Displaying 20 results from an estimated 5000 matches similar to: "auto_private_groups analogue?"
2020 Feb 28
2
auto_private_groups analogue?
Manually.? Direct edit of passwd and group.Sent from my Sprint Phone.------ Original message------From: Rowland penny via sambaDate: Fri, Feb 28, 2020 2:04 AMTo: samba at lists.samba.org;Cc: Subject:Re: [Samba] auto_private_groups analogue?On 28/02/2020 00:00, Christopher Cox via samba wrote:
> Maybe a workaround?? We use winbind and default domain.? Therefore
> there are two records from
2020 Feb 28
0
auto_private_groups analogue?
On 28/02/2020 13:24, chriscox--- via samba wrote:
> Manually.? Direct edit of passwd and group.Sent from my Sprint Phone.------ Original message------From: Rowland penny via sambaDate: Fri, Feb 28, 2020 2:04 AMTo: samba at lists.samba.org;Cc: Subject:Re: [Samba] auto_private_groups analogue?On 28/02/2020 00:00, Christopher Cox via samba wrote:
>> Maybe a workaround?? We use winbind and
2020 Feb 28
2
auto_private_groups analogue?
What I'm offering is a solution.
Again, what I proposed is a functional workaround. It's actually pretty natural
and obvious when you get right down to it.
On 2/28/20 8:00 AM, Rowland penny via samba wrote:
> On 28/02/2020 13:24, chriscox--- via samba wrote:
>> Manually.? Direct edit of passwd and group.Sent from my Sprint Phone.------
>> Original message------From:
2020 Feb 28
1
auto_private_groups analogue?
On 2/28/20 11:29 AM, Rowland penny via samba wrote:
> On 28/02/2020 17:18, Christopher Cox via samba wrote:
>> What I'm offering is a solution.
>>
>> Again, what I proposed is a functional workaround.? It's actually pretty
>> natural and obvious when you get right down to it.
>>
> No it isn't. If you try to add a local user to a domain joined Unix
2020 Apr 03
3
Prevent `wbinfo -u` from making Winbind unresponsive
On Friday, 3 April 2020 10:46:54 PDT Ralph Boehme wrote:
> Am 4/1/20 um 11:09 PM schrieb Alexey A Nikitin via samba:
> > Is there a way, preferrably without ugly hacks, to prevent this from happening on accident, by mistake? By this I mean ideally so that Winbind remains responsive even if someone mistakenly ran `wbinfo -u` or `wbinfo -g`, but limiting the result sets of these commands or
2019 Jun 13
1
Samba + sssd deployment: success and failure
On Thursday, 13 June 2019 09:18:25 PDT Goetz, Patrick G via samba wrote:
> On 6/13/19 10:48 AM, Alexey A Nikitin via samba wrote:
> > According to the MS docs SID=('S-'+version+identifier authority value+domain or computer identifier+RID). The SIDs that don't contain RID are the special cases of Machine SID, Domain SID, Service SID, and some predefined universal well-known
2019 Jun 13
5
Samba + sssd deployment: success and failure
On Thursday, 13 June 2019 00:41:09 PDT Rowland penny via samba wrote:
> On 13/06/2019 07:55, Alexey A Nikitin wrote:
> > On Wednesday, 12 June 2019 13:07:56 PDT Rowland penny via samba wrote:
> >>>> I think you mean 'RID' instead of 'SID'
> >>> Yes, you're right. The Windows people seem to use the terms synonymously.
> >> I cannot
2020 Apr 01
5
Prevent `wbinfo -u` from making Winbind unresponsive
Hi,
Recently I by mistake ran `wbinfo -u <username>` when I was actually intending to run `wbinfo -n <username>`. It ignored the <username> part and proceeded to fetch the usernames. On a small domain this shouldn't be too much of an issue, but I did it on a domain with thousands upon thousands of users. The result was that Winbind became for all intents and purposes
2019 Oct 18
6
Winbind and caching - idmap, DC
On Friday, 18 October 2019 10:52:40 PDT Rowland penny via samba wrote:
> On 18/10/2019 18:26, Alexey A Nikitin via samba wrote:
> > Hi everyone,
> >
> > I have few questions about Winbind on AD DS domain member I'm having difficulty finding answers to in the docs on my own:
> > * does Winbind remember the last DC it was connected to on shutdown, will it attempt to
2020 Apr 10
2
Prevent `wbinfo -u` from making Winbind unresponsive
On Fri, Apr 10, 2020 at 02:37:45PM -0700, Jeremy Allison via samba wrote:
> On Fri, Apr 03, 2020 at 03:26:42PM -0700, Alexey A Nikitin via samba wrote:
> > On Friday, 3 April 2020 10:46:54 PDT Ralph Boehme wrote:
> > > Am 4/1/20 um 11:09 PM schrieb Alexey A Nikitin via samba:
> > > > Is there a way, preferrably without ugly hacks, to prevent this from happening on
2019 Oct 18
2
Winbind and caching - idmap, DC
On Friday, 18 October 2019 12:24:46 PDT Ralph Boehme wrote:
> You won't loose connectivity anyway. winbindd will just have to go
> through DC lookup again in certain scenarios.
