Displaying 20 results from an estimated 91 matches for "dcname".
Did you mean:
d_name
2016 Sep 19
1
Error "Failed extended allocation RID pool operation..."
On 9/19/2016 3:15 PM, Adam Tauno Williams via samba wrote:
>> To see rid pool info run the following from a Windows command prompt.
>> dcdiag /s:DCNAME /test:ridmanager /v
>> Replace DCNAME with the dns name of your Domain Controller. I wonder
>> if OP has exhausted his RID pool. Unlikely but possible. I also see a
>> similar post on this same issue.
>> https://lists.samba.org/archive/samba/2016-April/198879.html
>
>...
2013 Feb 07
1
Samba 4 AD DC "Element not found" error in Windows 8
...und.")
Running Ubuntu Raring Ringtail / Samba 4.0.0+dfsg1-1.
All the clients are Windows 8, I'm logged on as the domain
administrator, and all machine clocks are NTP synced.
Thanks,
Nick
$> cat /etc/samba/smb.conf
[global]
workgroup = CORP
realm = CORP.DOMAIN.COM
netbios name = DCNAME
server role = active directory domain controller
allow dns updates = True
dns forwarder = 192.168.0.1
server services = +smb -s3fs
dcerpc endpoint servers = +winreg +srvsvc
[netlogon]
path = /var/lib/samba/sysvol/corp.domain.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol...
2016 Aug 30
2
set UPN / SPN from samba-tool.
...count.
>
> Even Squids own page tells you to use a computer account:
>
> http://wiki.squid-cache.org/ConfigExamples/Authenticate/
> WindowsActiveDirectory
>
> Rowland
>
>
> Hi Rowland,
As DNS back end when configured to use Bind+DLZ is authenticating DNS user
(dns-<DCname>) using SPN, as this user do not have objectclass "computer"
set, I would say we can create user which are not computer with SPN. Don't
you agree?
2014 Sep 23
3
Samba3 on multiple networks, how to make it hand out the correct IP?
Hi,
My Samba 4.1.x server is connected to two networks, one in the 192.168.*
range (wired) and one in the 10.* range (wifi). The clients on either
network normally cannot reach each other.
I noticed Samba hands out (eg: for dcname.company.net) it's IP's from both
ranges to clients on both sides. So the 192.168.* clients get two A records:
192.168.1.1 & 10.0.0.2.
I noticed that, because of this current behavior, domain logins (well, time
between login & until the user sees a desktop) have an extra delay of mo...
2005 Feb 01
1
smbd/sesssetup.c:reply_spnego_kerberos(173) Failedtoverify incoming ticket!
One thing to rule out is that there is a clock difference of greater
than 5 minutes between Samba Domain Member and the DCs. Make sure that
you Samba Domain Member clock has approximately the same time as the DC.
You can do net time set -S dcname/dcip.
-Marc
> -----Original Message-----
> From: joysn@gmx.net [mailto:joysn@gmx.net]
> Sent: Tuesday, February 01, 2005 2:19 PM
> To: Ryan Frantz
> Cc: samba@lists.samba.org
> Subject: Re: [Samba] smbd/sesssetup.c:reply_spnego_kerberos(173)
> Failedtoverify incoming ticket...
2018 Jan 18
5
Changing expired Samba AD password during Windows login
...t PC. I'm
running on Ubuntu 16.04.3 and had to compile from source Samba 4.7.4
after compiling from source krb5 1.15.2. All other build dependencies
came from default Ubuntu 16.04.3 repos
smb.conf
# Global parameters
[global]
dns forwarder = xxx.xxx.xxx.xxx
netbios name = DCNAME
realm = DOMAINNAME.DOMAIN.COM
server role = active directory domain controller
workgroup = DOMAINNAME
idmap_ldb:use rfc2307 = yes
log level = 5
[netlogon]
path =
/usr/local/samba/var/locks/sysvol/domainname.domain.com/scripts
read on...
2008 Sep 03
0
Winbind + Win2003 ADS + Trusted Domain Issue
...)
connection_ok: Connection to for domain ABC has NULL cli!
