search for: vdcpp1

Displaying 20 results from an estimated 30 matches for "vdcpp1".

2017 Oct 24
3
'check password script' and Join...
Make a note: it is better to disable 'check password script' in the DC(s) before trying to join a new DC. ;( root at vdcpp1:~# samba-tool domain join ad.my.dom DC -U"MYDOM\administrator" --dns-backend=BIND9_DLZ Finding a writeable DC for domain 'ad.my.dom' Found DC vdcsv1.ad.my.dom Password for [MYDOM\administrator]: workgroup is MYDOM realm is ad.my.dom Adding CN=VDCPP1,OU=Domain Controllers,DC=ad,DC=...
2017 Oct 26
3
Joined a second DC, some glitches...
...nly three notes: a) i've followed the suggestion to move idmap.ldb from the first DC to the second (Rowland! Clap me! I've not sayed 'primary' and 'secondary'! ;-). After that, as suggested by the wiki, i've done a 'samba-tool ntacl sysvolreset' but: root at vdcpp1:~# samba-tool ntacl sysvolreset open: error=2 (No such file or directory) ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error') File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run return self.run(*args, **kwargs) File &q...
2017 Oct 24
0
'check password script' and Join...
...rzonden: dinsdag 24 oktober 2017 15:33 > Aan: samba at lists.samba.org > Onderwerp: [Samba] 'check password script' and Join... > > > Make a note: it is better to disable 'check password script' in the > DC(s) before trying to join a new DC. ;( > > root at vdcpp1:~# samba-tool domain join ad.my.dom DC > -U"MYDOM\administrator" --dns-backend=BIND9_DLZ > Finding a writeable DC for domain 'ad.my.dom' > Found DC vdcsv1.ad.my.dom > Password for [MYDOM\administrator]: > workgroup is MYDOM > realm is ad.my.dom > Adding CN=VD...
2017 Oct 26
0
Joined a second DC, some glitches...
...wed the suggestion to move idmap.ldb from the first DC to > the second (Rowland! Clap me! I've not sayed 'primary' and > 'secondary'! ;-). > > After that, as suggested by the wiki, i've done a 'samba-tool ntacl > sysvolreset' but: > > root at vdcpp1:~# samba-tool ntacl sysvolreset > open: error=2 (No such file or directory) > ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined > error') File > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > 176, in _run return self.run(*args,...
2018 Nov 28
2
Different LDAP query in different DC...
...39;t work on, then it must be > something on that DC. is there a firewall or apparmor/selinux in the > way ? No. Anyway, note that query return correctly 'result: 0 Success', simply return no data. Another query to the same DC return data. eg: root at vdmpp1:~# ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" rfc822MailMember | grep ^rfc822MailMember Enter LDAP Password: root at vdmpp1:~# root at vdmpp1:~# ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D CN=mta,OU=Restricted,DC=a...
2018 Nov 28
0
Different LDAP query in different DC...
...or/selinux in the > > way ? > > No. Anyway, note that query return correctly 'result: 0 Success', > simply return no data. That just means the search retuned without error > Another query to the same DC return data. eg: > > root at vdmpp1:~# ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D > CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b > DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" rfc822MailMember | grep > ^rfc822MailMember Enter LDAP Password: root at vdmpp1:~# root at vdmpp1:~# > ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D > CN=mt...
2017 Oct 30
2
Password change question/1: smbpasswd does not propagate passwords?!
Doing some test i've done, as root, in one DC: root at vdcpp1:~# smbpasswd gaio New SMB password: Retype new SMB password: root at vdcpp1:~# pdbedit -v gaio Unix username: gaio NT username: Account Flags: [U ] User SID: S-1-5-21-160080369-3601385002-3131615632-1105 Primary Group SID: S-1-5-21-160080369-3...
2019 Oct 02
3
Removed a DC but...
Hai, The steps shown here dont work? https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC If that is the case and you besides that free of errors. Then upgrade, and try again once your on at least samba 4.9 or 4.10. As im hoping you are upgrade straight to Buster. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
2019 Oct 02
2
Removed a DC but...
On 02/10/2019 14:42, Marco Gaiarin via samba wrote: > Mandi! Rowland penny via samba > In chel di` si favelave... > >>> samba-tool dbcheck --cross-ncs --fix >>> Yes, should be possible, but i normaly do that after i do the following. >> Yes, but why wasn't it removed in the first place ? > [...] >>> Run : >>> dig CNAME
2019 Oct 02
0
Removed a DC but...
...060b28c-e27e-45f0-89c1-527474a6919c>;<RMD_ADDTIME=131533251720000000>;<RMD_CHANGETIME=131533251720000000>;<RMD_FLAGS=0>;<RMD_INVOCID=bc3f89e3-8ce4-4ddd-956a-ea740e8b2f12>;<RMD_LOCAL_USN=6174>;<RMD_ORIGINATING_USN=6174>;<RMD_VERSION=0>;CN=NTDS Settings,CN=VDCPP1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it Not removing dangling forward link ERROR: no target object found for GUID component for msDS-NC-Replica-Locations in object CN=58eba604-07e5-4c5d-a104-9e6f4907248f,CN=Partitions,CN=Configuration,DC=ad,DC=fvg,D...
2019 Oct 02
0
Removed a DC but...