This is exactly what I'd like to avoid. As I wrote in another message in this thread, it appears that switching DC shortly after domain join causes machine authentication failures until the new machine
2019 Nov 05
2
suddenly change: idmap uid + gid
On Tuesday, 5 November 2019 01:37:15 PST Rowland penny via samba wrote:
> On 04/11/2019 18:52, Alexey A Nikitin wrote:
> > On Sunday, 3 November 2019 01:41:18 PST Rowland penny via samba wrote:
> >> As I said, you cannot use 'winbind use default domain = yes' with
> >> 'autorid', it makes all users and groups members of the same domain,
> >> this
2020 May 28
2
NEG_CONN_CACHE questions
On Wednesday, 27 May 2020 16:21:31 PDT Jeremy Allison wrote:
> On Wed, May 27, 2020 at 12:54:49PM -0700, Alexey A Nikitin via samba wrote:
> > 3. Are the rules for how a DC gets put into NEG_CONN_CACHE documented anywhere besides the code itself, or wading through the code is my only option of getting to know the criteria?
>
> Only in the code I think, added in:
>
>
2020 Feb 06
2
NTP configuration
On Wednesday, 5 February 2020 13:11:27 PST Rowland penny via samba wrote:
> No, sorry, but your client needs to have the same time as the DC (+/- 5
> mins), so if you haven't installed an NTP client, I suggest you do.
Speaking of which, any suggestions on what's the best way to found out which NTP servers the client should be tuned to in AD DS? From what I understand, they are not
2020 Apr 04
1
Prevent `wbinfo -u` from making Winbind unresponsive
On Fri, Apr 03, 2020 at 07:46:54PM +0200, Ralph Boehme via samba wrote:
> Am 4/1/20 um 11:09 PM schrieb Alexey A Nikitin via samba:
> > Is there a way, preferrably without ugly hacks, to prevent this from happening on accident, by mistake? By this I mean ideally so that Winbind remains responsive even if someone mistakenly ran `wbinfo -u` or `wbinfo -g`, but limiting the result sets of
2020 Apr 02
2
Prevent `wbinfo -u` from making Winbind unresponsive
On Wed, Apr 01, 2020 at 03:33:00PM -0700, Jeremy Allison via samba wrote:
> On Wed, Apr 01, 2020 at 02:09:57PM -0700, Alexey A Nikitin via samba wrote:
> > Hi,
> >
> > Recently I by mistake ran `wbinfo -u <username>` when I was actually intending to run `wbinfo -n <username>`. It ignored the <username> part and proceeded to fetch the usernames. On a small
2019 Feb 26
2
winbind causing huge timeouts/delays since 4.8
On Mon, 25 Feb 2019 16:14:53 -0800
Alexey A Nikitin <nikitin at amazon.com> wrote:
> Hi Rowland,
>
> On Friday, 22 February 2019 08:03:11 PST Rowland Penny via samba
> wrote:
> > You also shouldn't use winbind on the shadow line
>
> Perhaps a stupid question, but my google-fu doesn't seem to be good
> enough to find an answer myself: what is the exact
2020 May 27
2
NEG_CONN_CACHE questions
I've tried searching manuals and wiki, but I can't seem to find any specifics about NEG_CONN_CACHE entries other than 'idmap negative cache time' option in smb.conf, which refers to SID/UID/GID queries and not unavailable DCs.
Specifically the issue I've ran into recently is that with 'winbind max domain connections' set to 10 I saw Winbind had single active connection
2019 Oct 18
4
Winbind and caching - idmap, DC
Hi everyone,
I have few questions about Winbind on AD DS domain member I'm having difficulty finding answers to in the docs on my own:
* does Winbind remember the last DC it was connected to on shutdown, will it attempt to connect to the same DC on restart or will it go through DC location process again?
* If yes, will that information be wiped out when one runs 'net cache flush'?
*
2019 Jun 13
2
Samba + sssd deployment: success and failure
On Wednesday, 12 June 2019 13:07:56 PDT Rowland penny via samba wrote:
> >> I think you mean 'RID' instead of 'SID'
>
> > Yes, you're right. The Windows people seem to use the terms synonymously.
> I cannot help that, the SID identifies the domain and the RID is
> appended to the end of the SID and identifies the object (user,
> group,computer