search for: krynn

Displaying 18 results from an estimated 18 matches for "krynn".

Did you mean: krenn
2018 May 04
1
unexplained Replication failures...?
...c and --full-sync since the start but in fact I wanted to make sure to force replication between the servers. Here is what I have noticed: - replication works from dc00 -> dc00 but not from dc01 -> dc00: [root at dc00 ~]# samba-tool drs replicate DC01 DC00 dc=ad,dc=lasthome,dc=solace,dc=krynn --sync-forced --full-sync Replicate from DC00 to DC01 was successful. [root at dc00 ~]# samba-tool drs replicate DC00 DC01 dc=ad,dc=lasthome,dc=solace,dc=krynn --sync-forced --full-sync ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync...
2018 May 03
2
unexplained Replication failures...?
...ication failures on samba 4.7.6: dc00 : is a VM on KVM host (attached to a bridge on local LAN) dc01 : is a similarly configured VM on another KVM host. I've forcibly demoted and re-promoted dc01 but I still cannot get automatic replication to work: root at dc00 ~]# samba-tool drs showrepl Krynn\DC00 DSA Options: 0x00000001 DSA object GUID: 204cb904-754b-4457-af09-9347f8714006 DSA invocationId: b72fc409-bf9a-45e2-a623-0e668386536a ==== INBOUND NEIGHBORS ==== DC=ForestDnsZones,DC=ad,DC=lasthome,DC=solace,DC=krynn Krynn\DC01 via RPC DSA object GUID: 9ac5b74a-383a-...
2020 Aug 21
4
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
...Penny,CN=Users,DC=samdom,DC=example,DC=com >> dn: CN=dhcpduser,CN=Users,DC=samdom,DC=example,DC=com >> dn: CN=Administrator,CN=Users,DC=samdom,DC=example,DC=com >> >> Rowland > > You're right, this works here too: > ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D > "raistlin at ad.lasthome.solace.krynn" -b > "dc=ad,dc=lasthome,dc=solace,dc=krynn" > 'memberof:1.2.840.113556.1.4.1941:=cn=Domain > Admins,CN=Users,dc=ad,dc=lasthome,dc=solace,dc=krynn'|grep 'dn:' > Enter LDAP Password: > dn: C...
2019 Jan 22
2
dbtool --cross-ncs and undeletable errors..
...w do I fix those errors? [root at dc00 ~]# samba-tool dbcheck --cross-ncs --fix --yes Checking 3574 objects ERROR: no target object found for GUID component for link fromServer in object CN=4b3f95b1-7774-42cf-8bc0-755c7d29f6cc,CN=LostAndFoundConfig,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn - <GUID=c8bf60b8-c3b9-442f-a330-d706221bc889>;CN=NTDS Settings\0ADEL:c8bf60b8-c3b9-442f-a330-d706221bc889,CN=DC02\0ADEL:53a02791-a186-4a2f-aef9-6e180b814d8a,CN=Servers,CN=Krynn,CN=Sites,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn ERROR: target DN is deleted for fromServer in objec...
2019 Jan 22
2
dbtool --cross-ncs and undeletable errors..
...dc00 ~]# samba-tool dbcheck --cross-ncs --fix --yes >> Checking 3574 objects >> ERROR: no target object found for GUID component for link fromServer >> in object >> CN=4b3f95b1-7774-42cf-8bc0-755c7d29f6cc,CN=LostAndFoundConfig,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn >> - <GUID=c8bf60b8-c3b9-442f-a330-d706221bc889>;CN=NTDS >> Settings\0ADEL:c8bf60b8-c3b9-442f-a330-d706221bc889,CN=DC02\0ADEL:53a02791-a186-4a2f-aef9-6e180b814d8a,CN=Servers,CN=Krynn,CN=Sites,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn >> ERROR: target DN is dele...
