Displaying 20 results from an estimated 41 matches for "pre01svdeb02".
2019 Jul 31
2
GPO issues - getting SYSVOL cleaned up again
"--seize" helped:
root at pre01svdeb03:~# samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS
Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at
InfrastructureMasterRole owner: CN=NTDS
Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at
RidAllocationMasterRole owner:
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
Progress:
no more "dc" in rgrep on both servers
PTR for the rejoined pre01svdeb02 is missing, so I assumed we need a
dnsupdate:
root at pre01svdeb02:~# samba_dnsupdate --verbose
IPs: ['192.168.16.205']
need cache add: A pre01svdeb02.pilsbacher.at 192.168.16.205
Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as
pre01svdeb02.pilsbacher.at.
need cache...
2019 Jul 31
2
GPO issues - getting SYSVOL cleaned up again
I forgot.
dig a pre01svdeb02.pilsbacher.at @192.168.16.205
dig a pre01svdeb02.pilsbacher.at @192.168.16.206
Can you run these also for me.
And there are no CNAMEs pointing to the AD-DCs ?
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
Hai,
And thanks for the other check i needed to know if the A record did exist.
>> ldap1 CNAME pre01svdeb02
>> ldap2 CNAME pre01svdeb03
>sorry, typo -------------^
Yes i was expecting that. ;-)
What i see, all SOA record and serialnr are same where is should be so thats ok.
What i noticed is this part.
dig a dc.pilsbacher.at @192.168.16.205/206 replies.
DNS1 ( DC1 /pre01svdeb02 (old DC) )...
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
...n.at 192.168.16.205
Looking for DNS entry A mydomain.at 192.168.16.205 as mydomain.at.
Looking for DNS entry SRV _ldap._tcp.mydomain.at dc.mydomain.at 389 as
_ldap._tcp.mydomain.at.
Checking 0 100 389 pre01svdeb03.mydomain.at. against SRV
_ldap._tcp.mydomain.at dc.mydomain.at 389
Checking 0 100 389 pre01svdeb02.mydomain.at. against SRV
_ldap._tcp.mydomain.at dc.mydomain.at 389
Lookup of _ldap._tcp.mydomain.at. succeeded, but we failed to find a
matching DNS entry for SRV _ldap._tcp.mydomain.at dc.mydomain.at 389
need update: SRV _ldap._tcp.mydomain.at dc.mydomain.at 389
Looking for DNS entry SRV _ldap._tc...
2019 Jul 09
3
GPO infrastructure? -> 4.8.x to 4.9.x
Am 02.07.19 um 16:24 schrieb Stefan G. Weichinger via samba:
> Am 02.07.19 um 16:09 schrieb Stefan G. Weichinger via samba:
>>
>> I get problems with group policies not applied ... seems an older
>> problem surfacing now.
>>
>> Before I debug at current level I consider upgrading the 2 DCs from
>> 4.8.12 (Debian Stretch) to 4.9.9
>>
>> Anything
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
On 31/07/2019 12:04, Stefan G. Weichinger via samba wrote:
> Am 31.07.19 um 12:50 schrieb Rowland penny via samba:
>> On 31/07/2019 11:40, Stefan G. Weichinger via samba wrote:
>>> Am 31.07.19 um 12:32 schrieb Rowland penny via samba:
>>>> On 31/07/2019 11:22, Stefan G. Weichinger via samba wrote:
>>>>> "dc" was the old name a few years ago
2019 Jul 31
4
GPO issues - getting SYSVOL cleaned up again
...server and rm-ed all containing
"dc.mydomain.at"
There was a SRV-record below
"_msdcs.mydomain.at" "pdc" "_tcp" pointing to "dc.mydomain.at"
tried to edit, didn't work, rm-ed it ...
now there is only one SRV-entry there pointing to my
"pre01svdeb02.mydomain.at"
I assume I have to create a second one again?
2019 Jul 31
4
GPO issues - getting SYSVOL cleaned up again
Am 31.07.19 um 10:47 schrieb L.P.H. van Belle via samba:
> I pointed to that link becuase of the last message.
