[Samba] ADUC missing msNPAllowDialin and need vpn advice for ad setup.
L.P.H. van Belle
belle at bazuin.nl
Thu Dec 14 12:43:50 UTC 2017
Hai Roy,
Thanks for the reply.
The first link, i've tried that already.
In these steps:
1.Open ADUC or dsa.msc.
2.Go to View and check option for Advanced Features.
3.Right-click the user account and go to the Attribute Editor tab.
4.Locate and select the msNPAllowDialin attribute.
5.Select edit and change the value to the desired value
Im missing msNPAllowDailin.
Tried that from a Win 7, samba domain joined, nothing.
Tried that from a Win 2008R2, Not samba domain joined, again nothing.
After adding the Dail-in tab enable on my management pc (win7) im getting:
Dail-in Page error:
Could not load the Dail-in profile for this user because: undefined errror.
And this is on every user.
The second link, i've also tried that also, but tried also some extra things.
Now the following happens, i used workaround 2.
>From the win2008R2, accessing its own, the win2008R2 AD, Dail-in tab is there, and everything looks ok.
Now i connect to the Samba AD, Dail-in tab is gone, but no errors.
Now i connect from my Win7 ( with the from 2008R2 added files to enable the dailin tab, error:
Could not load the Dail-in profile for this user because: undefined errror.
Rowland, do you know a way to validate my AD against /usr/share/samba/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt
Im really not crazy, ;-) maybe sometimes a bit, but not now ;-)
Or a nifty search/edit, this is one i cant figure out.
I suspect this is a left over from an AD error about 2 years ago.
samba-tool fixed that but i think this is a left over, just not sure about it.
So anyone any other tips?
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roy
> Eastwood via samba
> Verzonden: donderdag 14 december 2017 13:13
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] ADUC missing msNPAllowDialin and need
> vpn advice for ad setup.
>
> Louis,
> Take a look here:
> https://windowsexplored.com/2012/10/23/installing-active-direc
tory-and-all-those-other-little-tabs-in-windows-7-you-know-the-> ones-you-used-to-have-in-windows-xp/
>
> At the bottom of the page it tells you how to set the
> msNPAllowDialin attribute using Advanced Features of ADUC
> and the Attribute Editor tab despite the missing Dial-In tab.
>
> If you want to restore the Dial-In tab, the Microsoft have a
> workaround:
> https://support.microsoft.com/en-us/help/975448/the-dial-in-ta
> b-is-not-available-in-the-active-directory-users-and-com
>
> But you need access to a Windows Server 2008, which you may
> not have available.
>
> HTH,
>
> Roy
>
> > -----Original Message-----
> > From: samba [mailto:samba-bounces at lists.samba.org] On
> Behalf Of Rowland
> > Penny via samba
> > Sent: 14 December 2017 11:38
> > To: samba at lists.samba.org
> > Subject: Re: [Samba] ADUC missing msNPAllowDialin and need
> vpn advice for ad
> > setup.
> >
> > On Thu, 14 Dec 2017 12:23:43 +0100
> > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
> >
> > > Hai Rowland,
> > >
> > >
> > > Even that msNPAllowDialin is a standard attribute, its
> not in my AD
> > > anymore, at least not within the users fields. I think in
> time this
> > > disapert wil fixing things.. This setup is running and
> upgraded as of
> > > samba 4.1. but thank for that info, reading that after my lunch.
> > >
> > > If i have more questions, i'll mail again.
> > > Thanks!
> > >
> > > Greetz,
> > >
> > > Louis
> > >
> >
> > Go and have a look in:
> > /usr/share/samba/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt
> >
> > Rowland
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list