Web lists-archives.com

Re: [Samba] Primary group is 0 and contains 0 supplementary groups




Bingo!!!! :D

After putting the option "ntlm auth = mschapv2-and-ntlmv2-only" it was
possible to join the controller to our samba4 AD.

Thank you Rowland and Louis!!! As I said before, you guys do a great job
here on the list. God bless them!

On Tue, Mar 20, 2018 at 7:38 AM, L.P.H. van Belle via samba <
samba@xxxxxxxxxxxxxxx> wrote:

> You could try the setting.
>
> ntlm auth = mschapv2-and-ntlmv2-only
>
> From man smb.conf
> The available settings are:
>
>                   ·   ntlmv1-permitted (alias yes) - Allow NTLMv1 and
> above for all clients.
>                   ·   ntlmv2-only (alias no) - Do not allow NTLMv1 to be
> used, but permit NTLMv2.
>                   ·   mschapv2-and-ntlmv2-only - Only allow NTLMv1 when
> the client promises that it is providing MSCHAPv2 authentication (such as
> the ntlm_auth tool).
>                   ·   disabled - Do not accept NTLM (or LanMan)
> authentication of any level, nor permit NTLM password changes.
>
> Greetz,
>
> Louis
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens
> > Rowland Penny via samba
> > Verzonden: dinsdag 20 maart 2018 8:58
> > Aan: samba@xxxxxxxxxxxxxxx
> > Onderwerp: Re: [Samba] Primary group is 0 and contains 0
> > supplementary groups
> >
> > On Mon, 19 Mar 2018 20:35:42 -0300
> > Elias Pereira via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >
> > > >
> > > > It might help if you told us how Extreme advised you to configure
> > > > it.
> > >
> > >
> > >
> > https://gtacknowledge.extremenetworks.com/articles/How_To/How-
> > to-set-internal-RADIUS-server-on-WiNG-with-LDAP-based-authentication
> > >
> >
> > After reading this 'Under Server Policy find section
> > Authentication and
> > set Default Source = LDAP  and Authentication Type = PEAP-MS-CHAPv2'
> >
> > I think I understand the problem, try adding this to the Samba AD DC:
> >
> > ntlm auth = yes
> >
> > If this works, then you now have a system that is using NTLMv1
> >
> > Rowland
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



-- 
Elias Pereira
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba