search for: active_directory_naming_faq

Well, finally I found the recommendations against .local here: https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ However, still, the originating wiki should AFAIK be more verbose. https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller For now it only says "Make sure that you provision the AD using a DNS domain that will not need to be changed. Samba does not suppo...

...bdomain of > > your primary domain (e.g. "ad.example.com"), and then add alternate > > UPN suffix which allows user logons to match their email addresses. > > > > In fact, this page on the Samba Wiki recommends just that: > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#My_User_Logins_Does_Not_Match_My_Email > > It wont for long ;-) > The UPN is single valued, you can only have one. > It is the logon name for the user and is composed of the users account > name, the '@' sign and a dns domain name. This dns domain must be a > domain in th...

...no reason that shouldn't work. I will join a single dummy Wondows workstations to this domain for testing. I am going through the wiki https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller. First question ... according to https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ, Using e.g. samdom.local is not recommded for several reasons. My current domain is hprs.local. So, as long as I'm starting from scratch I would like to take the opportunity to get this right. In wiki section "Using Your external Domain Name", it says I could simply use the external...

> > Not so much forgetting but not understanding ;-) - Internal DNS that responds to our services (site, moodle, etc) - ns.myinstitution.edu (registered in registro.br) - Samba DNS answering for samba stuff - addc.myinstitution.edu Maybe it's better to use SAMBA_INTERNAL instead of BIND_DLZ? On Tue, May 16, 2017 at 4:29 PM, Rowland Penny via samba < samba at lists.samba.org>

...t's a recommended best practice to choose a subdomain of your primary domain (e.g. "ad.example.com"), and then add alternate UPN suffix which allows user logons to match their email addresses. In fact, this page on the Samba Wiki recommends just that: https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#My_User_Logins_Does_Not_Match_My_Email [snip] > > I first installed libpam-winbind, and then attempted the following: > > # realm join --client-software=winbind --automatic-id-mapping=no > > ad.example.com > > What about libnss-winbind ? My mistake: I actually installed bo...

...39;t work. I will join a single dummy > Wondows workstations to this domain for testing. > > I am going through the wiki https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller. > > First question ... according to https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ, > Using e.g. samdom.local is not recommded for several reasons. My current domain > is hprs.local. So, as long as I'm starting from scratch I would like to take the > opportunity to get this right. > > In wiki section "Using Your external Domain Name", it says I could...

...NTERNAL does, > then no, using the internal dns server will not make any difference. Ok. Which ever dns server you use, it must be authoritative for the AD > domain and if required it should be a subdomain of your registered > domain, see here: > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ > #Subdomain_of_a_Domain_You_Own > > From the sound of it, you are trying to do it incorrectly, it > sounds like you are using the same dns domain name for your AD > domain as your existing dns domain, this is not likely to work. I am using subdomains for this, so much that I poste...

...ny via samba: > On Wed, 18 Jul 2018 13:49:39 +0200 > Anton Blau via samba <samba at lists.samba.org> wrote: > > Hmm, your REALM is 'SMBDOMAIN.FILE.DUCK' but your dnsdomain appears to > be just 'duck' > > Rowland > I read https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ - but I am not sure that my configuration is right. I run a private network that can only be accessed from the internet via dyndns (Webserver in dmz). Samba should be only accessed from the local network. So I gave my local (private) Network the top-level-domain "duck". My clients a...

On Wed, 30 Aug 2017 14:12:09 -0300 Flávio Silveira via samba <samba at lists.samba.org> wrote: > > > On 30/08/2017 13:16, Rowland Penny via samba wrote: > > On Wed, 30 Aug 2017 12:48:09 -0300 > > Flávio Silveira via samba <samba at lists.samba.org> wrote: > > > >> Hi Louis > >> > >> On 30/08/2017 10:28, L.P.H. van Belle via samba

...3:49:39 +0200 > > Anton Blau via samba <samba at lists.samba.org> wrote: > > > > Hmm, your REALM is 'SMBDOMAIN.FILE.DUCK' but your dnsdomain appears > > to be just 'duck' > > > > Rowland > > > I read https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ - > but I am not sure that my configuration is right. > > I run a private network that can only be accessed from the internet > via dyndns (Webserver in dmz). Samba should be only accessed from the > local network. > > So I gave my local (private) Network the top-level-domai...

