search for: lperoma

Cheers Rowland, There is a GPO in place to do that. But it?s not working. I have my notes here: http://samba.bigbird.es/doku.php?id=samba:update-dns Also, I can?t create / update PTR records using DNS tool??from RSAT then creating / updating the A record, despite selecting the option. Thanks, On Jan 17, 2024 at 10:25 +0100, samba at lists.samba.org <samba at lists.samba.org>, wrote: >

...gt; configuration options for the clients are described below." > > I've only used a GPO to point to a different time server when the DC > is incapable of providing the time service (older DC running in a > container). > Chris On Fri Jan 5 01:52:25 2024 Luis Peromarta <lperoma at icloud.com> wrote: > You should not need no GPOa for this. What NTP software are you using ? On Fri Jan 5 03:23:48 2024 Peter Milesson via samba <samba at lists.samba.org> wrote: > > Hi Mark, > > Also, no need to use a GPO for this. The domain members get their time...

Hi there. Quick one: When syncing idmap.ldb say from DC1 -> DC2, do you need to stop samba-ad-dc service before replacing idmap.ldb in DC2 ? Or else, can this be done with the service running ? Does it need a service restart after the file is in place??? Thanks,??LP

Thanks. I sync sysvol every hour 9-5 and idmap daily. I do not edit or create GPOs often so I guess that?s enough. I wanted to make sure I had this article right : http://samba.bigbird.es/doku.php?id=samba:sync-idmap.ldb All the best. On 19 Oct 2023 at 15:31 +0200, bd730c5053df9efb <bd730c5053df9efb at proton.me>, wrote: > > I forgot to add in my original response that this

This is very interesting. Could you share your setup ? All the best. On 20 Oct 2023 at 17:41 +0200, Kees van Vloten <keesvanvloten at gmail.com>, wrote: > > I have the configuration setup on the Samba-side and indeed it works on > Windows with machine-account authentication. It connects to wifi before > a user logs in and there is no chance of lockout due to an expired user >

Hi there, In my experience NTP has been trouble lately with the NTPsec implementation. A few months back I decided to remove NTPsec and go with Chrony. These are my notes: http://samba.bigbird.es/doku.php?id=samba:install-chrony Hope it helps. On Oct 25, 2023 at 19:04 +0200, Ham <ham at kc0dxf.net>, wrote: > > Any ideas on what the problem is?

Try this simplified tutorial. http://samba.bigbird.es/doku.php?id=samba:start LP On 5 Jan 2024 at 07:48 +0000, lists--- via samba <samba at lists.samba.org>, wrote: > Good morning Rowland, > > is it ok for you to send you the complete, not sanitized installation > description? > ... I'm lost in getting the samba-ad-dc running ... > > Cheers, > Torsten > >

I use this for the firewall. The ports are in the article. http://samba.bigbird.es/doku.php?id=samba:hardening-samba On 5 Jan 2024 at 11:52 +0000, lists--- via samba <samba at lists.samba.org>, wrote: > Am 05.01.2024 um 12:02 schrieb Rowland Penny via samba: > > On Fri, 5 Jan 2024 08:30:15 +0100 > > lists--- via samba <samba at lists.samba.org> wrote: > > >

You think ntp works with samba but it doesn?t. You *must* use chrony. It will take you exactly 5 minutes to get it up and running. On 5 Jan 2024 at 20:21 +0000, Mark Foley <mfoley at novatec-inc.com>, wrote: > > > > How do you know you're syncing with the DC? What does your 'w32tm /query /source' > give you? It?s all here :

Morning all. My AD is working perfectly fine with no issues. Windows client creates and updates its??IP address (forward zone) on a regular basis, but does not create or update the reverse record. Using RSAT DNS tool, If I manually create a new A record for a host, and I select???Create associated PTR record?, the record is not created neither. My network is 192.168.0.0/22 and I have created a

Hi, Just finishing update to 4.19.5 from 4.19.4 I just found??'samba-tool visualize uptodateness -rS ?utf8???and 'samba-tool drs showrepl' Now takes 2-3 minutes to complete, where as before it was pretty much instant. The output looks fine however, replication seems to be working and I get no errors. Also, I note that 'samba-tool visualize uptodateness -rS ?utf8? has zero on

Tobias, Appreciate your insight, it is just nice to have, but I hate when things don?t go as expected. I?m going to fight this a little, just to see If I am doing anything wrong - but not that it?s critical to me Thanks, On Jan 17, 2024 at 09:48 +0100, Pluess, Tobias <tpluess at ieee.org>, wrote: > > Hi Luis > > I noticed exactly the same behaviour. > I wonder if the PTR

I have the impression your DC?s ntp server is not working properly for whatever reason. Your windows machines try to grab time for them, can?t, and then default to local coms clock or some other time source. From a windows member machine, can you try : w32tm /stripchart /computer:us.pool.ntp.org /dataonly /samples:5 That should work. Then try: w32tm /stripchart /computer:your.dc.address

Try: http://samba.bigbird.es/doku.php?id=samba:sync-sysvol I would recommend one way sync always from PDC FSMO owner, as this is the machine the GPOs get created in by default. And of course : http://samba.bigbird.es/doku.php?id=samba:sync-idmap.ldb Regards. LP On 5 Dec 2023 at 13:47 +0100, Jakob Curdes via samba <samba at lists.samba.org>, wrote: > Hello, > > I am wondering

Congratulations. Happy to hear you got it running. Just out of curiosity and apologies if this has been answered before, but why Slack and not Debian when general consensus is Debian is great for Samba ? Building a Samba AD on Debian is painless and takes 20m from start to finish. Anyway, glad you sort it. LP. On 11 Feb 2024 at 05:11 +0100, Mark Foley <mfoley at novatec-inc.com>, wrote:

LP On Nov 7, 2023 at 18:06 +0100, Andrey Repin via samba <samba at lists.samba.org>, wrote: > > > AD DC configuration: > > # Global parameters > [global] > auto services = homes > client ldap sasl wrapping = sign > dns forwarder = 192.168.1.12 > dos charset = CP866 > logging = systemd > log level = 1 > netbios name = DC2 > panic action =

It?s always recommend to demote the DC, upgrade samba, and join the DC again. Did you do it this way ? You may have a broken DC, or a broken installation. Instead of troubleshooting, which you can of course do, I?d demote (or force-demote), reinstall and re join. http://samba.bigbird.es/doku.php?id=samba:upgrade-sama LP On 5 Dec 2023 at 15:45 +0100, Joachim Lindenberg via samba <samba at

Morning all. I am reading trough https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html As I was curious what exactly 'map acl inherit' does. "This boolean parameter is only relevant for systems that do not support standardized NFS4 ACLs but only a POSIX draft implementation of ACLs. Linux is the only common UNIX system which does still not offer standardized NFS4 ACLs

I don?t think you need winbind on a DC as user mapping is done by its own databases. I think you have mixed up member server configs into DC configs. A smb.conf like this should be enough: [global] dns forwarder = 1.1.1.1 netbios name = AAA realm = XXXT server role = active directory domain controller workgroup = MAD idmap_ldb:use rfc2307??= yes #Allow this for free radius to work ntlm

Looks like your root mapping isn?t working. Did you add "min domain uid = 0? to smb.conf ? See 'Mapping the AD Administrator user to ?root?' : http://samba.bigbird.es/doku.php?id=samba:file-server On Nov 27, 2023 at 18:58 +0100, mail--- via samba <samba at lists.samba.org>, wrote: > Hello, > > recently I've "updated" an AD member file server to an