Displaying 20 results from an estimated 20 matches for "netdirect".
Did you mean:
jetdirect
2013 Nov 20
0
RODC DNS oddness
I just checked the SOA records on my samba DCs and noticed a few oddities:
michael at sles-bree:~> for i in ad{1..4} sles-bree sles-shire; do host -t
soa main.adlab.netdirect.ca $i | grep SOA; done
main.adlab.netdirect.ca has SOA record ad1.main.adlab.netdirect.ca.
hostmaster.main.adlab.netdirect.ca. 177 900 600 86400 3600
main.adlab.netdirect.ca has SOA record ad2.main.adlab.netdirect.ca.
hostmaster.main.adlab.netdirect.ca. 176 900 600 86400 3600
main.adlab.netdirect...
2013 Nov 05
2
Unable to join samba4 to AD as a DC
Hello,
I'm trying to get samba4 up and running as a DC in a lab environment.
I have a freshly installed AD environment (W2012R2 servers, W2008R2
functional level) and I'm trying to join samba4 to it as a domain
controller.
When I try, I get this:
# samba-tool domain join ad.netdirect.ca DC -Uadministrator
--realm=AD.NETDIRECT.CA -W AD
Finding a writeable DC for domain 'ad.netdirect.ca'
Found DC AD2.ad.netdirect.ca
Password for [AD\administrator]:
workgroup is AD
realm is ad.netdirect.ca
checking sAMAccountName
Adding CN=SAMBA1,OU=Domain Controllers,DC=ad,DC=netdirect,D...
2013 Nov 18
1
samba4.1 RODC with BIND as DNS backend
..., further to my previous message I've configured BIND, but when I try
to run samba_dnsupdate I get the following:
Nov 18 16:19:23 sles-shire named[6112]: samba b9_putrr: unhandled record
type 0
Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: starting transaction
on zone _msdcs.main.adlab.netdirect.ca
Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: disallowing update of
signer=SLES-SHIRE\$\@MAIN.ADLAB.NETDIRECT.CA
name=gc._msdcs.main.adlab.netdirect.ca type=A error=insufficient access
rights
Nov 18 16:19:24 sles-shire named[6112]: client 10.0.3.11#33090/key
SLES-SHIRE\$\@MAIN.ADLAB.NET...
2013 Nov 28
1
Replicating failing after installing RODC
We've joined an RODC to the domain (Windows 2008R2 running a W2003
FFL/DFL AD) but are getting these errors on first startup.
It was joined with:
samba-tool domain join main.adlab.netdirect.ca RODC
--realm=main.adlab.netdirect.ca
--username=administrator at main.adlab.netdirect.ca --dns-backend=BIND9_DLZ
but we get these errors right after startup:
Nov 28 12:35:27 sles-bree samba[3939]: [2013/11/28 12:35:27.824986, 0]
../source4/dsdb/repl/replicated_objects.c:783(dsdb_replicated_o...
2013 Nov 20
1
No neighbors in 'drs showrepl'
...a641b0-d418-4c74-a4fa-c15b852467b8
DSA invocationId: 1017ff29-756c-4777-b395-b481f4b5387c
==== INBOUND NEIGHBORS ====
==== OUTBOUND NEIGHBORS ====
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: 03f0970a-df52-4b65-952d-06c5954559f7
Enabled : TRUE
Server DNS name : AD4.main.adlab.netdirect.ca
Server DN name : CN=NTDS
Settings,CN=AD4,CN=Servers,CN=Shire,CN=Sites,CN=Configuration,DC=main,DC=adlab,DC=netdirect,DC=ca
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: 15c600f8-e8c0-4a4f-9594-5b98cdcba240
Enabled : TRUE
Server D...
