Displaying 20 results from an estimated 4000 matches similar to: "question about winbind rid idmaping"
2020 Oct 29
4
question about winbind rid idmaping
On Thu, Oct 29, 2020 at 7:21 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 29/10/2020 11:04, Andrea Cucciarre' via samba wrote:
> > Hello,
> >
> > I have just realized that winbind rid idmapping create the following
> > idmapping for user, below an example:
> >
> > # id HYPERFILE\\simone
> > *uid=11663*(HYPERFILE\simone)
2020 Sep 22
2
Running samba in Kubernetes
Hello,
I have successfully (hopefully) configured samba to run in Kubernetes
pods, basically I have a pod (i.e. container) that run winbindd and join
the Windows AD, and a pod (i.e. container) that run smbd.
I have used socat to allow the unix socket communication between
winbindd and smbd pods:
*** winbindd pod ***
UID??????? PID? PPID? C STIME TTY????????? TIME CMD
root???????? 1???? 0? 0
2019 Jul 31
5
winbind seems to hang when the DC goes down instead of switching to the other available DC
Hello,
I'm running Samba 4.9.5 as domain member, when I bring down the current
Window DC (10.50.50.187) the winbind seems to hang instead of switching
to the other available DC (10.50.50.25)
The "net ads" command show that Samba switched to the other available DC:
net ads join -U 'administrator' -S 'PAVONE.HYPERFILE.LOCAL'
'HYPERFILE.LOCAL'^C
root at
2018 Jun 19
2
Samba 4.5: trying to setup an omnios system as a DC member
Hello,
I'm trying to setup an omnios system as a Samba DC member, and I need AD
backend for consistent IDs on all Samba clients.
The AD join is successful, the wbinfo shows the AD users
# /opt/samba/bin/wbinfo -n andrea
S-1-5-21-2680195940-2267646359-3814218302-1109 SID_USER (1)
however, " getent passwd ..." returns nothing for the user (all the AD user)
I have enabled debugging
2019 Jan 23
2
can't write Samba share as anonymous
Hello,
I'm trying to access a Samba share as anonymous/guest user, so I have
added the following entry inf file smb.conf (Samba 4.9)
guest account = andrea
map to guest = bad user
...
[test]
available = yes
browsable = yes
guest ok = yes
nfs4: acedup = merge
nfs4: mode = special
path = /var/tmp/test
read only = no
and the shared directory /var/tmp/test has the following permission (so
2019 Aug 01
1
winbind seems to hang when the DC goes down instead of switching to the other available DC
I have checked the DNS configuration as you recommended, and run more tests.
It seems that winbidndd recover itself within about 10 minutes after the
DC has been shutdown, not sure where that sort of timeout comes from :(
# sleep 60; while true; do date; wbinfo -u; sleep 60; done
Thu Aug? 1 16:39:32 CEST 2019
HYPERFILE\guest
HYPERFILE\defaultaccount
HYPERFILE\krbtgt
HYPERFILE\administrator
2019 Jan 23
1
can't write Samba share as anonymous
I'm not sure I have understood, I'm mounting the share as "urca" user,
which is not a known user.
Although I'm setting smb.conf so that for guest user it uses the
privileges of the known user "andrea"
Could you please advice on what I should set for "guest account" in
smb.conf?
Thanks
Andrea
Il 1/23/2019 5:15 PM, Rowland Penny via samba ha scritto:
2020 Sep 22
0
Running samba in Kubernetes
Hi,
just out of curiosity why? Is it a personal challenge?
On 9/22/20 1:37 PM, Andrea Cucciarre' via samba wrote:
> Hello,
>
> I have successfully (hopefully) configured samba to run in Kubernetes
> pods, basically I have a pod (i.e. container) that run winbindd and join
> the Windows AD, and a pod (i.e. container) that run smbd.
> I have used socat to allow the unix
2020 Oct 29
2
question about winbind rid idmaping
Am 10/29/20 um 1:07 PM schrieb Rowland penny via samba:
> On 29/10/2020 11:56, Andrew Walker wrote:
>> Several of the idmap backends (including idmap_rid) in samba support
>> id_type_both (the ID is both a user and a group). This is ultimately
>> needed for accurately producing Windows-style behavior regarding
>> permissions (where a group can be the owner of a file).
2018 Jun 20
3
Samba 4.5: trying to setup an omnios system as a DC member
Hello Rowland,
thanks, configuring the uidNumber and gidNumber on the AD fixed the
issue, now getent passwd works.
I just have one remaining issue, it seems the ACL doesn't work.
