search for: dc

Hi, Well, I joined a new DC on my domain and when run "ldapcmp" it reported errors. I follow Samba wiki to Joining a Samba to an Existing Active Directory. * Comparing [DNSFOREST] context... * Objects to be compared: 18 Comparing: 'CN=Infrastructure,DC=ForestDnsZones,DC=dom,DC=city10,DC=com,DC=br' [ldap:/...

...e, and we can modify IPs for existing records, but it will not delete or add new records. Attempting to delete via the AD tools shows "Local security authority database contains an internal inconsistency". Adding a record on the command line shows: > samba-tool dns add empire chester-dc.example.com p-bats A 10.4.4.141 -U ash > Password for [CHESTER-DC\ash]: > ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR') > File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run > return self.run(*args, **kwargs...

On Mon, 19 Dec 2016 15:44:26 -0200 Vinicius Lehmann via samba <samba at lists.samba.org> wrote: > Hi, > > Well, I joined a new DC on my domain and when run "ldapcmp" it > reported errors. I follow Samba wiki to Joining a Samba to an > Existing Active Directory. > > * Comparing [DNSFOREST] context... > > * Objects to be compared: 18 > > Comparing: > 'CN=Infrastructure,DC=ForestDnsZon...

This seems to work for maxPwdAge ldapsearch -LLL -Q -s base -h ad.mydomain.tld -b dc=ad,dc=mydomain,dc=tld maxPwdAge now I just need to query a users pwdLastSetq I tried the commands above but am not getting anything. I tried looking at the ungrepped output but I don't see how to link the pwdLastSet with any user. I get a long list. I think I'm looking for dn: and a matchi...

Hi list, i removed my second DC from the domain, and now the re-join as DC hangs. the join hangs now for ca. 2 hours at the step "Committing SAM database" version: samba 4.5.0 on ubuntu 14.04 with a "strace -p " i see this: strace -p 1793 Process 1793 attached brk(0x35e18000) = 0x3...

On 29/04/2020 10:58, Olaf Dreyer via samba-technical wrote: > > I run a setup with two Samba DC (currently samba 4.12.2 on debian 10 > VMs). I started with a Windows 2003 DC but the last Windows DC has > been removed a few years ago from this setup. this is really the wrong list for this, so i have CC'ed the samba mailing list, please reply there. You say you started with Win 2...

On 29/04/2020 17:29, Olaf Dreyer wrote: > Hi Rowland, > > this is a good question. Does this listing help or answer? > > root at OMTNDC3:/usr/local/samba/private/sam.ldb.d# ls -al > total 93220 Node,CN=Schema,CN=Configuration,DC=omtn,DC=de > drwxr-x--- 2 root bind????? 4096 Apr 28 16:03 . > drwx------ 7 root root????? 4096 Apr 29 11:25 .. > -rw------- 1 root staff 30384128 Apr 29 12:46 > 'CN=CONFIGURATION,DC=OMT...

...ng the join, then after first samba startup it will start replicating objects. Actually it is not solution to the problem, it just move the problem a little bit downstream, so you can have more debug options. > Is my AD to large???? no Cheers, Denis > > > > > > root at dc2:# samba-tool drs showrepl > Default-First-Site-Name\DC2 > DSA Options: 0x00000001 > DSA object GUID: e9d31c7e-acb3-4473-823a-39b06ab9fa95 > DSA invocationId: 49a80da8-975f-49ef-834b-224b2bbf0805 > > ==== INBOUND NEIGHBORS ==== > > ERROR(runtime): DsReplicaGetInfo of type 0...

Hi Heinz, > > yes, the problem initiated after changing the primary group of all my 11034 users. > > I changed the primary group to different groups. This caused that now every user is member of the LDAP object "Domain users" > > ldapsearch -LLL -x -h dc1 -x -b "cn=domain users,cn=users,dc=example,dc=net" member | grep ^member: | wc -l > 11034 > > After this action the replication doesn't working anymore. > > Now i try to change teh primary group to "Domain users" again ... each user entry has a default pri...

lol...sorry! - The windows domain controller does run a DNS server - I joined the samba DC's to the windows DC. I used the normal command, but did get an error about the forest and domain dns. The error is: descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=fisherthompson,DC=local not found under DC=fisherthompson,DC=local descriptor_sd_propagation_recursive: DC=ForestDnsZon...

On Wed, 12 Dec 2018 16:01:52 +0100 "peter.grotz--- via samba" <samba at lists.samba.org> wrote: > Thanks Rowland for your answer. > > these are sernet-packages from their subscription. > > There are 4 DCs (all with last sernet-rpms) 2 are demoted with probs > (dc-01 and dc-02 both centos6) and 2 are running (dc-10 and dc-11 on > centos 7) > > dc-11 has all fsmo. joining with the old dc-01 and dc-02 doesn´t even > work. > > dc-01 joins but gives me this: > > Delete...

hi again, now the join finished but ... i have a high CPU load caused by a samba-process. Samba is consuming 100% of one CPU and the replication fails. Is my AD to large???? root at dc2:# samba-tool drs showrepl Default-First-Site-Name\DC2 DSA Options: 0x00000001 DSA object GUID: e9d31c7e-acb3-4473-823a-39b06ab9fa95 DSA invocationId: 49a80da8-975f-49ef-834b-224b2bbf0805 ==== INBOUND NEIGHBORS ==== ERROR(runtime): DsReplicaGetInfo of type 0 failed - (-1073610699, 'The operat...