2020 Aug 21
2
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
On 21/08/2020 20:08, Rowland penny via samba wrote: > On 21/08/2020 19:28, Vincent S. Cojot via samba wrote: >> >> Hi everyone, >> >> I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to >> use with OpenShift (a container platform to which RedHat contributes >> - aka OCP). I'm also not too skilled on LDAP even though I've been
2020 Aug 21
2
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
...: > Hi Rowland, > > First of all, thank you for taking the time to help me. > I tried your suggestion and all results came up empty. > > Then I did a few lapdsearch(es) and found this: > > 1) This query returns two users: > ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D > "raistlin at ad.lasthome.solace.krynn" -b > "dc=ad,dc=lasthome,dc=solace,dc=krynn" > 'memberOf:1.2.840.113556.1.4.1941:=cn=Domain > Admins,CN=Users,dc=ad,dc=lasthome,dc=solace,dc=krynn' > > 2) This query returns no users ("Domai...
2019 Jan 22
0
dbtool --cross-ncs and undeletable errors..
...> [root at dc00 ~]# samba-tool dbcheck --cross-ncs --fix --yes > Checking 3574 objects > ERROR: no target object found for GUID component for link fromServer > in object > CN=4b3f95b1-7774-42cf-8bc0-755c7d29f6cc,CN=LostAndFoundConfig,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn > - <GUID=c8bf60b8-c3b9-442f-a330-d706221bc889>;CN=NTDS > Settings\0ADEL:c8bf60b8-c3b9-442f-a330-d706221bc889,CN=DC02\0ADEL:53a02791-a186-4a2f-aef9-6e180b814d8a,CN=Servers,CN=Krynn,CN=Sites,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn > ERROR: target DN is deleted for from...
2020 Aug 21
0
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
...=example,DC=com >>> dn: CN=dhcpduser,CN=Users,DC=samdom,DC=example,DC=com >>> dn: CN=Administrator,CN=Users,DC=samdom,DC=example,DC=com >>> >>> Rowland >> >> You're right, this works here too: >> ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D >> "raistlin at ad.lasthome.solace.krynn" -b >> "dc=ad,dc=lasthome,dc=solace,dc=krynn" >> 'memberof:1.2.840.113556.1.4.1941:=cn=Domain >> Admins,CN=Users,dc=ad,dc=lasthome,dc=solace,dc=krynn'|grep 'dn:' >> Enter LDAP...
2019 Jan 22
0
dbtool --cross-ncs and undeletable errors..
...dbcheck --cross-ncs --fix --yes > >> Checking 3574 objects > >> ERROR: no target object found for GUID component for link > >> fromServer in object > >> CN=4b3f95b1-7774-42cf-8bc0-755c7d29f6cc,CN=LostAndFoundConfig,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn > >> - <GUID=c8bf60b8-c3b9-442f-a330-d706221bc889>;CN=NTDS > >> Settings\0ADEL:c8bf60b8-c3b9-442f-a330-d706221bc889,CN=DC02\0ADEL:53a02791-a186-4a2f-aef9-6e180b814d8a,CN=Servers,CN=Krynn,CN=Sites,CN=Configuration,DC=ad,DC=lasthome,DC=solace,DC=krynn > >> ERROR: ta...
2020 Aug 22
0
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
...gt;> First of all, thank you for taking the time to help me. >> I tried your suggestion and all results came up empty. >> >> Then I did a few lapdsearch(es) and found this: >> >> 1) This query returns two users: >> ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D >> "raistlin at ad.lasthome.solace.krynn" -b >> "dc=ad,dc=lasthome,dc=solace,dc=krynn" >> 'memberOf:1.2.840.113556.1.4.1941:=cn=Domain >> Admins,CN=Users,dc=ad,dc=lasthome,dc=solace,dc=krynn' >> >> 2) This query returns no...
