search for: existing_active_directory

...mailbox.org> wrote: > > > > > OK, maybe this is something which should be mentioned in the wiki. The > > reason I got to this was that I wanted to try sysvol replication. The > > wiki mentions at > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory > > you should i.e. copy idmap.ldb from the first DC to the new DC and > > then run "samba-tool ntacl sysvolreset". > > > > Is this instruction still valid? > > The problem with sysvolcheck & sysvolreset is they have never used the > Owner, group and A...

On Fri, 16 Dec 2016 10:10:51 +0100 "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > Hai, > > You need to use samba-tool to join the DC. > > The info can be found here : > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory > > I am not sure that the OP is trying to join a DC, but if he is, then Louis is correct, otherwise, is everything setup correctly? Especially, does the machine that is trying to join the domain use the DC as its nameserver ? Rowland

...> I now have a Osync set up (much easier IMO), but the permissions are > > still not quite right, bringing me back to my idmap syncing question. > > > > Kind regards > > There are instructions here: > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory#Built-in_Groups_GID_Mappings > > Hi Rowland, I followed that howto > I copied the idmap.tdb.bak from dc1 to dc2 and restarted samba on dc2, but a getfacl on the sysvol directory gives me the wrong mappings. My issue is with AD groups on the permissions of the Policies Should I make a ni...

...lists.samba.org On Fri, 16 Dec 2016 10:10:51 +0100 "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > Hai, > > You need to use samba-tool to join the DC. > > The info can be found here : > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ Existing_Active_Directory > > I am not sure that the OP is trying to join a DC, but if he is, then Louis is correct, otherwise, is everything setup correctly? Especially, does the machine that is trying to join the domain use the DC as its nameserver ? Rowland -- To unsubscribe from this list go to the following UR...

...51 +0100 > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > > > Hai, > > > > You need to use samba-tool to join the DC. > > > > The info can be found here : > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory > > > > > > I am not sure that the OP is trying to join a DC, but if he is, then > Louis is correct, otherwise, is everything setup correctly? Especially, > does the machine that is trying to join the domain use the DC as its > nameserver ? > > Rowland > >...

...lists.samba.org> wrote: > Hello, > > I am trying to use Samba in version 4.7.0 as a replication of an Active > Directory running on Windows 2012-R2. > > For that, I execute the process described on this page: > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory > > When I run the command to join the domain controller, samba-tool returns > the following error: > DsAddEntry failed with status WERR_ACCESS_DENIED info (8567, > 'WERR_DS_INCOMPATIBLE_VERSION') > > I read the documentation that specifies which version of Samba is &gt...

...an AD before this thing landed in my lap, much less a Samba AD :) On 30 November 2017 at 15:45, Rowland Penny via samba <samba at lists.samba.org > wrote: > > > Basically, I followd this set of instructions: > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory > > I have run into several problems. > > > > 1. The new DCs were not automatically added to the master zone A > > record, i.e. "host -t A samdom.example.com localhost" would only > > return the original host. all of the other records (including GUIDS) &g...

Interesting... How do I go about getting them/keeping them in sync? On Fri, Dec 15, 2017 at 11:47 AM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Fri, 15 Dec 2017 11:09:38 -0600 > Taylor Hammerling via samba <samba at lists.samba.org> wrote: > > > This isn't necessarily an issue (I don't think) but more so a > > curiosity. > >

On 22 November 2017 at 17:45, Rowland Penny <rpenny at samba.org> wrote: > On Wed, 22 Nov 2017 16:01:17 +0200 > Ian Coetzee via samba <samba at lists.samba.org> wrote: > > > Hi Guys, > > > > I have run into a very interesting problem using GPO's on our DC's. > > > > As you may (or may not) know, we have migrated to a pure Samba4 (Git >

...irst year or two ;-) > > On 30 November 2017 at 15:45, Rowland Penny via samba > <samba at lists.samba.org > > wrote: > > > > > > Basically, I followd this set of instructions: > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > > Existing_Active_Directory > > > I have run into several problems. > > > > > > 1. The new DCs were not automatically added to the master zone > > > A record, i.e. "host -t A samdom.example.com localhost" would only > > > return the original host. all of the other rec...

...lague me in the future - so I decided to migrate to a new AD server instead. I created a new Ubuntu 14.04 server, installed latest updates, (Samba 4.3.11) and tried to join it as a DC to the existing "domain", following this howto https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory It appeared to join fine - did give Warning: No NC replicated for Connection!, but everything else appeared normal - INBOUND and OUTBOUND neighbors show successful, 0 failures - however - the only thing which appeared to have replicated is the DNS. I can go into DNS manager from a windows box, and...

...ldn't, they are both borked. > > Just do administration from Windows OK, maybe this is something which should be mentioned in the wiki. The reason I got to this was that I wanted to try sysvol replication. The wiki mentions at https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory you should i.e. copy idmap.ldb from the first DC to the new DC and then run "samba-tool ntacl sysvolreset". Is this instruction still valid? > > S-1-5-32-544 is the Administrator group, which is a builtin group. I > > No, it is the 'Administrators' group Yes, of...

...rote: > On Fri, 15 Dec 2017 11:56:25 -0600 > Taylor Hammerling <thammerling at tcsbasys.com> wrote: > > > Interesting... How do I go about getting them/keeping them in sync? > > > > see here: > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory#Built-in_Groups_GID_Mappings > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- *Taylor Hammerling* | *IT Manager* 2800 Laura Lane | Middleton, WI 53562 *O *(608) 669-9...

...f them get it wrong ;-) > In this instance, it is mostly correct, just one thing jumps out. > Adding the 'winbind' lines to smb.conf is pointless, they do nothing on > a DC. > > I suggest you read this: > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_ > Existing_Active_Directory > > > > > - samba-tool drs showrepl on the old, existing DC (yes, it's named > > pdc) > > Yes and it shouldn't be ;-) > > I would wait until tomorrow, download 18.04 and then use this, it will > get you Samba 4.7.6 and this should fix your problem. &gt...

Hi! I want to get down to the root cause of the issue I am having with my new DC in my domain. I have followed some tutorials on the internet and basically do not get the results. I have 1 old DC, that is providing the AD domain for the whole local network. I wanted to add another one. Both are Ubuntus 16.04, fully updated. I have followed this

...xtra ADs to a setup I inherited. Originally there was a single Samba AD with BIND9_DLS config. DHCP was separate. Subsequently I installed Samba on two Raspberry Pis to act as backup servers. Basically, I followd this set of instructions: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory I have run into several problems. 1. The new DCs were not automatically added to the master zone A record, i.e. "host -t A samdom.example.com localhost" would only return the original host. all of the other records (including GUIDS) were inserted fine. I ended up adding the...

Hello, I am trying to use Samba in version 4.7.0 as a replication of an Active Directory running on Windows 2012-R2. For that, I execute the process described on this page: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory When I run the command to join the domain controller, samba-tool returns the following error: DsAddEntry failed with status WERR_ACCESS_DENIED info (8567, 'WERR_DS_INCOMPATIBLE_VERSION') I read the documentation that specifies which version of Samba is compatible with the version of the A...