[Samba] ADUC missing msNPAllowDialin and need vpn advice for ad setup.

L.P.H. van Belle belle at bazuin.nl
Thu Dec 14 15:40:57 UTC 2017


Hai Rowland,

Ok, cool, thanks for that.
Thats good to have that confirmed, the search show the same here. 

Enabled that one, and yes, i can see the msNPAllowDailin but only in attribut editor, Dail-in tab still errors. 

Reappy-ing the file :  MS-AD_Schema_2K8_R2_Attributes.txt 
Is that possible, that "should" fix the missing parts. 
I suspect a failure in the structure of the AD. ( arg..  hard to discribe what i mean in english ) 
I suspect some more parts, somewhere in 2015 i had a big ad problem, i think this is a left over. 

I looked up some thing about then, and i see i had to fix almost all my AD objects. 
That worked, everything runs fine., but i would really like my Dail-in tab working. 


Greetz, 

Louis




> -----Oorspronkelijk bericht-----
> Van: Rowland Penny [mailto:rpenny at samba.org] 
> Verzonden: donderdag 14 december 2017 15:20
> Aan: samba at lists.samba.org
> CC: L.P.H. van Belle
> Onderwerp: Re: [Samba] ADUC missing msNPAllowDialin and need 
> vpn advice for ad setup.
> 
> On Thu, 14 Dec 2017 13:52:29 +0100
> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
> 
> > 
> > Readin : 
> https://wiki.samba.org/index.php/Samba_AD_schema_extensions 
> > 
> > Is it an option to make an ldiff for the  msNPAllowDialin  
> and others
> > on that Dail-in Tab. Im looking at the automount example. 
> > Hints tips? 
> > 
> > 
> > Greetz, 
> > 
> > Louis
> 
> OK, I take it back, I do have 'msNPAllowDialin' in AD:
> 
> root at dc1:~# ldbsearch --cross-ncs -H 
> /var/lib/samba/private/sam.ldb -b 
> 'CN=Schema,CN=Configuration,DC=example,DC=com' -s sub 
> '(cn=msNPAllowDialin)'
> # record 1
> dn: CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC=com
> objectClass: top
> objectClass: attributeSchema
> cn: msNPAllowDialin
> instanceType: 4
> whenCreated: 20171206114944.0Z
> whenChanged: 20171206114944.0Z
> uSNCreated: 755
> attributeID: 1.2.840.113556.1.4.1119
> attributeSyntax: 2.5.5.8
> isSingleValued: TRUE
> uSNChanged: 755
> showInAdvancedViewOnly: TRUE
> adminDisplayName: msNPAllowDialin
> adminDescription: msNPAllowDialin
> oMSyntax: 1
> searchFlags: 16
> lDAPDisplayName: msNPAllowDialin
> name: msNPAllowDialin
> objectGUID: cf7b3ec9-7055-428b-826a-41a526cca483
> schemaIDGUID: db0c9085-c1f2-11d1-bbc5-0080c76670c0
> attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939
> systemOnly: FALSE
> systemFlags: 16
> objectCategory: 
> CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,DC=c
>  om
> distinguishedName: 
> CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC
>  =com
> 
> # returned 1 records
> # 1 entries
> # 0 referrals
> 
> I created an ldif:
> 
> dn: CN=sysadmin,OU=itadmin,OU=personnel,OU=People,DC=example,DC=com
> changetype: modify
> add: msNPAllowDialin
> msNPAllowDialin: TRUE
> 
> Added the ldif with:
> 
> ldbmodify --url=/var/lib/samba/private/sam.ldb msadd.ldif
> 
> I now have a user with the 'msNPAllowDialin' attribute
> 
> Rowland
> 
> 




More information about the samba mailing list