...owland Penny via samba < samba at lists.samba.org> wrote: > On Fri, 3 Feb 2017 07:44:39 -0700 > Jeff Sadowski via samba <samba at lists.samba.org> wrote: > > > This seems to work for maxPwdAge > > > > ldapsearch -LLL -Q -s base -h ad.mydomain.tld -b > > dc=ad,dc=mydomain,dc=tld maxPwdAge > > > > now I just need to query a users pwdLastSetq > > I tried the commands above but am not getting anything. I tried > > looking at the ungrepped output but I don't see how to link the > > pwdLastSet with any user. I get a long l...

Hi Denis, yes, the problem initiated after changing the primary group of all my 11034 users. I changed the primary group to different groups. This caused that now every user is member of the LDAP object "Domain users" ldapsearch -LLL -x -h dc1 -x -b "cn=domain users,cn=users,dc=example,dc=net" member | grep ^member: | wc -l 11034 After this action the replication doesn't working anymore. Now i try to change teh primary group to "Domain users" again ... regards, heinz > you have quite a few objects (&g...

...gards, > Olaf > > Am 29.04.2020 um 18:35 schrieb Rowland penny via samba: > > > On 29/04/2020 17:29, Olaf Dreyer wrote: > > > Hi Rowland, > > > > > > this is a good question. Does this listing help or answer? > > > > > > root at OMTNDC3:/usr/local/samba/private/sam.ldb.d# ls -al > > > total 93220 Node,CN=Schema,CN=Configuration,DC=omtn,DC=de > > > drwxr-x--- 2 root bind 4096 Apr 28 16:03 . > > > drwx------ 7 root root 4096 Apr 29 11:25 .. > > > -rw------- 1 root staff 30384128 Apr 29...

...d the users to the group "domain users"automatically (attribute: member). Now i try to revert this and to rechange the primary group to 513. So i can have again a Domain users object with small number of members. Thanx heinz Am Mittwoch, 28. September 2016 18:41 CEST, Denis Cardon <dcardon at tranquil.it> schrieb: > Hi Heinz, > > > > yes, the problem initiated after changing the primary group of all my 11034 users. > > > > I changed the primary group to different groups. This caused that now every user is member of the LDAP object "Domain us...

OK, Thanks for all. Regards; On 23/07/2019 12:06, Rowland penny via samba wrote: > On 23/07/2019 16:02, Carlos via samba wrote: >> I haven't more output log, because i need join in dc in last week, >> and i "resolved"(workaround) in used samba 4.6.X -> after -> 4.8.3. >> Sorry..... > > OK, it would have been nice to have the output, this is because there > may be a bug. > > >> But, now in all Dcs samba 4.8.3 i can update for 4.1...

Hi folks, Everything is working great and I am not having any issues with the three domain controllers that I currently have set up. We are migrating from Puppet to Ansible for configuration management, and I decided to create a playbook that will do all the things necessary to set up a DC and join the domain. I have found that in the domain joining process, an error stops replication from happening, and therefore stops the join. Replication to the currently joined servers is working fine, as reported by "samba-tool drs showrepl" In the past, I extended the Samba4 schema t...

...PM, Rowland penny <rpenny at samba.org> wrote: >> >>> On 23/06/16 18:52, Jason Waters wrote: >>> >>>> lol...sorry! >>>> >>>> - The windows domain controller does run a DNS server >>>> >>>> - I joined the samba DC's to the windows DC. I used the normal >>>> command, but did get an error about the forest and domain dns. The error is: >>>> >>>> descriptor_sd_propagation_recursive: >>>> DC=DomainDnsZones,DC=fisherthompson,DC=local not found under >>>...

...ange behaviour with LDAP searches against a Samba 4 AD today, where queries for (&(objectClass=x)(|(...)(...)))" won't deliver any result, whereas queries (|(...)(...)) will function correctly. To illustrate: - --- modelnine at xdom00 ~ $ ldapsearch -H ldap://id.modelnine.org -b "dc=id,dc=modelnine,dc=org" -W -D "cn=Machine Account,cn=Users,dc=id,dc=modelnine,dc=org" "(|(distinguishedName=cn=Users,cn=Builtin,dc=id,dc=modelnine,dc=org)(distinguishedName=cn=Guests,cn=Builtin,dc=id,dc=modelnine,dc=org))" ... # LDAPv3 # base <dc=id,dc=modelnine,dc=org&g...