2020 Aug 21
3
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
...there an equivalent in Samba to that AD OID so that nested AD Groups can be expanded/flattened? Any ideas welcomed. :) [1]: https://examples.openshift.pub/authentication/activedirectory-ldap Thanks for reading, Vincent -------------- next part -------------- # oc adm groups sync --sync-config=krynn-ad-sync-config.yaml --confirm --whitelist=krynn_group_list.txt kind: LDAPSyncConfig apiVersion: v1 url: ldap://dc00.ad.lasthome.solace.krynn:389 insecure: false ca: "KrynnAD.pem" bindDN: "CN=openshift,CN=Users,DC=ad,DC=lasthome,DC=solace,DC=krynn" bindPassword: "OBFUSCATED&...
2018 Dec 06
5
RHEL7/Centos7 with Samba AD
...The most important part was that the RHEL7 hosts wouldn't be heavily modified, except for the two AD DCs which run a custom build of Samba, of course. For sssd, I used the following (customized file): ------------------------------------------------------ [sssd] domains = ad.lasthome.solace.krynn config_file_version = 2 services = nss, pam, pac [domain/ad.lasthome.solace.krynn] id_provider = ad auth_provider = ad access_provider = ad chpass_provider = ad ad_gpo_access_control = disabled override_gid = 100 ad_domain = ad.lasthome.solace.krynn krb5_realm = AD.LASTHOME.SOLACE.KRYNN realmd_t...
2019 Jun 10
6
please confirm: sssd not a good idea :)
On 08/06/2019 21:32, Rowland penny via samba wrote: > On 08/06/2019 16:24, Uwe Laverenz via samba wrote: >> Hi all, >> >> when you join a linux server to an active directory with "realm" it >> uses "sssd" as default. This works well as long as you just want to >> be a simple domain member. >> >> As soon as you want a real member
2019 Jun 10
3
please confirm: sssd not a good idea :)
...jot.name wrote: > > There is probably some amount of redtape on this but AFAIK it works > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > through use of realm '(and thus sssd): > > Here's a RHEL7.6 client: > # realm list > ad.lasthome.solace.krynn > ? type: kerberos > ? realm-name: AD.LASTHOME.SOLACE.KRYNN > ? domain-name: ad.lasthome.solace.krynn > ? configured: kerberos-member > ? server-software: active-directory > ? client-software: sssd > ? required-package: oddjob > ? required-package: oddjob-mkhomedir > ? re...
2018 May 04
0
unexplained Replication failures...?
...t; dc00 : is a VM on KVM host (attached to a bridge on local LAN) > dc01 : is a similarly configured VM on another KVM host. > > I've forcibly demoted and re-promoted dc01 but I still cannot get > automatic replication to work: > > root at dc00 ~]# samba-tool drs showrepl > Krynn\DC00 > DSA Options: 0x00000001 > DSA object GUID: 204cb904-754b-4457-af09-9347f8714006 > DSA invocationId: b72fc409-bf9a-45e2-a623-0e668386536a > > ==== INBOUND NEIGHBORS ==== > > DC=ForestDnsZones,DC=ad,DC=lasthome,DC=solace,DC=krynn > Krynn\DC01 via RPC >...
2019 Jun 12
0
please confirm: sssd not a good idea :)
...ere is probably some amount of redtape on this but AFAIK it works > > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > > through use of realm '(and thus sssd): > > > > Here's a RHEL7.6 client: > > # realm list > > ad.lasthome.solace.krynn > > type: kerberos > > realm-name: AD.LASTHOME.SOLACE.KRYNN > > domain-name: ad.lasthome.solace.krynn > > configured: kerberos-member > > server-software: active-directory > > client-software: sssd > > required-package: oddjob > > requ...
2019 Jun 10
0
please confirm: sssd not a good idea :)
There is probably some amount of redtape on this but AFAIK it works fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs through use of realm '(and thus sssd): Here's a RHEL7.6 client: # realm list ad.lasthome.solace.krynn type: kerberos realm-name: AD.LASTHOME.SOLACE.KRYNN domain-name: ad.lasthome.solace.krynn configured: kerberos-member server-software: active-directory client-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-pac...