yes, one
ldapsearch -x -h DSS_IP -b dc=server,dc=nas -D cn=admin,dc=server,dc=nas -w secret | grep sambaSID
yes, one
ldapsearch -x -h DSS_IP -b dc=server,dc=nas -D cn=admin,dc=server,dc=nas -w secret | grep sambaSID
Member
Thanks for fast reply,
I run the command with my base and get
ldap_bind: Invalid credentials (49)
than run the command exactly how you wrote and get
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxx-1203
First I think great that´s it.
But than I realize I know this sid.
So I run net getlocalsid on my LDAP server and get exactly the same sid but without
-1203.
Now I am a little confused.
Any explanation for this?
Thanks
Member
@Pi-L
Sorry for the late response.
But my system is in full productivity.
So I have to wait for the right moment to test your tip.
Now I get the right sambaSID.
How:
stop my ldap server.
set authentication to internal ldap.
shutdown the storage
plugging to another eth interface
start storage to negotiate a new sid in network
create a user in internal ldap
run ldapsearch command
ldapsearch -x -h DSS_IP -b dc=server,dc=nas -D cn=admin,dc=server,dc=nas -w secret objectclass=*
copy user entries
correct entries for my ldap
correct sid: user_sid = domain_sid+rid / rid=2*uid + 1000
put sambaDomain objectclass entry in my ldap
put user in my ldap
set authentication to external ldap.
add user to users share access
and can access my shares.
last question on moderators.
how to mark this thread as solved?
thanks
marshauzer
Posting Permissions
Reply With Quote