similar to: LDAP auth with AD

Hai, What is the running OS and version of samba on these servers. Can you post some configs of these DC's ( all 3 ) /etc/hosts /etc/resolv.conf /etc/samba/smb.conf And for all 3 this the keytab output. klist -ke /var/lib/samba/private/secrets.keytab Your also sure you servers time is not out of sync? Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba

Dear all, setting up a DMZ environment I was thinking to use an RODC there for user authentication. One of the application in the DMZ needs to access the directory via LDAP. When I tried to connect to the RODC using LDAP with simple bind, I always received the following error ldap_bind: Invalid credentials (49)         additional info: 80090308: LdapErr: DSID-0C0903A9, comment:

Hai, Before you start, Backup, /etc/ /var/lib/samba better safe than sorry.. Stop samba and related services ( check it at least nmbd smbd winbind samba samba-ad-dc) > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Prunk Dump via samba > Verzonden: woensdag 21 juni 2017 11:57 > Aan: samba at lists.samba.org > Onderwerp:

On Mon, 2018-01-22 at 20:36 +0100, Johannes Engel via samba wrote: > Dear all, > > setting up a DMZ environment I was thinking to use an RODC there for > user authentication. One of the application in the DMZ needs to access > the directory via LDAP. > > When I tried to connect to the RODC using LDAP with simple bind, I > always received the following error > >

On Mon, 22 Jan 2018 20:36:04 +0100 Johannes Engel via samba <samba at lists.samba.org> wrote: > Dear all, > > setting up a DMZ environment I was thinking to use an RODC there for > user authentication. One of the application in the DMZ needs to access > the directory via LDAP. > > When I tried to connect to the RODC using LDAP with simple bind, I > always received

Hello Samba Friends, I have a single DC (we'll call it, "DC1") that simply will not take my password when I run this command:? #samba-tool ldapcmp ldap://dc2 ldap://dc3 -Uadministrator? Or this command:? #samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator? I basically get this:? > Password for [SAMDOM\administrator]:? > Password for [SAMDOM\administrator]:?

Op 28-10-2023 om 09:37 schreef Rowland Penny via samba: > On Fri, 27 Oct 2023 23:48:22 +0200 > Kees van Vloten via samba <samba at lists.samba.org> wrote: > >> Hi Team, >> >> Is it possible to make a LDAP-query that returns whether an account >> is expired or not? >> >> I am aware that it is possible to do the maths against the >>

Hello All, I just discovered that the last I unfortunately I send only to Louis - not the list. So below are my answers included (and log outputs that were requested). Never the less in meantime I have investigated further into SAMBA & winbind. I was able to setup samba dc based on previous instructions and guidelines successfully. I additionally setup a debian samba member with winbind.

Thank you, Louis, for your reply. By simply asking me to provide outputs of the aforementioned files, I found the cause of my first problem (auth failing). It was my /etc/hosts file on dc1. All of them should look like this, and indeed DC2 and DC3's *did* look like this: # cat /etc/hosts > 127.0.0.1 ? ? ? localhost.samdom.mycompany.net ?localhost > 192.168.3.201

On Sat, 28 Oct 2023 11:54:34 +0200 Kees van Vloten via samba <samba at lists.samba.org> wrote: > > Op 28-10-2023 om 09:37 schreef Rowland Penny via samba: > > On Fri, 27 Oct 2023 23:48:22 +0200 > > Kees van Vloten via samba <samba at lists.samba.org> wrote: > > > >> Hi Team, > >> > >> Is it possible to make a LDAP-query that returns

On 10/10/2020 13:15, Philip Offermans wrote: > root at dna:/data/wordpress/database# ldapsearch -h gaia.rompen.lokaal -U > 'vmail' -W -b 'cn=users,dc=rompen,dc=lokaal' > Enter LDAP Password: > SASL/NTLM authentication started > ldap_sasl_interactive_bind_s: Invalid credentials (49) > additional info: 8009030C: LdapErr: DSID-0C0904DC, comment: >

On 10/10/2020 13:32, Philip Offermans wrote: > root at dna:/data/wordpress/database/html# dpkg -s libpam-krb5 > Package: libpam-krb5 > Status: install ok installed > Priority: optional > Section: admin > Installed-Size: 150 > Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com > <mailto:ubuntu-devel-discuss at lists.ubuntu.com>> >

On 10/10/2020 14:40, Philip Offermans wrote: > >>> >>> >>> >>> (The ip6 addresses are from docker) >> 'docker' ??? > https://www.docker.com?would recommend to check it out some time No, I should have expanded on that, what I meant was, is one or other of the DC or Unix domain member running in a docker container ? > > >> On 10

Thanks for your attention > You are always receiving these: > > Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100 > Join failed - cleaning up Yes, but the DNS record is created and it persists after the failure. Another thing I've noticed using RSAT "Active Directory Users and Computers" is that the new DC computer account SRVAD-NEW$@SAMDOM.LOCAL is

Hi Andrew, I am deeply impressed by your speed! :D The RODC is actually Samba 4.7.4, the other DCs are still on 4.6.12. Any suggestion how I can debug this w/o setting everything on level 10? ;) Best regards Johannes Am 22.01.2018 um 20:45 schrieb Andrew Bartlett: > On Mon, 2018-01-22 at 20:36 +0100, Johannes Engel via samba wrote: >> Dear all, >> >> setting up a DMZ

Op 28-10-2023 om 13:22 schreef Rowland Penny via samba: > On Sat, 28 Oct 2023 11:54:34 +0200 > Kees van Vloten via samba <samba at lists.samba.org> wrote: > >> Op 28-10-2023 om 09:37 schreef Rowland Penny via samba: >>> On Fri, 27 Oct 2023 23:48:22 +0200 >>> Kees van Vloten via samba <samba at lists.samba.org> wrote: >>> >>>> Hi

You are always receiving these: Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100 Join failed - cleaning up Questions: 1) Prior to the join, dos a kinit -V5 ADMINISTRATOR at SAMDOM.LOCAL works? 2) Can you create DNS entries without issues with your administrator account? 3) Can you do a test and join your samba server as a normal computer? Does it work? Regards, Vinicius. Em

Can you try this: kinit Administrator samba-tool domain join samdom.example.com DC --site=?KA-H9? -k yes If that isnt working.. Post output of : cat /etc/ldap/ldap.conf And tell me how did you setup your ssl certificates on this server. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Alexander Harm via samba >

I tried joining the same AD before and succeeded, however after upgrading to Debian Buster and installing AD Certificate Services on the Windows DC my join does not work anymore: samba-tool domain join samdom.example.com DC -U?SAMDOM\adadmin? ?site=?KA-H9? fails during the ldap part with: Join failed - cleaning up Failed to bind - LDAP error 49 LDAP_INVALID_CREDENTIALS - <8009030C: LdapErr:

Hi, I'm relatively new to Dovecot and I did a bit of search but couldn't find a possible solution for the particular setup I'm working on. Basically I have an SMTP/POP/IMAP proxy setup running Postfix & Dovecot. IMAP/POP authentication is done using the password proxy feature, where the login credentials are passed to the backend server after a db lookup, which does the actual