagine that your crystal ball is not working, my already broken a long time .... I want to know if anyone here in the list have been through a similar problem with my, no wonder the ldif anyone, just wonder if anyone else has had to import only users and Openldap passwords for Samba4. Again thank you for your huge and wonderful collaboration Rowland. -- View this message in

On 21/06/2019 15:39, Edouard Guign? via samba wrote: > Hello, > > I am facing 2 issues now. > The first one is the more critical for me... > > 1. When I switch from sssd to winbind with : > # authconfig --enablekrb5 --enablewinbind --enablewinbindauth > --enablemkhomedir --update > > My sftp access did not work. Does it change the way to pass the login ? > I used

Hi all, I'm running a small (50 users) AD with an AD-DC and a Domain Member as the file server. Both running debian Stretch and self-compiled samba 4.6.12. Bind as DNS. Multiple shares configured using windows ACLs. All work as expected except for User Home Folders (https://wiki.samba.org/index.php/User_Home_Folders). I've created a folder for each user under samba_homes/ and gave full

Hi, I have a setup with 2 DCs which works just fine. Since we have some legacy systems which can't deal with 2 DNS Names I used ctdb to manage a floating IP (in addition to the fixed IPs) between the DCs which works great also. But then the replication breaks for some parts (Users still were replicated) because the floating IP was added to the internal DNS zone and one of the DC tried to

hello, My 2nd issue is about acls which are added by "Domain users". May you help me to solve it again ? Concerning this issue, on my samba share, I set permissions for the share "groups" located on /var/datashared for "domain admins" (rwx) and "domain users" (r-x) /var]# getfacl datashared/ # file: datashared/ # owner: root # group: root user::rwx