[Samba] ADUC missing msNPAllowDialin and need vpn advice for ad setup.
L.P.H. van Belle
belle at bazuin.nl
Thu Dec 14 15:40:57 UTC 2017
Hai Rowland,
Ok, cool, thanks for that.
Thats good to have that confirmed, the search show the same here.
Enabled that one, and yes, i can see the msNPAllowDailin but only in attribut editor, Dail-in tab still errors.
Reappy-ing the file : MS-AD_Schema_2K8_R2_Attributes.txt
Is that possible, that "should" fix the missing parts.
I suspect a failure in the structure of the AD. ( arg.. hard to discribe what i mean in english )
I suspect some more parts, somewhere in 2015 i had a big ad problem, i think this is a left over.
I looked up some thing about then, and i see i had to fix almost all my AD objects.
That worked, everything runs fine., but i would really like my Dail-in tab working.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Rowland Penny [mailto:rpenny at samba.org]
> Verzonden: donderdag 14 december 2017 15:20
> Aan: samba at lists.samba.org
> CC: L.P.H. van Belle
> Onderwerp: Re: [Samba] ADUC missing msNPAllowDialin and need
> vpn advice for ad setup.
>
> On Thu, 14 Dec 2017 13:52:29 +0100
> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> >
> > Readin :
> https://wiki.samba.org/index.php/Samba_AD_schema_extensions
> >
> > Is it an option to make an ldiff for the msNPAllowDialin
> and others
> > on that Dail-in Tab. Im looking at the automount example.
> > Hints tips?
> >
> >
> > Greetz,
> >
> > Louis
>
> OK, I take it back, I do have 'msNPAllowDialin' in AD:
>
> root at dc1:~# ldbsearch --cross-ncs -H
> /var/lib/samba/private/sam.ldb -b
> 'CN=Schema,CN=Configuration,DC=example,DC=com' -s sub
> '(cn=msNPAllowDialin)'
> # record 1
> dn: CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC=com
> objectClass: top
> objectClass: attributeSchema
> cn: msNPAllowDialin
> instanceType: 4
> whenCreated: 20171206114944.0Z
> whenChanged: 20171206114944.0Z
> uSNCreated: 755
> attributeID: 1.2.840.113556.1.4.1119
> attributeSyntax: 2.5.5.8
> isSingleValued: TRUE
> uSNChanged: 755
> showInAdvancedViewOnly: TRUE
> adminDisplayName: msNPAllowDialin
> adminDescription: msNPAllowDialin
> oMSyntax: 1
> searchFlags: 16
> lDAPDisplayName: msNPAllowDialin
> name: msNPAllowDialin
> objectGUID: cf7b3ec9-7055-428b-826a-41a526cca483
> schemaIDGUID: db0c9085-c1f2-11d1-bbc5-0080c76670c0
> attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939
> systemOnly: FALSE
> systemFlags: 16
> objectCategory:
> CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,DC=c
> om
> distinguishedName:
> CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC
> =com
>
> # returned 1 records
> # 1 entries
> # 0 referrals
>
> I created an ldif:
>
> dn: CN=sysadmin,OU=itadmin,OU=personnel,OU=People,DC=example,DC=com
> changetype: modify
> add: msNPAllowDialin
> msNPAllowDialin: TRUE
>
> Added the ldif with:
>
> ldbmodify --url=/var/lib/samba/private/sam.ldb msadd.ldif
>
> I now have a user with the 'msNPAllowDialin' attribute
>
> Rowland
>
>
More information about the samba
mailing list