search for: mondomain

...ur with two entries that keeps trying to update themselves when I run "samba_dnsupdate". The call succeeds, but the entries are actually NOT updated. Here is what I'm seeing: > # samba_dnsupdate --verbose > IPs: ['192.168.57.3'] > Looking for DNS entry A sambarodc.mondomaine.lan 192.168.57.3 as sambarodc.mondomaine.lan. > Looking for DNS entry CNAME 7648bfe6-0ad3-4924-b055-d229546e0284._msdcs.mondomaine.lan sambarodc.mondomaine.lan as 7648bfe6-0ad3-4924-b055-d229546e0284._msdcs.mondomaine.lan. > Looking for DNS entry SRV _ldap._tcp.Secondary._sites.mondomaine.la...

On Sat, 20 Oct 2018 17:04:20 +0200 (CEST) tomict via samba <samba at lists.samba.org> wrote: > > > OK, I have checked from Windows and my dns looks like this: > > DC2-| > > |- Forward Lookup Zone > > |- samdom.example.com > > You have much more dc2 entries, I only have 4 from my manual > additions. Your dns setup is the same as the setup that

I have an AD domain (Samba 4.1.13 domain controllers) and some Samba 3.6 clients. I would like the uid/gid mappings to be consistent across the two sets of machines. The Samba4 DCs have the following line in smb.conf: idmap_ldb:use rfc2307 = yes and their uids/gids are in sync across all four of them. The Samba 3.6 domain members currently have: idmap config MBSW : backend = rid idmap config

...to update themselves > when I run "samba_dnsupdate". The call succeeds, but the entries are > actually NOT updated. > > Here is what I'm seeing: <snip> >> 2 DNS updates and 0 DNS deletes needed >> Successfully obtained Kerberos ticket to DNS/sambarwdc.mondomaine.lan as >> SAMBARODC$ >> update (rodc): SRV _gc._tcp.Secondary._sites.mondomaine.lan >> sambarodc.mondomaine.lan 3268 >> update (rodc): SRV _ldap._tcp.Secondary._sites.gc._msdcs.mondomaine.lan >> sambarodc.mondomaine.lan 3268 >> >> # host -t SRV _gc._tcp.Se...

...then it is likely to have problems later. You must have working dns before the join. I have read your join howto and have the following comments, based on my experience. I would also install libpam_winbind and libpam_krb5 /etc/krb5.conf needs to be only this: [libdefaults] default_realm = MONDOMAINE.LAN dns_lookup_realm = false dns_lookup_kdc = true I would stop smbd, nmbd, winbind before the join I would run the join command like this: samba-tool domain join mondomaine.lan DC -U administrator --realm=MONDOMAINE.LAN -W MONDOMAINE --option='idmap_ldb:use rfc2307 = yes' --opt...

...e: > > idmap config MBSW : backend = rid > idmap config MBSW : range = 10000001-20000000 if you are using rfc2307 on one side and rid on the other, it is pretty sure that it won't be in sync. You should use rfc2307 also on the samba 3.6, with something like [global] workgroup = MONDOMAINE security = ADS realm = MONDOMAINE.LOCAL idmap config *:backend = tdb idmap config *:range = 70001-80000 idmap config MONDOMAINE:backend = ad idmap config MONDOMAINE:schema_mode = rfc2307 idmap config MONDOMAINE:range = 500-40000 By the way, samba 3.6 is going end of li...

...kend = rid >> idmap config MBSW : range = 10000001-20000000 > > if you are using rfc2307 on one side and rid on the other, it is > pretty sure that it won't be in sync. You should use rfc2307 also on > the samba 3.6, with something like > > [global] > workgroup = MONDOMAINE > security = ADS > realm = MONDOMAINE.LOCAL > idmap config *:backend = tdb > idmap config *:range = 70001-80000 > idmap config MONDOMAINE:backend = ad > idmap config MONDOMAINE:schema_mode = rfc2307 > idmap config MONDOMAINE:range = 500-40000 > > By...

...romission on your AD is a compromission of your whole network). So we don't enable this kind of authentication on DC. SSH key exchange for the lucky few that manage the AD is much better suited IMHO. > /etc/krb5.conf needs to be only this: > > [libdefaults] > default_realm = MONDOMAINE.LAN > dns_lookup_realm = false > dns_lookup_kdc = true see above > I would stop smbd, nmbd, winbind before the join Indeed that might be cleaner, even if it does change much in the present case. Debian behavior of starting daemon just after installation is sometime awkward....

Sorry for the translation. actually my first installation is a samba put into production, to avoid errors, I cloned on a new VM not to break my current system. on this one I redid an installation with DEB packages "https://dev.tranquil.it" I then made a restoration. I presice that the supply is a samba3 pdc migration to samba4 dc "samba-tool domain samba3upgrade". I only have

...pen_socket_out(752) Connecting to 192.168.2.17 at port 445 [2006/02/21 15:06:45, 2] lib/util_sock.c:open_socket_out(789) error connecting to 192.168.2.17:445 (Connexion refus??e) [2006/02/21 15:06:45, 3] lib/util_sock.c:open_socket_out(752) Connecting to 192.168.2.17 at port 139 Joined domain MONDOMAINE.FR. [2006/02/21 15:06:45, 2] utils/net.c:main(859) return code = 0 command : net rpc testjoin -S PDC-NT4 Join to 'MONDOMAINE.FR' is OK triing wbinfo -t checking the trust secret via RPC calls failed error code was (0x0) Could not check secret Bye the way using all smbldap-<script...

...word(224) check_ntlm_password: mapped user is: [EXAMPLE]\[]@[SERVE] [2008/03/13 00:16:24, 5] lib/util.c:dump_data(2222) [000] 58 04 88 EE A5 76 B9 E9 X....v.. [2008/03/13 00:16:24, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base => [ou=Group,dc=mondomaine,dc=net], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=65534))], scope => [2] [2008/03/13 00:16:24, 5] lib/smbldap.c:smbldap_close(1080) The connection to the LDAP server was closed [2008/03/13 00:16:24, 2] lib/smbldap.c:smbldap_open_connection(788) smbldap_open_connection:...

...and a test-station windows7. The execution of the login.bat was working fine and it stopped working suddently. Here is my krb5.conf : [libdefaults] default_realm = MYDOMAIN.XXX.XXX dns_lookup_realm = false dns_lookup_kdc = true Here is my smb.conf : [global] netbios name = MAMACHINE realm = MONDOMAIN.XXX.XXX server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate workgroup = MIB server role = active directory domain controller idmap_ldb:use rfc2307 = yes smb ports = 139 #log level = 5 passdb:5 auth:10 log level = 0 log file = /var/log/samba...

We added a DNS entry to Samba via the Windows DNS Manager which apparently was invalid. Now we can't see the list of forward lookup in the Window DNS Manager because it immediately errors and we have to restart the Samba service. Running Samba 4.3.11-Ubuntu on Ubuntu 16.04 Additionally, a samba-tool dns query fails with the following error: > $ samba-tool dns query dc1.mydomain.com

...root at oldServer:/var/mail/Maildirs/$1 /var/mail/oldServer/ } I had to add --exclude="**/dovecot.index*" because of a change of endianness (ppc -> amd64). the second, having dovecot import the folder, is done by this second fonction dsync () { doveadm backup -R -u $1 at mondomaine.fr maildir:/var/mail/oldServer/$1 } this one is really fast. Both in one function doveImport() { fetchOldServer $1 && dsync $1 } I tried for initial load to empty mailbox. I am not sure it will works on a non empty mailbox. But would be nice, as it would allow a fast last minute sync...