search for: rpidc2

...strator', there should be a ticket in /tmp for 'root' that Administrator can use. Here is the proof of concept: Log into the DC that you wish to transfer an FSMO role to and show the FSMO owners at present (this list is shortened to just one, the one I will transfer): adminuser at rpidc2:~ $ sudo samba-tool fsmo show DomainDnsZonesMasterRole owner: CN=NTDS Settings,CN=RPIDC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=example,DC=com Kinit as Administrator (note I am using sudo, but it would be the same if done by root) adminuser at rpidc2:~ $ su...

...cket in /tmp for 'root' that Administrator can use. > > Here is the proof of concept: > > Log into the DC that you wish to transfer an FSMO role to and show the > FSMO owners at present (this list is shortened to just one, the one I > will transfer): > > adminuser at rpidc2:~ $ sudo samba-tool fsmo show > DomainDnsZonesMasterRole owner: CN=NTDS > Settings,CN=RPIDC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=example,DC=com > > Kinit as Administrator (note I am using sudo, but it would be the same > if done by root) >...

Thank you so far. But unfortunately I could not fix the problems. So I decided to start over again at a situation where all the fsmo roles resides on the old controller. Here is a transcript of what I did and the errors reported: The inititial position srv-kb-dc1:~ # samba-tool fsmo show SchemaMasterRole owner: CN=NTDS Settings,CN=SRV-KB-PRIMDC,CN=Servers,CN=Default-Fi...

...on local files. > After being prompted for the Administrator password, the command > appeared to complete without error. > > However, I couldn't find the script in sysvol on the DC I ran the > command on, but after checking the other two DCs, I found this: > > adminuser at rpidc2:~ $ sudo cat /var/lib/samba/sysvol/samdom.example.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/VGP/VTLA/Unix/Scripts/Startup/test_script.sh > #!/bin/bash > > echo "Hello World" > > exit 0 > > I have no idea why the script was created on another DC inste...

...ason to run this command as root. It operates via SMB, > not on local files. I used sudo because when I first ran it without sudo, I got this: adminuser at tmpdc1:~ $ samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh ERROR: Error connecting to 'rpidc2.samdom.example.com' using SMB I then ran it with sudo but without '-Uadministrator and got this: adminuser at tmpdc1:~ $ sudo samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh ERROR(<class 'KeyError'>): uncaught exception - '...

On 4/18/24 10:22 AM, Rowland Penny via samba wrote: > I used sudo because when I first ran it without sudo, I got this: > > adminuser at tmpdc1:~ $ samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh > ERROR: Error connecting to 'rpidc2.samdom.example.com' using SMB Well that's odd. That shouldn't be necessary. > I then ran it with sudo but without '-Uadministrator and got this: > > adminuser at tmpdc1:~ $ sudo samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh...

...rying to do ? > > The winbind ping is also failing if netbios is disabled. Are we taking 'wbinfo -P', because I have netbios turned off in smb.conf (I also do not run nmbd) and that command works for myself: wbinfo -P checking the NETLOGON for domain[SAMDOM] dc connection to "rpidc2.samdom.example.com" succeeded Though I am using a Samba AD DC > > Am I missing some configuration parameter that would prevent such a > behavior? NetBios is an unsecure deprecated protocol : why is it > mandatory to have it to verify communication with the domain? It isn't...

...45F-00C04FB984F9} test_script.sh -Uadministrator After being prompted for the Administrator password, the command appeared to complete without error. However, I couldn't find the script in sysvol on the DC I ran the command on, but after checking the other two DCs, I found this: adminuser at rpidc2:~ $ sudo cat /var/lib/samba/sysvol/samdom.example.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/VGP/VTLA/Unix/Scripts/Startup/test_script.sh #!/bin/bash echo "Hello World" exit 0 I have no idea why the script was created on another DC instead of the DC the command was run...

Hello, I'm trying to use to use a Samba share service with authentication delegated to a Windows Active Directory Server. I manage to join successfully to the AD using net ads join command, with or without Kerberos, using either "security = domain" or "security = ads". Nevertheless, if I use "disable netbios" option, winbindd immediately fails to use

...trying to do ? > > The winbind ping is also failing if netbios is disabled. Are we taking 'wbinfo -P', because I have netbios turned off in smb.conf (I also do not run nmbd) and that command works for myself: wbinfo -P checking the NETLOGON for domain[SAMDOM] dc connection to "rpidc2.samdom.example.com" succeeded Though I am using a Samba AD DC > > Am I missing some configuration parameter that would prevent such a > behavior? NetBios is an unsecure deprecated protocol : why is it > mandatory to have it to verify communication with the domain? It isn't m...

W dniu 18.04.2024 o?12:01, Jaros?aw K?opotek - INTERDUO via samba pisze: > > W dniu 18.04.2024 o?09:56, Rowland Penny via samba pisze: >> On Thu, 18 Apr 2024 09:03:10 +0200 >> Jaros?aw K?opotek - INTERDUO via samba<samba at lists.samba.org>? wrote: >> >>> Hi all, >>> >>> I run cmd: >>> samba-tool gpo manage scripts startup add \