search for: eecsyorkuca

...otherwise just empty (which is the case now).? I restart the samba-ad-dc on DC and rebooted the client... no difference. > > Can you please post the smb.conf Sure.. on the dc: # Global parameters [global] ??????? netbios name = DC1 ??????? realm = AD.EECS.YORKU.CA ??????? workgroup = EECSYORKUCA ??????? dns forwarder = 130.63.94.4 ??????? server role = active directory domain controller ??????? idmap_ldb:use rfc2307 = yes ??????? interfaces = 127.0.0.1 130.63.94.66 ??????? bind interfaces only = yes [netlogon] ??????? path = /local/samba/sysvol/ad.eecs.yorku.ca/scripts ??????? read...

...domain member requires it. Do you have Unix clients ? (not talking about Samba servers here), if you don't, why are you using NFS ? > > on the dc: > > # Global parameters > [global] > ??????? netbios name = DC1 > ??????? realm = AD.EECS.YORKU.CA > ??????? workgroup = EECSYORKUCA > ??????? dns forwarder = 130.63.94.4 > ??????? server role = active directory domain controller > ??????? idmap_ldb:use rfc2307 = yes > ??????? interfaces = 127.0.0.1 130.63.94.66 > ??????? bind interfaces only = yes > > [netlogon] > ??????? path = /local/samba/sysvol/ad.ee...

...hat's why I'm doing this.? The NFS part is all working perfectly actually except for root access. >> >> on the dc: >> >> # Global parameters >> [global] >> ??????? netbios name = DC1 >> ??????? realm = AD.EECS.YORKU.CA >> ??????? workgroup = EECSYORKUCA >> ??????? dns forwarder = 130.63.94.4 >> ??????? server role = active directory domain controller >> ??????? idmap_ldb:use rfc2307 = yes >> ??????? interfaces = 127.0.0.1 130.63.94.66 >> ??????? bind interfaces only = yes >> >> [netlogon] >> ???????...

Hi. I have Samba AD configured correctly, and can mount kerberized NFS from all the CentOS 7 clients.? I'm not able to use "root" on the client even though the nfs export specifies the option: no_root_squash option. I completely understand that in order to use the "root" identity (which doesn't exist as a user in the domain) on the NFS client, this identity has to

On Thu, 19 Oct 2023 15:34:46 -0400 Jason Keltz via samba <samba at lists.samba.org> wrote: > Hi. > > I'm running the latest Samba 4.18 on our dc (Linux - Rocky 8.8), and > the clients are running the latest 4.17 (Linux - Rocky 8.8) to be > upgraded to 4.18 soon. > > I've noticed an issue for awhile that is really quite strange and > wonder if anyone has any

...st can't figure out what that is.? On the DC, I can still query all the users, groups, etc. ?? I enabled log level 3 and get: [2020/10/11 21:33:45.426469,? 3, pid=3637, effective(0, 0), real(0, 0)] ../../source3/winbindd/winbindd_pam.c:2089(winbindd_dual_pam_auth) ? [ 3635]: dual pam auth EECSYORKUCA\jas [2020/10/11 21:33:45.498701,? 1, pid=3637, effective(1004, 0), real(1004, 0)] ../../source3/libads/authdata.c:177(kerberos_return_pac) ? kinit failed for 'jas at AD.EECS.YORKU.CA' with: Preauthentication failed (-1765328360) [2020/10/11 21:33:45.498763,? 2, pid=3637, effective(0, 0),...

...be an issue.? I don't like seeing IO_TIMEOUTs. Another distracting error in the log included: [2020/10/11 22:43:29.843630,? 1, pid=969, effective(0, 0), real(0, 0)] ../../source3/libads/ldap.c:565(ads_find_dc) ? ads_find_dc: name resolution for realm 'AD.EECS.YORKU.CA' (domain 'EECSYORKUCA') failed: NT_STATUS_NO_LOGON_SERVERS ... after boot which sounds serious but it turns out if I try to authenticate before everything is up and running, that's what I get. The error makes sense but there's no "follow up" to say: "Ok ok - I found it now - Sorry to give...

...nbind(xrdp-sesman:auth): pam_get_item returned a password > Jul 29 09:33:53 brayden xrdp-sesman[1652]: > pam_winbind(xrdp-sesman:auth): Verify user 'jas' > Jul 29 09:33:53 brayden xrdp-sesman[1652]: > pam_winbind(xrdp-sesman:auth): CONFIG file: require_membership_of > 'EECSYORKUCA\hc_research' > Jul 29 09:33:53 brayden xrdp-sesman[1652]: > pam_winbind(xrdp-sesman:auth): CONFIG file: krb5_ccache_type 'KEYRING' > Jul 29 09:33:53 brayden xrdp-sesman[1652]: > pam_winbind(xrdp-sesman:auth): enabling krb5 login flag > Jul 29 09:33:53 brayden xrdp-sesma...

...>> Another distracting error in the log included: >> >> [2020/10/11 22:43:29.843630,? 1, pid=969, effective(0, 0), real(0, >> 0)] ../../source3/libads/ldap.c:565(ads_find_dc) >> ? ads_find_dc: name resolution for realm 'AD.EECS.YORKU.CA' (domain >> 'EECSYORKUCA') failed: NT_STATUS_NO_LOGON_SERVERS That make me think of dns/network problems. >> >> ... after boot which sounds serious but it turns out if I try to >> authenticate before everything is up and running, that's what I get. >> The error makes sense but there'...

I'm experimenting with smb + winbind. My host is joined to AD and I can login to my host fine using my AD credentials via SSH.?? The only issue is that I don't get a Kerberos ticket generated. In /etc/security/pam_winbind.conf I have: krb5_auth = yes krb5_ccache_type = KEYRING In /etc/krb5.conf, I also have: default_ccache_name = KEYRING:persistent:%{uid} Using wbinfo -K jas, then

...eeing IO_TIMEOUTs. > > Another distracting error in the log included: > > [2020/10/11 22:43:29.843630,? 1, pid=969, effective(0, 0), real(0, 0)] > ../../source3/libads/ldap.c:565(ads_find_dc) > ? ads_find_dc: name resolution for realm 'AD.EECS.YORKU.CA' (domain > 'EECSYORKUCA') failed: NT_STATUS_NO_LOGON_SERVERS > > ... after boot which sounds serious but it turns out if I try to > authenticate before everything is up and running, that's what I get. > The error makes sense but there's no "follow up" to say: "Ok ok - I > found...