[2008/09/03 11:10:56, 10] nsswitch/winbindd_cm.c:cm_open_connection(1336)
cm_open_connection: saf_servername is PDC.ABC.ORG for domain ABC
[2008/09/03 11:10:56, 10] nsswitch/winbindd_cm.c:cm_open_connection(1366)
cm_open_connection: dcname is 'PDC.ABC.ORG' for domain ABC
[2008/09/03 11:10:56, 10]
nsswitch/winbindd_cm.c:cm_prepare_connection(654)
cm_prepare_connection: connecting to DC PDC.ABC.ORG for domain ABC
[2008/09/03 11:10:56, 5] nsswitch/winbindd_cm.c:cm_prepare_connection(733)
connecting to PDC.ABC.ORG from LINUX1...
2016 Sep 19
2
Error "Failed extended allocation RID pool operation..."
...on the
> second DC and I now have a 'rIDNextRID' attribute on the second DC
> with, has expected, a different range, but it doesn't replicate (again
> as expected).
>
> Rowland
>
>
To see rid pool info run the following from a Windows command prompt.
dcdiag /s:DCNAME /test:ridmanager /v
Replace DCNAME with the dns name of your Domain Controller. I wonder if
OP has exhausted his RID pool. Unlikely but possible. I also see a
similar post on this same issue.
https://lists.samba.org/archive/samba/2016-April/198879.html
--
-James
2015 Oct 07
3
gpo failure
Am 07.10.2015 um 12:00 schrieb mourik jan c heupink:
> I have defined two Default Domain Policies, confirmed by the settings
> tab in the Group Policy Management editor:
>
> 1st - computer config, policies, windows settings, scripts, shutdown
> 2nd - user configuration, preferences, windows settings, drive maps
>
> Unless these two happen to be policies that do NOT need a
2019 Sep 18
2
Sync UID/GUI between two DCs
...tes from the following
> users (if set):
>
> administrator
> guest
> krbtgt
Administrator has a uidNumber since long time and owns some files. Are
there disadvantages if I leave his uidNumber?
>
> If you are using Bind9, then you will also have users in this format:
> dns-dcname, if so do the same for these users.
>
> you should also remove gidNumber attributes from these groups:
>
> cert publishers
> ras and ias servers
> allowed rodc password replication group
> denied rodc password replication group
> dnsadmins
> enterprise read-only domain co...
2007 Dec 07
2
getent passwd not adding users
...39;s the smb.conf
Quote:
[global]
idmap gid = 60000-90000
winbind trusted domains only = yes
encrypt passwords = yes
show add printer wizard = No
winbind use default domain = Yes
realm = <domain>
netbios name = <servername>
printing = cups
idmap uid = 10000-50000
password server = <dcname>
workgroup = <domain>
os level = 20
printcap name = cups
security = domain
winbind separator = \
disable spoolss = Yes
winbind enum groups = yes
winbind enum users = yes
My nsswitch.conf has the following;
Quote:
passwd: files winbind
shadow: files
group: files winbind
wbinfo -u and...
2015 Oct 06
5
gpo failure
...been some discussion on GPO's lately, and I find myself having
a problem too. This error in logged on one of our win7 workstations:
EventData
SupportInfo1 2
SupportInfo2 1232
ProcessingMode 1
ProcessingTimeInMilliseconds 1638
ErrorCode 5
ErrorDescription Access is denied.
DCName \\dc4.samba.company.com
GPOCNName
LDAP://CN=User,CN={12B62F356-336D-14D5-896F-00C04FB984F9},CN=Policies,CN=System,DC=samba,DC=company,DC=com
FilePath
\\samba.company.com\sysvol\samba.company.com\Policies\{12B62F356-336D-14D5-896F-00C04FB984F9}\User\registry.pol
Taking a look at the DC&...
2015 Oct 19
2
samba-tool and --kerberos
...39;
commands.
Use 'net help rap' to get more extensive information about 'net rap'
commands.