2013 Nov 20
0
Error using password cached on a samba4 RODC
OK! I'm getting farther and farther! :)
I've managed to preload user and computer passwords onto a samba RODC:
*sles-shire:/var/lib/samba/sysvol # samba-tool rodc preload
'win7-shire$' --server main.adlab.netdirect.ca**
*Replicating DN
CN=WIN7-SHIRE,CN=Computers,DC=main,DC=adlab,DC=netdirect,DC=ca
Exop on[CN=WIN7-SHIRE,CN=Computers,DC=main,DC=adlab,DC=netdirect,DC=ca]
objects[1] linked_values[2]
*sles-shire:/var/lib/samba/sysvol # samba-tool rodc preload
'win7-shire-2$' --server main.adlab.netdirec...
2013 Nov 18
1
Samba 4.1 acting as RODC, how to fix TSIG and configure DNS?
...fy failure
[2013/11/18 13:22:37.416396, 0]
../lib/util/util_runcmd.c:317(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: update failed: REFUSED
Complete output from samba_dnsupdate --verbose --all-names is here:
http://paste.ubuntu.com/6438840/
...
Calling nsupdate for A sles-bree.main.adlab.netdirect.ca 10.0.2.11
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
sles-bree.main.adlab.netdirect.ca. 900 IN A 10.0.2.11
Calling nsupdate for A gc._msdcs.main.adlab.netdirect.ca 10.0.2.11...
2014 Jan 26
1
Configuring RHEL6 Samba4 DC for local accounts
...bindpw "penguin5t0ry"
pam_password md5
uri ldap://ad.example.com
ssl no
tls_cacertdir /etc/openldap/cacerts
tls_checkpeer no
Doing a search from the command line works:
$ ldapsearch -x -H ldap://ad.example.com -D 'CN=Unix LDAP,OU=Service
Accounts,DC=ad,DC=example,DC=com' -W cn=netdirect uidNumber gidNumber cn
unixHomeDirectory
Enter LDAP Password:
# netdirect, Staff, ad.example.com
dn: CN=netdirect,OU=Staff,DC=ad,DC=example,DC=com
cn: netdirect
uidNumber: 500
unixHomeDirectory: /net/server1/home/netdirect
gidNumber: 500
but things just aren't working - PAM isn't looking...
2013 Nov 28
1
Enabling NIS after samba4 installation
I'm testing out our samba 4 migration process and when the initial
forest/domain was created, it was created without using --use-rfc2307:
sudo samba-tool domain provision --domain netdirect
--function-level=2008_R2 --realm=ad.netdirect.ca
Now that it's in place and we have machines joined, what do I need to do
to add the unix attribute and NIS maps to an existing samba4 domain so
that we can use the rfc2307 features?
M.
--
Michael Brown | `One of the main caus...
2014 Jan 16
1
userPrincipalName question
Hi all,
We're still experimenting with the samba3 -> samba4 upgrade. Lot's of
nice progression. :-)
ANyway: my question is how to deal with the userPrincipalName AD field.
The classicupgrade does not fill this field. Reading up on it, tells me
that it appears to be required, and should be something like
username at samba4.domain
Is this correct? How do you generally deal with
2013 Nov 19
1
Prepopulate *all* users to a samba4 RODC
I was hoping this would be simpler. I'd like to prepopulate an RODC with
all users accounts that are permitted. But I can only pre-populate one
at a time:
samba-tool rodc preload (<SID>|<DN>|<accountname>)
sles-shire:~ # samba-tool group listmembers 'Allowed RODC Password
Replication Group - Shire'
Allowed RODC Password Replication Group - Global
WIN7-SHIRE$
bilbo
2013 Dec 11
2
Using samba4 with AD and rfc2307 - what are the *current* practices?
I would like to get samba4 working with AD and rfc2307 attributes, while
allowing the nice remote management available via samba4.
Using sernet-samba packages on 4.1.3-7.el6.x86_64 CentOS 6.
