[Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable

Fri Aug 29 12:33:37 MDT 2014

Hi Rowland,

ok, but the dhcpduser only works with your script when i get it via getent passwd. Otherwise i get the exit 256 message. With enumerate = true now i see the users via getent passwd. Your script 
is now also functional again. But:

1)
is it correct that it shows the users without the domain? Or do i still have a mistake in my configs?

getent passwd for my two domain users:

dhcpduser:*:3000021:20513:dhcpduser:/:
markus:*:3000022:20513:markus:/:

and
2)
is it also correct that i have to manual add the gidNumber and uidNumber again for the new user markus and that i have to clean the sssd cache and restart the sssd daemon?

Gesendet: Freitag, 29. August 2014 um 20:08 Uhr
Von: "Rowland Penny" <rowlandpenny at googlemail.com>
An: Kein Empfänger
Cc: samba at lists.samba.org
Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
On 29/08/14 18:59, Markus Roth wrote:
> Hi Rowland,
>
> i wouldn't use the dhcpduser as a normal user. But when i'd like to use your dhcp-script with sssd i thougt i take this one, because when i would see the dhcpduser with getent passwd your script is
> working again.
All the 'dhcpduser' is for, is to get a keytab, it doesn't need a
Uidnumber, please create a separate new user to 'play' with. ;-)
> i know that with the posixaccounts from the samba wiki yesterday, but i'm hopless know and thougt i try it...
> I set enumerate = false in the [domain/winnet.local] section, stop sssd, delete the sssd-cache and start sssd. Unfortunately the same problem :-(
Well you will have, 'enumerate = false' stops sssd listing the users
en-mass, so you will not get any domain users from AD from 'getent
passwd' but you will get a users details from 'getent passwd <username>'

If you want getent to list all domain users, change 'enumerate = false'
to 'enumerate = true'

Rowland

>
> should i post my configs again? Or could it be that the problem occurs from my centos7? I installed sssd with the packet manager yum. In this case it also installed separate samba4-libs.
> Is this a problem?
>
>
>> Hi, two things, you created 'dhcpduser' as the user for my Bind9/DHCP
>> update script and as such, this user should never be used as a normal
>> user, secondly you do not need the 'posixAccount' objectClass.
>>
>>
>>
>> Have you got enumeration turned off in sssd.conf ?
>>
>> Rowland
>>
>> Gesendet: Freitag, 29. August 2014 um 09:28 Uhr
>> Von: steve <steve at steve-ss.com>
>> An: "Markus Roth" <markusroth1983 at gmx.net>
>> Cc: samba at lists.samba.org
>> Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
>> On Thu, 2014-08-28 at 23:04 +0200, Markus Roth wrote:
>>> Hi Steve,
>>>
>>> i'm sorry but i don't get the AD-Users with getent passwd :-( Do i have any mistakes?
>>>
>>> My steps:
>>> 1.)
>>> /usr/local/samba/bin/ldbedit -e vi --url=/usr/local/samba/private/sam.ldb cn=Users
>> Oh dear. No.
>> Hi
>> Markus, please understand that we are trying to add gidNumber to your
>> domain group "Domain Users" (please use quotes as there is a space in
>> Domain Users).
>>> add gidNumber: 20513
>> ldbedit --url=/usr/local/samba/private/sam.ldb cn="Domain Users"
>>
>> Now, go back and remoce gidNumber from Users and add it to Doamin Users
>> instead.
>>
>> Now it will work. . .
>> HTH,
>> Steve
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba[https://lists.samba.org/mailman/options/samba][https://lists.samba.org/mailman/options/samba[https://lists.samba.org/mailman/options/samba]]

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba[https://lists.samba.org/mailman/options/samba]