similar to: dsdb audit in JSON to journald

Hi, I have a share (testshare) where different unix groups (testgroup1, testgroup2) should have access to. But I want that new files are only created with 660 permissions. Here are the ACL's of testshare: # file: testshare # owner: ralfgro # group: ve user::rwx group::rwx group:testgroup1:rwx group:testgroup2:rwx mask::rwx other::--- default:user::rwx default:group::---

Hi, We were using samba_backup from 4.4.5 and after upgrade to 4.10.5 we are trying to configure new method, but is not working, tried: offline with samba stopped: # samba-tool domain backup offline --targetdir=/local/test/ INFO: Current debug levels: all: 5 tdb: 5 printdrivers: 5 lanman: 5 smb: 5 rpc_parse: 5 rpc_srv: 5 rpc_cli: 5 passdb: 5 sam: 5 auth: 5 winbind: 5

Hello everyone, I have currently two DCs running 4.21.1. The first DC is an older server which was upgraded over time while the second one was added later to the cluster and then upgraded as well. The recycle bin is enabled (which might likely be the cause of this issue). A while ago I noticed the following error in the log messages: "garbage_collect_tombstones_part:

Hello All, I have a custom built version of Samba 4.19.2 running on Rocky Linux 9. When I attempt to change a password via LDAP, I get an error, "Unwilling to Perform". In Google searches I found that this is due to password complexity requirements. However, in my case, I get the error no matter how complex the password. Also, I have the following line in my smb.conf file: ldap

Ive seen something simular here. Does this happen if you try to connect to a PC where you already are logged in. If yes, logout, test again. If no, reboot the pc and test again. What is the exact message you see. (optinal PM me the print screen) I do/did get some 0x... Message when trying to login on first attempt. The second always worked for me. And lookup the windows events. Or are

Hello Rowland, Find the _*smb.conf :*_ [global] netbios name = DC4 realm = KTKBANKLTD.COM server role = active directory domain controller workgroup = KTKBANKLTD [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [netlogon] path = /usr/local/samba/var/locks/sysvol/ktkbankltd.com/scripts ??????read only = No *Logs:* {"timestamp":

Hello all, I have a AD DC based on CentOS7 with sernet samba 4.1.14 with rfc2307 and function level 2008_R2. This one works so far and I can manage the AD from a windows client. Now I setup a member server based on CentOS7 with sernet samba 4.1.14 just like the wiki advises with the same smb.conf (realm etc is configured to my needs. I joined the AD and configured nsswitch. wbinfo works so far

Sorry, I have to correct: libnss_winbind.so.2 is located in /lib64 Thanks Am 9. Januar 2015 15:21:32 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>: >On 09/01/15 13:47, Tim wrote: >> Hello all, >> >> I have a AD DC based on CentOS7 with sernet samba 4.1.14 with rfc2307 >and function level 2008_R2. This one works so far and I can manage the >AD from a

Hi, I have encountered an issue which seems to be a serious reproducible bug in LLVM-GCC 4.2. It can be reproduced by compiling the following C++ file that uses boost:#include "boost/statechart/event.hpp" using namespace std; class EvActivate : public boost::statechart::event< EvActivate > { public: EvActivate(){} private: }; extern "C" const void*

Hi all, when i try to authenticate against my AD (rdesktop authentication) i got a wrong password/logname message despite my logname and password being exact , in the log i have the following . Nothing wrong for me. the only strange thing being the : stream_terminate_connection: Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() -

I switched to rid module of idmapping and now winbind offers all groups and I can set SeDiskOperatorPrivilege. getent group and getent passwd are now working! Am 9. Januar 2015 15:21:32 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>: >On 09/01/15 13:47, Tim wrote: >> Hello all, >> >> I have a AD DC based on CentOS7 with sernet samba 4.1.14 with rfc2307

When I switch back to backend ad, getent passwd returns nothing - getent group only returns by adding a dedicated group name. There is at least one user and one group with Id set in ad. Am 9. Januar 2015 16:29:39 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>: >On 09/01/15 15:19, Tim wrote: >> I switched to rid module of idmapping and now winbind offers all >>

That's what I tried to say. I set the gid/uid attribs in Unix tab. Am 9. Januar 2015 16:44:28 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>: >On 09/01/15 15:40, Tim wrote: >> When I switch back to backend ad, getent passwd returns nothing - >> getent group only returns by adding a dedicated group name. >> There is at least one user and one group with

On 09/01/15 13:47, Tim wrote: > Hello all, > > I have a AD DC based on CentOS7 with sernet samba 4.1.14 with rfc2307 and function level 2008_R2. This one works so far and I can manage the AD from a windows client. > > Now I setup a member server based on CentOS7 with sernet samba 4.1.14 just like the wiki advises with the same smb.conf (realm etc is configured to my needs. I joined

On 09/01/15 15:19, Tim wrote: > I switched to rid module of idmapping and now winbind offers all > groups and I can set SeDiskOperatorPrivilege. > > getent group and getent passwd are now working! > > > > Am 9. Januar 2015 15:21:32 MEZ, schrieb Rowland Penny > <rowlandpenny at googlemail.com>: > > On 09/01/15 13:47, Tim wrote: > > Hello

On 09/01/15 15:40, Tim wrote: > When I switch back to backend ad, getent passwd returns nothing - > getent group only returns by adding a dedicated group name. > There is at least one user and one group with Id set in ad. > Yes, but do *any* of your AD users have a uidNumber attribute. Rowland > Am 9. Januar 2015 16:29:39 MEZ, schrieb Rowland Penny > <rowlandpenny at

On 09/01/15 15:45, Tim wrote: > That's what I tried to say. I set the gid/uid attribs in Unix tab. > > Am 9. Januar 2015 16:44:28 MEZ, schrieb Rowland Penny > <rowlandpenny at googlemail.com>: > > On 09/01/15 15:40, Tim wrote: >> When I switch back to backend ad, getent passwd returns nothing - >> getent group only returns by adding a dedicated

On 09/01/15 16:48, Tim wrote: > Definitely. > > With backend=ad only two user can be seen by getent passwd. Then > changing backend=rid, all users are resolved by getent passwd > > Am 9. Januar 2015 17:09:19 MEZ, schrieb Rowland Penny > <rowlandpenny at googlemail.com>: > > On 09/01/15 15:45, Tim wrote: > > That's what I tried to say. I set

Definitely. With backend=ad only two user can be seen by getent passwd. Then changing backend=rid, all users are resolved by getent passwd Am 9. Januar 2015 17:09:19 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>: >On 09/01/15 15:45, Tim wrote: >> That's what I tried to say. I set the gid/uid attribs in Unix tab. >> >> Am 9. Januar 2015 16:44:28 MEZ,

On 15-01-09 09:19 AM, Tim wrote: > It's definitely a problem with backend ad. I don't know what, but with ad backend I also cannot list rpc rights on the server because it cannot find the user. With rid: no problem. > > Bug? I appear to be about 12 hours behind Tim, except that I am using Debian 7.7, and (now) following Louis van Belle's script for making a member server