>>> The OU the users were in required read permissions on the Authenticated Users security group!
> Im guyessing this is what your problem is, i just dont know where in your AD.
OK, that might be the case.
So the step is "add/check ACLs on the SYSVOL-share for
2017 Jul 11
2
Samba ADS-member-server: FQDNs in /etc/hosts
...y.
One user gets displayed as "administrator" in smbstatus although he is
named differently. Other users on other PCs are mapped correctly and
files are created correctly (= get correct owner and group in linux fs).
For the PC with the problematic issue I see on the DC:
Jul 11 17:16:25 pre01svdeb02 samba[4657]: [2017/07/11 17:16:25.913628,
0]
../source4/rpc_server/drsuapi/writespn.c:235(dcesrv_drsuapi_DsWriteAccountSpn)
Jul 11 17:16:25 pre01svdeb02 samba[4657]: Failed to modify SPNs on
CN=PC-2016-03,OU=secret-Computer,DC=secret,DC=at: acl: spn validation
failed for spn[TERMSRV/PC-2016-03.se...
2019 Jul 31
5
GPO issues - getting SYSVOL cleaned up again
...DC(3) first then we start thinking in kerberos corrections.
>
> Run samba_dnsupdate --verbose ( on both DC's )
> Post that output, ill have a look, and im getting a choco. :-)
Now look at all that fun:
dc.pilsbacher.at entry has been magically created again, it seems:
root at pre01svdeb02:~# samba_dnsupdate --verbose
IPs: ['192.168.16.205']
Looking for DNS entry A dc.pilsbacher.at 192.168.16.205 as dc.pilsbacher.at.
Looking for DNS entry A pilsbacher.at 192.168.16.205 as pilsbacher.at.
Looking for DNS entry SRV _ldap._tcp.pilsbacher.at dc.pilsbacher.at 389
as _ldap._tcp.pils...
2019 Jul 31
0
GPO issues - getting SYSVOL cleaned up again
...s was, strongswan is last what im on now.
> > If someone has a strongswan setup with user/ldap auth, pm
> me your config ;-)
> >
> >
> > Ok, what you posted below.
> >
> > pre01svdeb03 : apt-get remove --purge --auroremove resolvconf
> > Old dc: pre01svdeb02 : apt-get remove --purge --auroremove
> resolvconf
> >
> > Make these changes/verify them after the remove of resolvconf
> >
> > pre01svdeb03
> > /etc/resolv.conf
> > search pilsbacher.at
> > nameserver 192.168.16.206
> > nameserver 192.168.16...
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
...4.8 on buster, ( hint : repo buster-squid48 ssl enabled )
What a dragon this was, strongswan is last what im on now.
If someone has a strongswan setup with user/ldap auth, pm me your config ;-)
Ok, what you posted below.
pre01svdeb03 : apt-get remove --purge --auroremove resolvconf
Old dc: pre01svdeb02 : apt-get remove --purge --auroremove resolvconf
Make these changes/verify them after the remove of resolvconf
pre01svdeb03
/etc/resolv.conf
search pilsbacher.at
nameserver 192.168.16.206
nameserver 192.168.16.205
pre01svdeb02
/etc/resolv.conf
search pilsbacher.at
nameserver 192.168.16.206
nam...
2019 Jul 10
0
GPO infrastructure? -> 4.8.x to 4.9.x
...0]
> ../source4/dsdb/dns/dns_update.c:353(dnsupdate_spnupdate_done)
> ../source4/dsdb/dns/dns_update.c:353: Failed SPN update - with error
> code 1
rejoined the server and removed the DNS entry inbetween manually
join worked ok, no DNS record after that
more of this:
Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
[2019/07/10 08:16:36.662971, 0]
../source4/dsdb/dns/dns_update.c:353(dnsupdate_spnupdate_done)
Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
../source4/dsdb/dns/dns_update.c:353: Failed SPN update - with error code 1
Jul 10 08:26:36 pre01s...
