search for: lvsrv39

On Fri, 6 Dec 2024 12:29:03 +0100 Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > Il 06/12/24 10:45, Rowland Penny via samba ha scritto: > > On Fri, 6 Dec 2024 10:19:31 +0100 > > Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > > > >> But the machine accoounts are not completely lost, they seem lost > >> if i query the Read

...cently joined Read Only Domain controller. I had 2 Domain Controllers based on Windows Server 2019 (hosts vmw2srvdc1 an vmw2srvdc2). I and i recently added a new site (PSN) and Read Only DC in this second site based on samba (host lvsrvdc). Then i added a fileserver joining as domain member (host lvsrv39) the same site as the new RODC (lvsrvdc). Performing the join seem ok, but in few hours the new domain member apparently looses his domain account. I wrote apparently because the issue seems only with the new RODC. I checked with testjoin command: root at psn-lvsrv39:~# net ads testjoin kerberos...

...ne.trento.it/scripts read only = No This is one of the fileservers smb.conf. [global] realm = INTRA.COMUNE.TRENTO.IT workgroup = INTRA security = ADS local master = no domain master = no preferred master = no mangling method = hash2 server string = File server psn-lvsrv39 idmap config * : backend = tdb idmap config * : range = 1000000-2000000 idmap config INTRA : backend = rid idmap config INTRA : range = 10000-99999 template shell = /bin/bash template homedir = /home/%D/%U winbind use default domain = no winbind enum users = Yes...

On Tue, 3 Dec 2024 09:15:36 +0100 Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > Hi, i have some problems with a recently joined Read Only Domain > controller. > > I had 2 Domain Controllers based on Windows Server 2019 (hosts > vmw2srvdc1 an vmw2srvdc2). I and i recently added a new site (PSN) > and Read Only DC in this second site based on samba (host

...> realm = INTRA.COMUNE.TRENTO.IT > workgroup = INTRA > security = ADS > local master = no > domain master = no > preferred master = no > mangling method = hash2 You do not really need the 4 parameters above. > server string = File server psn-lvsrv39 > > idmap config * : backend = tdb > idmap config * : range = 1000000-2000000 Why have you set the default (*) range for 1 million accounts ? It is meant for the Well Known SIDs (there are less than two hundred of those) and anything outside the 'INTRA' domain (so '0&...