As an example when I set ACL with full permission for user andrea:
# /usr/bin/ls -ldV /cache/testsamba/
d---------+ 3 root root 5 Jun 19 19:40 /cache/testsamba/
2019 Feb 26
2
UID provided by rid idmap is out of the range imposed in smb.cof
Hello,
I had a problem with Samba winbind id-mapping on a system that is part
of an AD domain.
In the smb.conf I have the following setting:
idmap config <domain> : backend = rid
idmap config <domain> : range = 1000000-3000000
idmap config <domain> : schema_mode = rfc2307
winbindd was failing to convert some user SID to UID and in the idmap
logs I have the following error:
2020 Oct 29
0
question about winbind rid idmaping
On 29/10/2020 13:32, Ralph Boehme wrote:
> Am 10/29/20 um 1:07 PM schrieb Rowland penny via samba:
>> On 29/10/2020 11:56, Andrew Walker wrote:
>>> Several of the idmap backends (including idmap_rid) in samba support
>>> id_type_both (the ID is both a user and a group). This is ultimately
>>> needed for accurately producing Windows-style behavior regarding
2023 Mar 01
1
rid backend special group handling
Hi:
I want to convert our samba file server from rfc2307 to rid backend.
the configuration looks like:
idmap config *:backend = tdb
idmap config *:range = 5000-9999
idmap config SAMDOM:backend = rid
idmap config SAMDOM:range = 10000-999999
idmap config SAMDOM:unix_primary_group = yes
Most things work fine. normal user-id and group-id changed. so we
change owners and acls to
2019 Mar 12
2
sometimes users fails to login
Sorry my bad, thanks for spotting it.
Should that explains also the failure to grab the mutex?
Andrea
Il 3/12/2019 12:14 PM, Rowland Penny via samba ha scritto:
> On Tue, 12 Mar 2019 12:01:08 +0100
> Andrea Cucciarre' <acucciarre at cloudian.com> wrote:
>
>> The OS is OmniOS, the DC is Windows Server (not sure about the
>> release), and below the smb.conf.
2019 Mar 12
2
sometimes users fails to login
The OS is OmniOS, the DC is Windows Server (not sure about the release),
and below the smb.conf.
I have also noted that they have more trusted domains, but since they
configured ad idmap only for one domain, then all the other domains use
tdb idmap
[global]
client ldap sasl wrapping = plain
dedicated keytab file = /etc/krb5.keytab
disable spoolss = yes
host msdfs = no
idmap config * : backend
2019 Mar 18
2
sometimes users fails to login
Hello,
Still fighting on this issue, now sometimes I get the following (may be)
relevant errors:
[2019/03/18 14:46:03.329505, 10, pid=582, effective(0, 0), real(0, 0),
class=idmap] ../source3/winbindd/idmap.c:509(idmap_find_domain)
idmap_find_domain called for domain 'BITINTRA'
[2019/03/18 14:46:03.329577, 10, pid=582, effective(0, 0), real(0, 0),
class=winbind]
2018 Jun 19
0
Samba 4.5: trying to setup an omnios system as a DC member
On Tue, 19 Jun 2018 16:10:33 +0200
Andrea Cucciarrè via samba <samba at lists.samba.org> wrote:
> Hello,
>
> I'm trying to setup an omnios system as a Samba DC member, and I need
> AD backend for consistent IDs on all Samba clients.
> The AD join is successful, the wbinfo shows the AD users
>
> # /opt/samba/bin/wbinfo -n andrea
>
2019 Jan 23
0
can't write Samba share as anonymous
On Wed, 23 Jan 2019 16:56:42 +0100
Andrea Cucciarre' via samba <samba at lists.samba.org> wrote:
> Hello,
>
> I'm trying to access a Samba share as anonymous/guest user, so I have
> added the following entry inf file smb.conf (Samba 4.9)
>
> guest account = andrea
> map to guest = bad user
> ...
> [test]
> available = yes
> browsable = yes
>
2020 Nov 09
4
How to configure samba domain member to use LDAPS instead of LDAP
The DC is a Windows AD DC.
Could you please clarify why i should change setting in the Windows DC
instead of the Samba server, which is the one that does the insecure
ldap bind?
Regards
Andrea Cucciarre'
On 11/9/2020 3:13 PM, Rowland penny via samba wrote:
> On 09/11/2020 13:28, Andrea Cucciarre' wrote:
>> My customer complain that in the AD DC they see the following
2012 Nov 09
2
Passing an array of user groups to a define
As I try to get some flexibility in the creation of users, I switched to a
define.
problem is, I can''t pass an array of user groups anymore. This either
results in
- wrong group creation: group1,group1group2,group2 (see that group1 and
group2 are concatenated in the middle, undefined group)
- error: Group names must be provided as an array, not a comma-separated
list.
I use the