search for: 44ae

...Options: 0x00000001 DSA object GUID: b19509be-c3ee-4a58-9fc9-afd61759a23f DSA invocationId: 4f30d79d-2e9c-4235-88a1-c258b8622d23 ==== INBOUND NEIGHBORS ==== DC=DomainDnsZones,DC=ad,DC=microsult,DC=de Default-First-Site-Name\VERDANDI via RPC DSA object GUID: a03bbb51-1dca-44ae-a4d9-7aa8cb4a1ace Last attempt @ Mon May 18 20:33:36 2015 CEST was successful 0 consecutive failure(s). Last success @ Mon May 18 20:33:36 2015 CEST [...] ==== OUTBOUND NEIGHBORS ==== DC=DomainDnsZones,DC=ad,DC=microsult,DC=de Default-Fi...

Hi Marc, >> The cause is that the password change didn' reach both AD DCs, but only >> one. The other one still had the old value as could be seen by >> samba-tool ldapcmp. Restarting the DCs and waiting for a couple of >> seconds brings them back to sync and Windows logons work as they used to. >> Any idea, what I should do next time to obtain valuable output

...and took some time to figure out what happened. On my primary DC (SAMBA) I did not notice anything extraordinary. However, my secondary (VERDANDI) reported issues: root at verdandi:~# samba-tool drs showrepl Default-First-Site-Name\VERDANDI DSA Options: 0x00000001 DSA object GUID: a03bbb51-1dca-44ae-a4d9-7aa8cb4a1ace DSA invocationId: 8bdb4f85-1da2-4f5a-b9a9-e8369d202745 ==== INBOUND NEIGHBORS ==== CN=Schema,CN=Configuration,DC=ad,DC=microsult,DC=de Default-First-Site-Name\SAMBA via RPC DSA object GUID: b19509be-c3ee-4a58-9fc9-afd61759a23f Last atte...

...dy" Weisgerber naddy at mips.inka.de _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev at mindrot.org https://protect2.fireeye.com/v1/url?k=c4371812-988227ab-c4373207-0cc47adc5fce-56c2948a65834232&q=1&e=0f45e6c0-4544-44ae-af8d-3d64af881ea7&u=https%3A%2F%2Flists.mindrot.org%2Fmailman%2Flistinfo%2Fopenssh-unix-dev

In the u2f protocol, my understanding is in the normal case, the web browser seeds the keypair process with the hostname of the remote server. In the case of ssh, the hostname is probably not what I would want to do. But the u2f protocol seems to have a way to handle this. It just needs to be exposed to the user. The content of the private keyfile in ssh is generated somehow. Where is that done?