2019 Jul 12
3
GPO infrastructure? -> 4.8.x to 4.9.x
...ger via samba
> Verzonden: vrijdag 12 juli 2019 10:24
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] GPO infrastructure? -> 4.8.x to 4.9.x
>
> Am 10.07.19 um 08:40 schrieb Stefan G. Weichinger via samba:
>
> > more of this:
> >
> > Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
> > [2019/07/10 08:16:36.662971, 0]
> > ../source4/dsdb/dns/dns_update.c:353(dnsupdate_spnupdate_done)
> > Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
> > ../source4/dsdb/dns/dns_update.c:353: Failed SPN update -...
2019 Jul 31
2
GPO issues - getting SYSVOL cleaned up again
...clean again. ( no need to reinstall os etc. just samba )
>
> What?
>
> uninstall samba?
> or unjoin from domain only?
>
> "reinstall samba" ?
>
> pls specify
Ah, I understand this (correct me):
mv FSMO-roles to pre01svdeb03
unjoin
stop
and totally cleanup pre01svdeb02 ...
cleanup DNS
at last rejoin
pre01svdeb02
(= essentially joining a new DC here, right?)
. correct ?
2019 Jul 26
4
GPO issues - getting SYSVOL cleaned up again
new thread, old issue
been fiddling off-list with tips from Louis over the last days, and
putting it back to the list to ask for help from others:
2 samba-4.9.11 DCs
1 samba-4.8.12 DM file server
GPOs not working cleanly anymore
tried to resync completely etc etc
-
right now I test gpupdate/gpresult on an older (not productive) W2008R2
server which I use for editing stuff via RSAT/MMC
I
2017 Jul 11
0
Samba ADS-member-server: FQDNs in /etc/hosts
...t;administrator" in smbstatus although he is
> named differently. Other users on other PCs are mapped correctly and
> files are created correctly (= get correct owner and group in linux
> fs).
>
> For the PC with the problematic issue I see on the DC:
>
> Jul 11 17:16:25 pre01svdeb02 samba[4657]: [2017/07/11 17:16:25.913628,
> 0]
> ../source4/rpc_server/drsuapi/writespn.c:235(dcesrv_drsuapi_DsWriteAccountSpn)
> Jul 11 17:16:25 pre01svdeb02 samba[4657]: Failed to modify SPNs on
> CN=PC-2016-03,OU=secret-Computer,DC=secret,DC=at: acl: spn validation
> failed for...
2019 Jul 31
0
GPO issues - getting SYSVOL cleaned up again
...rzonden: woensdag 31 juli 2019 11:26
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] GPO issues - getting SYSVOL cleaned up again
>
>
> You may remember that there is some DNS-entry (does it come from
> NT4-times??):
>
> dc.mydomain.at .. .205 (1st DC)
>
> pre01svdeb02 ... .205 (same machine, was the old NT4/samba-PDC)
>
> pre01svdeb03 ... .206 (2nd DC)
>
>
> -
>
> From the w2008r2 I can access:
>
> \\192.168.16.205\\sysvol
> \\192.168.16.206\\sysvol
>
> \\pre01svdeb02\\sysvol
> \\pre01svdeb03\\sysvol
>
> But no...
2019 Jul 12
0
GPO infrastructure? -> 4.8.x to 4.9.x
...> Aan: samba at lists.samba.org
> >> Onderwerp: Re: [Samba] GPO infrastructure? -> 4.8.x to 4.9.x
> >>
> >> Am 10.07.19 um 08:40 schrieb Stefan G. Weichinger via samba:
> >>
> >>> more of this:
> >>>
> >>> Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
> >>> [2019/07/10 08:16:36.662971, 0]
> >>> ../source4/dsdb/dns/dns_update.c:353(dnsupdate_spnupdate_done)
> >>> Jul 10 08:16:36 pre01svdeb02 samba[25451]: task[dnsupdate][25451]:
> >>> ../source4/dsdb/dns/dns_up...