....
m707:~# net rpc service list -S m707 --kerberos yes
Usage: net rpc service list
Only "--kerberos=yes" seems to work:
m707:~# *net rpc service list --kerberos=yes -S <DCname>*
Spooler "Print Spooler"
NETLOGON "Net Logon"
RemoteRegistry "Remote Registry Service"
WINS "Windows Internet Name Service (WINS)"
I'll try to propose some modification of associated man page...
2012 Oct 25
3
Restricting DC Roles?
I have a small AD forest of two Windows 2008 R2 domain controllers. I would
like to add a Samba 4 DC to this forest. After running into some problems
with group policies, I realized that Samba 4 does not currently implement
file replication. I would like to have the Samba 4 domain controller
replicate user/computer schema with the Windows machines, but I would like
for DNS and group policy
2015 Nov 01
2
[PATCH] Re: Samba 4.1.17 classic update w/LDAP - parsing error
On Sat, 2015-10-31 at 10:45 +0000, Rowland Penny wrote:
> On 31/10/15 08:51, Andrew Bartlett wrote:
> > On Wed, 2015-10-28 at 14:35 +0100, Mgr. Peter Tuharsky wrote:
> > > Hallo,
> > >
> > > I have two news. The first one: the patch probably works. Second:
> > > there
> > > is another bug.
> > >
> > > When I encountered the
2016 Mar 03
3
AD, multiple DC, some DC without DNS at all
Hi all,
Thank you Mark for these precisions.
I did switch a DC to --dns-backend=NONE using samba-tool domain join. This
removed dns-<DCname> user for this DC and associated keytab.
We changed /etc/resolv.conf to use another DC - one with Bind running - as
nameserver.
Stopping there, running samba_dnsupdate gave error "NOTAUTH".
As we want our DC being able to push into DNS database some changes (when
we move our DC from...
2019 May 30
1
domain won't go online
...d_cm.c:1305(cm_prepare_connection)
Failed to prepare SMB connection to SCSFOO402.foo.corp.example.com: NT_STATUS_LOGON_FAILURE
[2019/05/30 09:34:10.372293, 10, pid=1606, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd_cm.c:1945(cm_open_connection)
cm_open_connection: dcname is 'SCSFOO402.foo.corp.example.com' for domain FOO
[2019/05/30 09:34:10.634865, 10, pid=1606, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd_cm.c:1432(dcip_check_name)
dcip_check_name: flags = 0xf1fc
[2019/05/30 09:34:10.635006, 10, pid=1606, effective(0, 0),...
2018 Jan 18
1
Changing expired Samba AD password during Windows login
...1.15.2. All other build dependencies came from default Ubuntu
>> 16.04.3 repos
>>
>> smb.conf
>>
>> # Global parameters
>> [global]
>> dns forwarder = xxx.xxx.xxx.xxx
>> netbios name = DCNAME
>> realm = DOMAINNAME.DOMAIN.COM
>> <http://DOMAINNAME.DOMAIN.COM>
>> server role = active directory domain controller
>> workgroup = DOMAINNAME
>> idmap_ldb:use rfc2307 = yes
>>
>&g...
2015 Oct 26
2
DC replacement and DNS issue
Hey,
Thank you Louis for this script, I didn't yet took time to dig in but I'll
do.
I didn't took time neither to perform another test. That should be done
today.
Anyway I waited for DC synchronisation before posting. I joined my DC and
removed the old ones almost at same time then I gave more than 12 hours to
my DC to synchronize. Then I tried to understand what happened, I wrote
2016 Mar 03
1
AD, multiple DC, some DC without DNS at all
...52 GMT+01:00 Rowland penny <rpenny at samba.org>:
> On 03/03/16 09:31, mathias dufresne wrote:
>
>> Hi all,
>>
>> Thank you Mark for these precisions.
>>
>> I did switch a DC to --dns-backend=NONE using samba-tool domain join. This
>> removed dns-<DCname> user for this DC and associated keytab.
>>
>> We changed /etc/resolv.conf to use another DC - one with Bind running - as
>> nameserver.
>>
>> Stopping there, running samba_dnsupdate gave error "NOTAUTH".
>>
>> As we want our DC being able to p...