I have samba4 configured as follows:
krb5.conf:
[libdefaults]
default_realm = MAIN.ADLAB.NETDIRECT.CA
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
smb.conf was partially generated by authconfig and is:
[global]
#--authconfig--start-line--
# Generated by authconfig on 2013/12/11 13:33:41
# DO NOT EDIT THIS SECTION (delimited by --sta...
2014 Feb 15
2
Samba 4.1.4 nsswitch/winbind issues
The two domain controllers (Debian) and the member server (CentOS) are all
running Samba 4.1.4 from the sernet packages. The member server I am
testing from was fully patched as of this morning.
Things that work:
- wbinfo -u
- wbifno -g
- getent group {ad_group}
Things that don't work:
- getent passwd {any_ad_user}
- getent group
- getent passwd
I jacked up the winbindd
2014 Feb 04
1
Creating samba4/AD users from ADUC
We have a couple Samba4 AD domains we've implemented and I've noticed a
difference between how users look when created via ADUC versus samba-tool.
Created via ADUC, the following extra attributes are added:
msSFU30Name: bilbo
msSFU30NisDomain: netdirect
unixHomeDirectory: /home/bilbo
unixUserPassword: ABCD!efgh12345$67890
Created via samba-tool, the following extra attributes are added:
objectClass: posixAccount
uid: bilbo
(hey, why can't I tell samba-tool to give the user a unixHomeDirectory :( )
In my ldap.conf, I'm using:
nss_map_att...
2014 Jan 14
2
classicupgrade error: User 'Administrator' does not have SID ending in 500
Oh Boy.
User 'Administrator' in your existing directory has SID
S-1-5-21-2070472328-935435760-1634736958-1000, expected it to be
S-1-5-21-2070472328-935435760-1634736958-500
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception -
ProvisioningError: User 'Administrator' in your existing directory does
not have SID ending in -500
It's not all
2002 Jul 16
9
my printers are still paused in Win2k and WinNT 4.0
Hello,
It seems that I am in printer hell once again :) I am trying to sort out
some printer problems with our UNIX server. The basic problem is this. I
have a test server to K.I.S.S the problem. On this server I have defined two
queues which are csqlis and HPfinley. csqlis seems to work correctly and
displays ready. HPfinley always reads Paused on win2k and NT40 clients. The
output of the lpq
2004 Sep 01
0
Problems with certificates .....
I diligently followed the instructions found at ....
http://lartc.org/howto/lartc.ipsec.automatic.keying.html#LARTC.IPSEC.X509
... only to have problems making it work for me.
I am trying to use ''racoon'' to make IPSec connections between various
Windows clients and a SuSE 9.1 server.
Apache2, SSL and Racoon are installed correctly, as far as I can tell.
UDP:500 is listening
2013 Nov 26
1
samba4 in AD with multiple domains
From the FAQ:
Q: Does Samba support trust relationship with AD?
A: Trusts are currently not finished implemented. Samba can be trusted,
but can't trust yet.
Does this mean that in a single-forest multiple-domain AD environment,
samba will only know about accounts in it's own domain? Or does this
statement apply to forest-forest trusts?
M.
--
Michael Brown | `One of
2014 Feb 05
1
Support for LDAP_MATCHING_RULE_IN_CHAIN in LDAP queries
I'm guessing that this is just not implemented yet:
http://msdn.microsoft.com/en-us/library/aa746475%28VS.85%29.aspx
Specifically, the LDAP_MATCHING_RULE_IN_CHAIN search modifier.
I'm trying to do a group membership search via LDAP that traverses
subgroups. Against Windows AD I'd use:
(memberof:1.2.840.113556.1.4.1941:=(cn=Group1,OU=groupsOU,DC=x))
But that doesn't work against
2023 Jan 31
1
IMAP tuning for Outlook 365
Hello,
I'm looking for advices on IMAP config tuning for best user experience
with Outlook 365.
I'm currently using dovecot 2.3.4.1 (f79e8e7e4) provided with Debian 10.
One of my users has Outlook 365 and an IMAP mailbox of large size with
several folders (more than 3GB).
From time to time as his main inbox folder is growing he can see some
problems with its Outlook application.