> On 29/11/2022, at 10:39 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: > > ? > >> On 28/11/2022 21:07, Callum MacEwan via samba wrote: >> Hello Team Samba >> I have a Debian Samba AD DC 4.13.13 and a Debian Domain member >> Everything was working fine then one day my Linux ID?s changed from UID 10000 GID 11001 to UID 3000017 and GID 100. > > Are we talking about the DC here ? > Have you added uidNumber & gidNumber attributes to AD ?Yes I am taking about DC> > If you have, uncomment (remove the '#') from '#idmap_ldb:use rfc2307 = yes', restart Samba and run 'net cache flush' >No I haven?t added uidNumber & gidNumber attributes to AD because everything was okay> >> After a little fiddling with the AD DC and Domain Memeber returned to normal so I tidy up the configs and reboot both machines. >> After the restart nothing was working and my smb.conf on the AD DC was missing a section. I rebuilt what I thought was correct >> I now have the AD DC responding normally locally but my Debian Domain member reports DC1 offline but lists users correctly with wbinfo -u but without the domain wbinfo -g responds with nothing > > Do you have only one DC ?Yes only 1 DC,> It is better if you have at least two and backup the domain with samba-tool. > > Have you run 'net ads testjoin' on the Unix domain member ?Just ran that and the response was Join is OK> > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On 28/11/2022 22:16, Callum MacEwan via samba wrote:> >> On 29/11/2022, at 10:39 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: >> >> ? >> >>> On 28/11/2022 21:07, Callum MacEwan via samba wrote: >>> Hello Team Samba >>> I have a Debian Samba AD DC 4.13.13 and a Debian Domain member >>> Everything was working fine then one day my Linux ID?s changed from UID 10000 GID 11001 to UID 3000017 and GID 100. >> >> Are we talking about the DC here ? >> Have you added uidNumber & gidNumber attributes to AD ? > Yes I am taking about DC >> >> If you have, uncomment (remove the '#') from '#idmap_ldb:use rfc2307 = yes', restart Samba and run 'net cache flush' >> > No I haven?t added uidNumber & gidNumber attributes to AD because everything was okayWell that is strange. I would expect ID numbers in the 3000000 range on the DC and '100' for Domain Users, but only on a DC. Can you clarify where you where getting those numbers. Rowland> >> >>> After a little fiddling with the AD DC and Domain Memeber returned to normal so I tidy up the configs and reboot both machines. >>> After the restart nothing was working and my smb.conf on the AD DC was missing a section. I rebuilt what I thought was correct >>> I now have the AD DC responding normally locally but my Debian Domain member reports DC1 offline but lists users correctly with wbinfo -u but without the domain wbinfo -g responds with nothing >> >> Do you have only one DC ? > > Yes only 1 DC, >> It is better if you have at least two and backup the domain with samba-tool. >> >> Have you run 'net ads testjoin' on the Unix domain member ? > Just ran that and the response was > > Join is OK >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >
I have checked all my smb.conf on the AD DC and Dom member On the AD DC wbinfo -u and -g respond normally with users and groups prefixed with Domain Starting samba with -i -d 4 reveals no obvious error it chats to DOM members The only error I saw was invalid SID (not sure if that is an error or warning ) On Dom Member wbinfo -u returns nothing but Wbinfo -g returns domain\groups as expected I have started all modules with -i -d 4 and don?t see any obvious errors wbinfo -p pings winbindd successfully wbinfo -P returns an error>checking the NETLOGON for domain[SAND] dc connection to "" failed >failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUNDAll the DNS test are good Any guidance on what to do next appreciated Thanks Callum MacEwan https://Whatson.pegasusnz.com> On 29/11/2022, at 11:17 AM, Callum MacEwan via samba <samba at lists.samba.org> wrote: > > ? >> On 29/11/2022, at 10:39 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: >> >> ? >> >>>> On 28/11/2022 21:07, Callum MacEwan via samba wrote: >>> Hello Team Samba >>> I have a Debian Samba AD DC 4.13.13 and a Debian Domain member >>> Everything was working fine then one day my Linux ID?s changed from UID 10000 GID 11001 to UID 3000017 and GID 100. >> >> Are we talking about the DC here ? >> Have you added uidNumber & gidNumber attributes to AD ? > Yes I am taking about DC >> >> If you have, uncomment (remove the '#') from '#idmap_ldb:use rfc2307 = yes', restart Samba and run 'net cache flush' >> > No I haven?t added uidNumber & gidNumber attributes to AD because everything was okay > >> >>> After a little fiddling with the AD DC and Domain Memeber returned to normal so I tidy up the configs and reboot both machines. >>> After the restart nothing was working and my smb.conf on the AD DC was missing a section. I rebuilt what I thought was correct >>> I now have the AD DC responding normally locally but my Debian Domain member reports DC1 offline but lists users correctly with wbinfo -u but without the domain wbinfo -g responds with nothing >> >> Do you have only one DC ? > > Yes only 1 DC, >> It is better if you have at least two and backup the domain with samba-tool. >> >> Have you run 'net ads testjoin' on the Unix domain member ? > Just ran that and the response was > > Join is OK >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba