Displaying 20 results from an estimated 2000 matches similar to: "Add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN?"
2011 May 04
1
winbind as a name service "proxy"?
Hi,
We hava a bunch of machines that needs to have the ability to look up users and groups (like with libnss_winbind) but we need to have the Kerberos and PAM stuff. We really don't want to join them to the AD. Are there any way to use one server as a proxy for name and group lookups?
[dumb-node] --> [master-node-with-winbind] --> [AD]
Best regards
Emil Assarsson
Sony Ericsson
2008 Feb 27
1
krb5.conf file in /var/lib/samba/smb_krb5; Samba 3.0.27a
Hello list,
I've upgraded from Samba 3.0.14a to 3.0.27a (Samba is a domain member of a
W2k3 native AD) and I see that in the /var/lib/samba/smb_krb5 directory a
krb5.conf file is created.
Is this krb5.conf file extracted from my original /etc/krb5.conf? Or is this
file created from the "password server =" entry in my smb.conf file?
My original /etc/krb5.conf contains the DC's in
2009 Mar 06
0
krb5.conf in /var/lib/samba/smb_krb5 very different from original
Hi all !
I have some problems browsing a samba share from a Canon ImageRunner printer.
It tries to write to a share located on a samba server, configured to authenticate users against a windows 2003 Active directory.
Samba version 3.2.6 is running on opensuse 11.1.
After a lot of search, I tought that maybe it did not support the encryption type requested by my Samba server, so I checked my
2013 Apr 03
0
/var/samba/locks/smb_krb5/krb5.conf.DOM
All,
I am running Solaris 10 and Samba 3.6.6. We use intelligent DNS and have more than 10 ADs. In /etc/krb5/krb5.conf I configure kdc and admin_server to point to the IDNS server so any one of our functioning ADs can be used dynamically. I've noticed that /var/samba/locks/smb_krb5/krb5.conf.DOM get created when net ads join is run. I've also noticed that the kdc is set to an IP address
2010 Nov 29
1
Getting no ticket cache from pam_winbind
Hi all,
I'm trying to get pam_winbind to create ticket cache on login if the AD is available.
Please note that this is an Ubuntu Lucid system.
When trace this with wireshark it receives a TGT ticket for the user.
The current solution is to use pam_krb5 before attempting winbind. That gives me a ticket cache.
The main problem is that if the user enters the wrong password it does two login
2010 Nov 25
0
group names with longer names than 30 chars [winbind 3.4.7]
Hi All,
I'm unable to do lookups on groups that have a longer name than 30 characters.
Is this a known problem and does it help to upgrade?
Are there any workaround for this?
Best regards
Emil Assarsson
Sony Ericsson Mobile Communications AB
"The information in this email, and attachment(s) thereto, is strictly confidential and may be legally privileged. It is intended solely for the
2010 Oct 26
0
net ads dns register failes (samba 3.4.7 on windows 2003 sp2)
Hi all,
I have some problems with dynamic DNS updating.
Samba 3.4.7
Windows 2003 sp2
# net ads dns register -P
DNS Update failed!
With debug ( -d9 ) I get this:
------
[2010/10/26 09:28:44, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
[2010/10/26 09:28:44, 3] libads/sasl.c:789(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got server
2007 Nov 23
0
Strange folder smb_krb5 in lock directory of version 3.026a
I found a strange folder smb_krb5 in my samba lock directory.
Inside, there is something that looks like a Kerberos Configuration,
but the content is different from my /etc/krb5.conf
(A) Does Samba correctly use my /etc/krb5.conf as before in version 3.023?
(B) What is the smb_krb5-folder good for, where does it come from?
(C) Can it be deleted safely or does it have to be backed up together
with
2023 Dec 04
1
krb5.conf & kdc=, explicit vs automatic
While playing with large number of DCs in a domain, which does not fit
in UDP DNS packet, I found another interesting issue.
winbindd generates a temporary krb5.conf for each realm it uses, and
stores it in /run/samba/smb_krb5/krb5.conf.$REALM. Here's a typical
such config in fully-automatic mode:
libdefaults]
default_realm = RGS.RU
default_etypes = aes256-cts-hmac-sha1-96
2009 May 15
2
krb5 configuration generation
Hi,
Is there any way to stop Samba regenerating the krb5.conf.[WORKGROUP] file under /var/lib/samba/smb_krb5 every time?
It appears to completely ignore /etc/krb5.conf, is this expected?
Kernel: Linux localhost 2.6.16.60-0.37_f594963d-smp #1 SMP Mon Mar 23 13:39:48 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux
smbd -V: Version 3.0.32-0.8-2045-SUSE-CODE10
Thanks,
Alex
2009 Dec 14
0
samba caching a broken krb5.conf.NETBIOSDOMAINNAME
i am in a mixed win2000 and win2003 R1 ActiveDirectory environment.
Have always had ntlmv2 server and client required. LM and NTLM have
always been rejected. That is how it has been for 10 years.
Mounting from CentOS 5 to the windows servers has not been an issue
for years. However, using ADS credentials for Linux workstation
logons has always been a issue. If using ADS credentials to logon
2017 Jan 26
2
Samba AD/DC Sync To Windows DC Failures
I just added a window server 2008 r2 to be a backup DC for our samba 4.4.5
AD/DC but I am getting an error when trying to manually sync samba to the
windows server.
I used the link on the wiki site to make the initial sync, which worked
great
ยง
<https://wiki.samba.org/index.php/Joining_a_Windows_Server_2008_/_2008_R2_
DC_to_a_Samba_AD> Joining a Windows Server 2008 / 2008 R2 DC to a
2013 Oct 10
0
Samba4 can't join domain - drsuapi.DsBindInfoFallBack object has no attribute
I have a Win2k3 server and am trying to manage a Samba4 box (name:UBUNTUSERVER, running Ubuntu 12.04.3 + Samba 4.0.10) as a backup. All seemed well, but after a problem with replication (result 1306 WERR_REVISION_MISMATCH), I couldn't even demote the samba4 DC. So I deleted from SERVERW2K3, deleted /usr/local/samba and re-compiled everything. Also ran make quicktest, all seems OK.
Now, this
2009 Dec 22
0
Re :Re: dns lookups for SRV kerberos
>
>On Thu, Dec 10, 2009 at 9:21 AM, <aplist at netcourrier.com> wrote:
> > Hi,
> >
> >
> > I have raised this question on the kerberos mailing list, but have been
> told that Samba has it's own behavior regarding SRV lookups.
> >
> > My configuration uses the following :
> > ?dns_lookup_realm = false
> > ?dns_lookup_kdc = false
2014 Jan 09
0
Samba4/AD Replication Issue
I have a couple of Samba4 AD DCs replicating with Windows Server 2008 DCs. This has been sort of finicky, but I've managed to get it to work (mostly) for several weeks. However, I'm now having an issue where one of my Samba4 DCs will not replicate from any of the other DCs (Windows or Samba) in the domain (Error is WERR_BAD_NET_RESP). Replication output is below. If anyone has ideas of
2015 Mar 10
0
net ads join fails
On 10/03/15 19:01, Roman Dilken wrote:
> On 10.03.2015 19:25, Rowland Penny wrote:
>
>> Hi, what are you trying to join to?
>>
>> Remove this line 'idmap_ldp:use rfc2307 = yes'
>>
>> one) it should be 'idmap_ldb:use rfc2307 = yes' two) it is only
>> used on a DC.
>>
>> How are you trying to do the join ?
>>
>>
2013 Jan 10
1
cannot join an existing AD as either a RODC or DC w/ samba4
I'm unable to have samba4 join an existing AD domain as either an RODC
(preferrable) or merely a DC.
AD domain is Win2k3, but we recently added a pair of Win2k8 DCs to it.
Domain functional level is Win2k3.
### Adding samba4 as an RODC ###
# samba-tool domain join -d5 my.domain RODC -U'adminuser at MY.DOMAIN' --server=nysv-vmdc3.my.domain
INFO: Current debug levels:
all: 5
tdb:
2014 Jul 16
0
FreeBSD problems with sysvol and share Acls
Having lots of problems with a restored from backup installation of Samba
4.1.9 on FreeBsd cannot use windows tools to assign permissions to shares,
and now when a problem creating a Gpo. with log level 10 this is the
output:
root at BSD:/home # samba-tool gpo create testgpo
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
2015 Mar 10
2
net ads join fails
Hi,
i've got a problem joining a domain with samba 4.1.17 on freebsd.
Everytime I try it, the join fails with a core dump.
Debugging it, it seems that it is stuck on authentication. Kerberos
works, I get credentials, but if I try to join the domain, it fails.
The problem seems to be somwhere in this debug-output:
1. net ads join:
Doing spnego session setup (blob length=96)
got
2018 Jun 21
0
WERR_BAD_NET_RESP on replication (--full-sync)
Hi,
Many of these syncing problems were solved in Samba 4.7 (and probably a
few more in 4.8). There were a number of unresolved locking issues that
we uncovered as well as some inconsistencies with Windows replication. I
would try join a DC with one of the latest Samba versions and see if
your problems persist.
Cheers,
Garming
On 21/06/18 21:35, Chris Lewis via samba wrote:
> Hello,
>