Web lists-archives.com

Re: [Samba] ADUC missing msNPAllowDialin and need vpn advice for ad setup.




Hai Rowland,

Ok, cool, thanks for that.
Thats good to have that confirmed, the search show the same here. 

Enabled that one, and yes, i can see the msNPAllowDailin but only in attribut editor, Dail-in tab still errors. 

Reappy-ing the file :  MS-AD_Schema_2K8_R2_Attributes.txt 
Is that possible, that "should" fix the missing parts. 
I suspect a failure in the structure of the AD. ( arg..  hard to discribe what i mean in english ) 
I suspect some more parts, somewhere in 2015 i had a big ad problem, i think this is a left over. 

I looked up some thing about then, and i see i had to fix almost all my AD objects. 
That worked, everything runs fine., but i would really like my Dail-in tab working. 


Greetz, 

Louis




> -----Oorspronkelijk bericht-----
> Van: Rowland Penny [mailto:rpenny@xxxxxxxxx] 
> Verzonden: donderdag 14 december 2017 15:20
> Aan: samba@xxxxxxxxxxxxxxx
> CC: L.P.H. van Belle
> Onderwerp: Re: [Samba] ADUC missing msNPAllowDialin and need 
> vpn advice for ad setup.
> 
> On Thu, 14 Dec 2017 13:52:29 +0100
> "L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> 
> > 
> > Readin : 
> https://wiki.samba.org/index.php/Samba_AD_schema_extensions 
> > 
> > Is it an option to make an ldiff for the  msNPAllowDialin  
> and others
> > on that Dail-in Tab. Im looking at the automount example. 
> > Hints tips? 
> > 
> > 
> > Greetz, 
> > 
> > Louis
> 
> OK, I take it back, I do have 'msNPAllowDialin' in AD:
> 
> root@dc1:~# ldbsearch --cross-ncs -H 
> /var/lib/samba/private/sam.ldb -b 
> 'CN=Schema,CN=Configuration,DC=example,DC=com' -s sub 
> '(cn=msNPAllowDialin)'
> # record 1
> dn: CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC=com
> objectClass: top
> objectClass: attributeSchema
> cn: msNPAllowDialin
> instanceType: 4
> whenCreated: 20171206114944.0Z
> whenChanged: 20171206114944.0Z
> uSNCreated: 755
> attributeID: 1.2.840.113556.1.4.1119
> attributeSyntax: 2.5.5.8
> isSingleValued: TRUE
> uSNChanged: 755
> showInAdvancedViewOnly: TRUE
> adminDisplayName: msNPAllowDialin
> adminDescription: msNPAllowDialin
> oMSyntax: 1
> searchFlags: 16
> lDAPDisplayName: msNPAllowDialin
> name: msNPAllowDialin
> objectGUID: cf7b3ec9-7055-428b-826a-41a526cca483
> schemaIDGUID: db0c9085-c1f2-11d1-bbc5-0080c76670c0
> attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939
> systemOnly: FALSE
> systemFlags: 16
> objectCategory: 
> CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,DC=c
>  om
> distinguishedName: 
> CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC
>  =com
> 
> # returned 1 records
> # 1 entries
> # 0 referrals
> 
> I created an ldif:
> 
> dn: CN=sysadmin,OU=itadmin,OU=personnel,OU=People,DC=example,DC=com
> changetype: modify
> add: msNPAllowDialin
> msNPAllowDialin: TRUE
> 
> Added the ldif with:
> 
> ldbmodify --url=/var/lib/samba/private/sam.ldb msadd.ldif
> 
> I now have a user with the 'msNPAllowDialin' attribute
> 
> Rowland
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba