similar to: Samba4: Current Packages? (CentOS6)

Logon scripts assigned to a user do not execute when the user logs on; it did before the upgrade. I can run the script from the command line and it completes OK [like \\{DOMAIN}\netlogon\logon.bat]. I can also browse to the [netlogon] share without issue. Upgrade was from a late 4.0.x to 4.1.x to current 4.2.x. User's can logon without other issues [apparently]. Platform: CentOS7

I believe a schema change on a Windows DC (2008rc) has broken replication with our S4 DCs. Anyone have any tips or pointers to resolve this? I have three S4 DCs [CentOS6] and one Windows 2008R2 DC. The Windows 2008R2 DC has the schema master FSMO, and I believe the Exchange schema was added. I am willing to pay US dollars to get this issue resolved. I need the replication restored, the

On Mon, 2016-09-19 at 20:57 +0200, Marc Muehlfeld wrote: > > Logon scripts assigned to a user do not execute when the user logs > > on; it did before the upgrade. > * What kind of upgrade are you talking about? > NT4 to AD? (migration) > x.y to 4.2? AD 4.0.21 -> 4.2.x This worked prior to the upgrade. > * Is this an PDC or DC? They are DCs. > * Where have you

Attempting to lookup why rsyslogd is listening on the high port UDP/51427. Have not succeeded in what this port is used for and what directive controls what interface it binds to. [root at bedrock ~]# netstat --listen --inet --program --numeric | grep syslog udp??0??0 0.0.0.0:51427??0.0.0.0:*???66655/rsyslogd? -- Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383

Since upgrading S4 DCs I am see the following message in log.samba - DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames: Unsupported operation requested: FFFFFFF8Unable to fetch value for secret BCKUPKEY_13bb48fc-0844-4736-9972-e26453333856, are we an undetected RODC? DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames: Unsupported operation requested:

> > Initially, it appears to have worked. ... > > It shows the same on one of the S4 DCs, but the > > DomainDnsZonesMasterRole still shows as "no current owner" on the > > third S4 DC [all Sernet 4.5.2].  Argh. > You could try checking the database on the third DC, 'samba-tool > dbcheck --help' for more info. > You could also try forcing

On Mon, 2016-12-12 at 19:45 +0000, Rowland Penny via samba wrote: > You seem to be missing two FSMO roles: > > > DomainDnsZonesMasterRole > > > ForestDnsZonesMasterRole > > > Just what version of Samba are you using ? > > My Samba 4.5.2 domain also appears to be missing these roles. > > Can I simply seize these roles? > > [root at larkin27 ~]#

On Sat, 2016-11-19 at 09:57 +1300, Andrew Bartlett wrote: > On Fri, 2016-11-18 at 09:41 -0500, Adam Tauno Williams wrote: > > On Fri, 2016-11-18 at 21:32 +1300, Andrew Bartlett wrote: > > > I believe a schema change on a Windows DC (2008rc) has > > > > > > broken > > > > sernet-samba-4.2.14-23.el6.x86_64 - the same package on all > > > >

I need to add persistent routes to a policy routing table. I can add rules to an IP policy table after installing NetworkManager-config- routing-rules; but I have not found how to add routes to a table other than the specific table. Manually I do a: ip route add default via 192.168.1.6 dev ens192 table pods Rules load automatically via the /etc/sysconfig/network-scripts/rules- {interface}

On Tue, 2018-05-15 at 13:04 -0500, Chris Adams wrote: > Once upon a time, Adam Tauno Williams <awilliam at whitemice.org> said: > > Rules load automatically via the /etc/sysconfig/network- > > scripts/rules- > > {interface} files.??Routes added to /etc/sysconfig/network- > > scripts/routes-{interface} are always added to the default policy. > What are you

On Mon, 19 Sep 2016 10:50:25 -0400 Adam Tauno Williams via samba <samba at lists.samba.org> wrote: > On Mon, 2016-09-19 at 10:45 -0400, Adam Tauno Williams via samba > wrote: > > Since upgrading S4 DCs I am see the following message in log.samba - > > The message "Unable to fetch value for secret BCKUPKEY_13bb48fc-0844 > > -4736-9972-e26453333856, are we an

On Thu, 2018-09-06 at 15:10 -0400, Mike Burger wrote: > On 2018-09-06 14:06, Adam Tauno Williams wrote: > > Attempting to lookup why rsyslogd is listening on the high port > > UDP/51427.????Have not succeeded in what this port is used for and > > what directive controls what interface it binds to. > > [root at bedrock ~]# netstat --listen --inet --program --numeric |

On Sun, 20 Nov 2016 16:50:34 -0500 Adam Tauno Williams <awilliam at whitemice.org> wrote: > On Sun, 2016-11-20 at 21:11 +0000, Rowland Penny via samba wrote: > > On Sun, 20 Nov 2016 15:55:08 -0500 > > Adam Tauno Williams via samba <samba at lists.samba.org> wrote: > > > And it looks like nobody is listening on port 135 - > > > [root at larkin26 ~]#

Hi, I resolved the problem. I changed my smb.conf as follows: [global] netbios name = SAMBA server string = %h workgroup = DOMAIN.TLD security = user encrypt passwords = true ldap passwd sync = yes guest account = nobody passdb backend = ldapsam:ldap://zarafa.hasselt.be ldap admin dn = cn=root,ou=hasselt.be,o=hasselt,c=be ldap suffix = o=hasselt,c=be ldap group suffix = ou=groups ldap user

Hi, sometimes I see following in the logs: /source4/rpc_server/drsuapi/writespn.c:234(dcesrv_drsuapi_DsWriteAccountSpn) Failed to modify SPNs on CN=PCNAME,CN=Computers,DC=DOMAIN,DC=NAME,DC=NAME,DC=de: error in module acl: Constraint violation during LDB_MODIFY (19) In the net i found this "explanation": "LDAP_CONSTRAINT_VIOLATION Indicates that the attribute value specified in

I added three DCs to a single DC Samba4 AD domain. They initially replicated and came up - but replication does not appear to be ongoing. A change made to a user via MMC connected to one DC does not appear on another DC. It the logs I see bursts of the following message: [2014/08/12 15:08:08.026270, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid

Hi all, SPN = servicePrincipalName A simple search returning all servicePrincipalName declared in your AD: ldbsearch -H $sam serviceprincipalname=* serviceprincipalname An extract from result concerning a lambda client: # record 41 dn: CN=win-client345,OU=Machines,DC=ad,DC=domain,DC=tld servicePrincipalName: HOST/MB38W746-0009 servicePrincipalName: HOST/MB38W746-0009.ad.domain.tld

Hello, is there anyone out there, who has a current 2.4.23 srpm or good how to compile it from src with supported db4? I tried to compile recent source files, but always finding the current (installed) db4 >4.3 fails. Than I tried to compile the LTB Project Files: http://ltb-project.org/wiki/documentation/openldap-rpm May be it is just a small step or option to be set. Would be nice to get

On Tue, 2016-09-20 at 09:24 +1200, Clint Dilks wrote: > > (1) why would this happen at logon when I can run the script after > > login without pertmission issues? > In relation to this I am just wondering if you have SELinux enabled? > If so you may want to set it to permissive and see if the issue > disappears. SELINUX is disabled. Frustrating... i can't even find

I have a site with a working Samba4 AD domain with a single DC. It works. I've added three new DCs to the domain [using the SerNet packages for 4.0.21]. The intention is to then demote the old, original Samba4 DC. But problems exist for netlogon/sysvol. One of the new DCs - the second one added - works, clients can access netlogon & sysvol. However the other two DCs have ACL errors