...omain name (aka workgroup), or to put it another way, your netbios domain name 'DUCK' cannot be the same as your realm 'DUCK'. Is your dns domain really just 'duck' ? If so, I think you need to consider changing it. I suggest you read this: https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ You could use something like 'duck.tld', just don't use the TLD '.local' Rowland

...your primary domain (e.g. "ad.example.com"), and then add alternate > > > UPN suffix which allows user logons to match their email addresses. > > > > > > In fact, this page on the Samba Wiki recommends just that: > > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#My_User_Logins_Does_Not_Match_My_Email > > > > It wont for long ;-) > > The UPN is single valued, you can only have one. > > It is the logon name for the user and is composed of the users account > > name, the '@' sign and a dns domain name. This dns domain mu...

...line to /etc/pam.d/common-session > > session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 > > Rowland > > > As suggested I am reading https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller and https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ As Active Directory Naming seem very important, I want to do it right. My company domain is tecnopon.com.br but it is not hosted by me, it is hosted by a hosting company. After reading Active Directory Naming FAQ, if I understand what I have read, I can use ad.tecnopon.com.br and I won't n...

...>> Wondows workstations to this domain for testing. >> >> I am going through the wiki >> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller. >> >> First question ... according to >> https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ, >> Using e.g. samdom.local is not recommded for several reasons. My >> current domain >> is hprs.local. So, as long as I'm starting from scratch I would like >> to take the >> opportunity to get this right. >> >> In wiki section "Using Your exte...

On 11/06/2020 14:04, Bob Wooden via samba wrote: > In my previous AD domain, my FQDN was a non-registered (fake) domain > that has worked for years. For example "fakedomainname.intials", like > "domain.dt". This started, back in the day when we were suspose to > stop using *.local (like MS always suggested.) It worked so I never > looked back. It sounds from

On 09.07.20 18:59, Bernhard Dick via samba wrote: > Hi, > > Am 02.07.2020 um 17:23 schrieb Martin Hauptmann via samba: >> Sorry if I didn't find the right manual. >> >> I would like to set up a new Domain Controller and connect it to an >> existing Office 365 with Exchange in a way, AD-Users of a certain >> group can login and not having to login to

Am 19.07.2018 um 10:03 schrieb Rowland Penny via samba: > On Wed, 18 Jul 2018 23:21:41 +0200 > Anton Blau via samba <samba at lists.samba.org> wrote: > >> Am 18.07.2018 um 14:17 schrieb Rowland Penny via samba: >> > It is touched on here: > > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Parameter_Explanation >

On 2016.04.06, at 4:13 PM, Rowland penny <rpenny at samba.org> wrote: > > On 06/04/16 21:58, Sonic wrote: >> Would prefer to continue to use my NSD/Unbound installs for most DNS >> (if not all) services. NSD is the authoritative server for the domain, >> and Unbound is the cache/resolver that the clients connect to. I'd >> like to not disturb this setup but

...put it another way, your > netbios domain name 'DUCK' cannot be the same as your realm 'DUCK'. > > Is your dns domain really just 'duck' ? > If so, I think you need to consider changing it. > I suggest you read this: > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ > > You could use something like 'duck.tld', just don't use the TLD '.local' > O. K. Thank you. Now a new trial: samba-tool domain provision --use-rfc2307 --interactive Realm [DUCK.TLD]: DOMCON.DUCK.TLD  Domain [DOMCON]: DUCK.TLD  Server Role (dc, member, standalone...

...netbios domain name 'DUCK' cannot be the same as your realm 'DUCK'. > > > > Is your dns domain really just 'duck' ? > > If so, I think you need to consider changing it. > > I suggest you read this: > > > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ > > > > You could use something like 'duck.tld', just don't use the TLD > > '.local' > > > > O. K. Thank you. Now a new trial: > > samba-tool domain provision --use-rfc2307 --interactive > Realm [DUCK.TLD]: DOMCON.DUCK.TLD >  Domain [...