similar to: LDAP + SSSD + Winbind group membership updating

Hi all, I'm not able to create localgroups as described in "docs/man/Samba-HOWTO-Collection/groupmapping.html" I have tested Samba 3.2.5 and 3.2.6 on Debian lenny. As usual I am using openldap as backend. First I have tested with smbldap-tools, then I have switched to ldapsam:editposix = yes ldapsam:trusted = yes and removed all the script entries from smb.conf.

Hello, we are using sssd version 1.12 on openSUSE 13.1 with Sernet-Samba Packages 4.1.11. Samba runs as a single AD DC We have removed the complete openSUSE samba stuff before testing. sssd runs on the same machine as samba. Our sssd config: -------------------------------------------------------------------------------- [sssd] services = nss, pam config_file_version = 2 domains =

Hi, Same problem for me, any clue ? Gana?l. owen@isrl.uiuc.edu@lists.samba.org on 07/31/2003 01:42:21 AM Envoy? par : samba-bounces+ganael.laplanche=edf.fr@lists.samba.org Pour : samba@lists.samba.org cc : Objet : [Samba] groupmember list fails with 3.0.0b3 and LDAP Hi all, I've been working on a PDC with group mapping with Samba-3.0.0Beta3 with OpenLDAP-2.1.22. Things

Hello guys! I'm using samba 3.2.4 (binaries from samba.org) on SLES9+sp3. I am building a PDC with LDAP support (i am attaching my config files), I'm also using ldapsam:trusted and ldapsam:editposix. Although I am setting the account lock after 3 failed tries in usrmgr, and verified that the parameters are actually set in the LDAP, no locking occurs. I started thinking that it was my

On Fri, 16 May 2025 18:41:27 +0300 Alex Moz via samba <samba at lists.samba.org> wrote: > I broke my head trying to solve the LDAP group membership updating > issue. I need help. > > ###### Description > I've configured OpenLDAP + SSSD + Winbind + Samba 4.21.5 on Fedora 41. Why ? Why not use AD ? Are you aware that sssd and winbind do much the same thing ? What is

I have two users on my network, Mary and Bob, who work together in a shared share. They both belong to the group Accounting. Bob is a savvy Linux user who accesses the share via NFS4. Mary toils away using Windows accessing the share via the Samba server. Mary will create a directory on the share and dump a number of files in which Bob and Mary will split the load. Bob, being a LInux user, will

I groupapped the domadmins group in linux to ntgroup="Domain Admins" but instead of mapping to the SID number ending in 512 it's creating a new SID number endind in 2025 mapped to domadmins... Does anybody knows why??? It worked in the previous server. This is the command I execute net groupmap add ntgroup="Domain Admins" unixgroup=domadmin If I use the rid=512 option I

Hi all: I was running Samba 3.0.x (from CentOS 5 repository) integrated with OpenLDAP as a complete PDC solution that worked fine for several moths. As we needed to join Win7 computers to the domain I upgraded to Samba 3.5.3 keeping my Samba configuration the same. We find that after this upgrade the root account of the domain wasn't able to access to C$, D$ or other administrative resources

Hello List, we have installed samba Version 3.0.20-0.1-SUSE. when I'm entering > net getlocalsid I get > SID for domain <netbios name> is: S-1-5-21-4166838278-3756557259-2095403906 entering > net getlocalsid <domain name> returns > SID for domain <domain name> is: S-1-5-21-2018781741-1218799122-1862565094 Does this mean that the pdc itself is not in the domain

Hi, I have the following situation concerning group mapping: when I enter > net getlocalsid I get > SID for domain PDC is: S-1-5-21-4166838278-3756557259-2095403906 when I enter > net getlocalsid DOMAIN I get >SID for domain DOMAIN is: S-1-5-21-2018781741-1218799122-1862565094 The group mapping shows > net groupmap list > Domain Users

Hello, I have the following situation: Samba with ldap passdb backend. In my setup I have a group called exact: ------------ dn: cn=exact,ou=Groups,dc=ahm,dc=nl objectClass: posixGroup,sambaGroupMapping cn: exact gidNumber: 1000 sambaSID: S-1-5-21-4269728302-1655870493-3894479995-3001 sambaGroupType: 4 memberUid: gerrit,piet,hornie ------------ maps to the unix group exact: exact

Hi, I have a server which until recently was serving a domain of about 20 XP PCs in a school. Over the summer I updated Samba to 3.5.4-0.70, and replaced the desktops with new machines which are running Win7 Pro 64 bit SP1. This being a school, I have a system of mandatory group profiles set up, and all of the pupil groups curently have copies of the same mandatory profile (generated via the

Dear List, we've the following setup: login: PDC (Samba + Master LDAP with Slave LDAP) appserver: BDC (Samba + Master LDAP with Slave LDAP) fileserver: Samba domain member server Everything is running with Samba3 and OpenLDAP2 The following problem: when the PDC is not available (test shutdown) the clients can log into the domain (netlogon- script is running from BDC), but the fileserver

I am using Samba PDC with OpenLDAP2 and smbldap-tools. As part of my logon.bat, I call a script called ifmember.exe. This script can list out the groups a user is a member of. It is reporting that my root user is a member of the group 'engr.' I don't know if this is a bug with ifmember.exe or if it's an issue in Samba or in LDAP. Here is some relevant data:

Hi there ... I have a problem with my tdb-database after I've migrated from Debian-Samba-3.2.5-4lenny6 to Samba-3.2.5-4lenny7. All the old directories /etc/samba with the smb.conf and /var/lib/samba with the tdb-database has been hold. Now I've inexplicable effects with my tdb-database. - I cannot list my admin - user, which is the domain-administrator, in my passwd.tdb. - I cannot

First off, on the Windows side I use "ifmember.exe /list" to check the group membership in affect for the currently logged in domain user, works like a charm. However, Linux side is another story, specifically the net command. We have, among others, the following mapping in place: net groupmap modify ntgroup="Domain Admins" unixgroup=domadmin Based on this documentation:

Hi! I have a problem using ntconfig.pol-policies for domain groups other than "Domain Users" and "Domain Admins". I am using Samba 2.2.7 with LDAP support as a PDC. Policies work as expected for "Domain Users" and "Domain Admins" but setting policies for any other group doesn't work. The "Browse"-list for AddGroups in poledit only shows

Hello everybody! I should have an error on the LDAP entries of my ldapSAM, but I've read several times chapters 11 & 12 of the Samba HOWTO Collection and I cannot fix it. Let's explain: I've got a StandAlone fileserver (not PDC) samba-3.0.4 with ldapSAM working on a RedHat Enterprise 3.0 (linux kernel 2.4.25). The directory server version shouldn't be important, but

Hi, I am in the process of migrating our windows workstations to a samba domain. Here is the problem: When creating the domain user I put every user additionalyy in the domain admin group so that he/she can copy his old files on the local profile to his new domain account. Then after this is done I put them to the domain users group but some (!) of the user the lose then access to the

I've been testing DFS roots and I'm finding that while Vista and 2008 Server clients can connect with no problems, Windows XP Pro and 2003 Server clients fail. This seems like it's the wrong way round - Samba usually has more difficulties with recent Windows versions than older ones - but I can only assume that there's some registry/policy change between the versions. If anybody