search for: brandlilaw

I'm not able to access a samba file server that I recently created and joined to a domain. I have two domains with an external trust: BRANDLILAW and BRANDLI. The server is joined to BRANDLILAW. I am trying to access it from a user on the BRANDLI domain. This worked with the prior server that the new server is replacing. All domain controllers and the server are Debian backports (21.3). The user can access a Windows 10 machine also join...

More: users on the BRANDLILAW domain can access the share, but it's incredibly slow. In addition, smbd logs these errors repeatedly: Feb 16 18:49:06 roberts smbd[136]: check_account: Failed to convert SID S-1-5-21-2136821272-1111453333-1140905514-1601 to a UID (dom_user[BRANDLILAW\admin-fh$]) Feb 16 18:49:06 roberts smb...

...g up. When I took out the "idmap config ad" entries for the trusted domain, the server acted normally (for the local domain users of course). I want to fix the trust so that the trusted domain's users can also access this server among other things. Config: Two domains, BRANDLI and BRANDLILAW. Both report the trust between them. samba-tool domain trust validate from a BRANDLI dc using the full domain names (domain.brandlilaw.com) works. Using just brandlilaw does not; same error as #4 attached. Validate from BRANDLILAW segfaults (earlier email). Note that these dc's are all upg...

I think it's best that I don't put this into the bug system. I'm too removed from the development process, and I don't have the time to build a debug version. Not sure how helpful this will be. Got the following segfault. There are two domains: domain.brandlilaw.com and domain.brandli.com. There is an external trust between them. There were, at one time, 2-4 domain controllers for each domain running buster. I upgraded domain.brandli.com a week ago and just upgraded domain.brandlilaw.com now, all 21.3. brandli.com has two domain controllers: minister1...

...I gather it does not look at the "search" records in resolv.conf, but I don't know. I've set "dns resolver" in samba.conf. resolv.conf (.8 is the local server) nameserver 10.65.187.8 options edns0 trust-ad search domain.brandli.com internal.brandli.com search domain.brandlilaw.com internal.brandlilaw.com search brandli.com brandlilaw.com nsswitch.conf had "hosts: files myhostname resolve [!UNAVAIL=return] dns" but I changed it to "hosts: files dns" just in case. Still getting the dnsupdate_nameupdate error. Steve -----Original Message----- From:...

On Mon, 17 Feb 2025 03:09:45 +0000 Stephen Brandli via samba <samba at lists.samba.org> wrote: > More: users on the BRANDLILAW domain can access the share, but it's > incredibly slow. In addition, smbd logs these errors repeatedly: > > Feb 16 18:49:06 roberts smbd[136]: check_account: Failed to convert > SID S-1-5-21-2136821272-1111453333-1140905514-1601 to a UID > (dom_user[BRANDLILAW\admin-fh$]) Fe...

It was systemd-resolved. I disabled that. Now samba is binding to the port. But I'm still getting the dnsupdate failure. And, I can't ping anything. I get the "unknown host or service" error. So names are not getting resolved on the machine. I have to admit to complete ignorance about how this part of linux works. When running systemd-networkd, what normally does name