...-45f0-89c1-527474a6919c>;<RMD_ADDTIME=131533251720000000>; <RMD_CHANGETIME=131533251720000000>;<RMD_FLAGS=> 0>;<RMD_INVOCID=bc3f89e3-8ce4-4ddd-956a-ea740e8b2f12>;<RMD_LOC AL_USN=6174>;<RMD_ORIGINATING_USN=6174>;<RMD_VERSION=0>;CN=NTDS > Settings,CN=VDCPP1,CN=Servers,CN=Default-First-Site-Name,CN=Si tes,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it > ERROR: no target object found for GUID component for > msDS-NC-Replica-Locations in object > CN=58eba604-07e5-4c5d-a104-9e6f4907248f,CN=Partitions,CN=Confi guration,DC=ad,DC=fvg,DC=lnf,DC=it - &...
2018 Nov 29
2
Different LDAP query in different DC...
...n chel di` si favelave... > > No. Anyway, note that query return correctly 'result: 0 Success', > > simply return no data. > That just means the search retuned without error Eh. Query succeded and return no data. Yes. > If you run the command: > ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D > CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b > DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" > Does it produce the entire users object ? No, query succeded and return no data. root at vdcsv1:~# ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D CN=mta,OU=Re...
2019 Feb 11
2
Winbind, cached logons and 'user persistency'...
...; Feb 11 13:59:52 vdcpp2 shutdown[33452]: shutting down for system > reboot > > at '14:00:30' bind, ntp and (i suppose) samba was stared. > > > After that, i've upgraded and rebooted the second DC in that site > (really, the first ;): > > Feb 11 14:03:09 vdcpp1 shutdown[26601]: shutting down for system > reboot > > again, for 14:04:00 was up&runing. > > > But the mail server refuse to deliver messages, fortunately all admin > messages to an admin users (was loop: messages undeliverability > errors, email go to postmaster, so...
2018 Nov 28
2
Different LDAP query in different DC...
> Why?! Sorry but... someone can point me in the right direction? Really i don't know how to look for that problem... I summarize: a) an LDAP lookup for some data works in ALL DC past one b) in that non-working DC, a direct query against the sam.ldb reveal that data are here (so, seems to me an ACL problem) c) checking sync status between DCs reveal no sync troubles. Where i can
2018 Nov 26
3
Different LDAP query in different DC...
...g,DC=lnf,DC=it # search reference ref: ldap://ad.fvg.lnf.it/DC=ForestDnsZones,DC=ad,DC=fvg,DC=lnf,DC=it # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 1 # numReferences: 3 past ONE dc, that does not return nothing: root at vdcsv1:~# ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" rfc822MailMember Enter LDAP Password: # extended LDIF # # LDAPv3 # base <DC=ad,DC=fvg,DC=lnf,DC=it> with scope subtree # filter: (cn=prova123) # requesting: rfc822...
2019 Jan 30
2
Winbind, cached logons and 'user persistency'...
On Wed, 30 Jan 2019 17:25:19 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! Rowland Penny via samba > In chel di` si favelave... > > > nscd caches certain things, as does winbind, if you want to run nscd > > with winbind, you need to stop nscd caching the things that winbind > > does, when you do this, nscd isn't caching very much,
2017 Nov 21
3
Time synchronization and Password Policies
You guys mix to things. > AFAIK is the 'privileges' that are host-specific. Is correct. >the policies are on the domain (in the LDAP data, > the root DN, look at them!). Yes, but only the GPO policies and these are not applied to the samba server. And because of that, samba-tools password settings needs to be set on every DC. Greetz, Louis > -----Oorspronkelijk
2018 Nov 29
2
Different LDAP query in different DC...
...re attributes that do not get replicated between DC's, > the majority are, so each DC should allow the same access. > Do you have access to the DC ? > Can you run the search locally ? Sure! As just stated, local access (via ldbsearch against the local SAM) works as expected: root at vdcpp1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b "DC=ad,DC=fvg,DC=lnf,DC=it" "(cn=prova123)" # record 1 dn: CN=prova123,CN=Aliases,OU=FVG,DC=ad,DC=fvg,DC=lnf,DC=it objectClass: top objectClass: nisMailAlias cn: prova123 instanceType: 4 whenCreated: 20171218110150.0Z uSN...
2018 Nov 27
0
Different LDAP query in different DC...
...his morning i've copied the 'idmap.ldb' from the DC with FSMO roles to the mulfunctioning DC, but still i get empty answer from the mulfunctioning DC. I've done a 'ldap compare' and all seems in sync: root at vdcsv1:~# samba-tool ldapcmp ldap://vdcsv1.ad.fvg.lnf.it ldap://vdcpp1.ad.fvg.lnf.it -U gaio Password for [LNFFVG\gaio]: * Comparing [DOMAIN] context... * Objects to be compared: 1312 * Result for [DOMAIN]: SUCCESS * Comparing [CONFIGURATION] context... * Objects to be compared: 1673 * Result for [CONFIGURATION]: SUCCESS * Comparing [SCHEMA] cont...
2019 Feb 11
0
Winbind, cached logons and 'user persistency'...
...tainer. reboot on 'vdcpp2' happen on: Feb 11 13:59:52 vdcpp2 shutdown[33452]: shutting down for system reboot at '14:00:30' bind, ntp and (i suppose) samba was stared. After that, i've upgraded and rebooted the second DC in that site (really, the first ;): Feb 11 14:03:09 vdcpp1 shutdown[26601]: shutting down for system reboot again, for 14:04:00 was up&runing. But the mail server refuse to deliver messages, fortunately all admin messages to an admin users (was loop: messages undeliverability errors, email go to postmaster, so to admin, so error, ...). 2019-02-11...