Displaying 20 results from an estimated 1000 matches similar to: "Samba4 KDC Windows 7 clients may fail to get a ticket"
2012 Oct 01
1
Samba4 KDC - no such entry found in hdb
Hello.
Samba 4.1.0pre1-GIT-aad669b, joined as a DC to an existing domain. At least 6 accounts behave like this:
Kerberos: AS-REQ techgroup at KLIN.KIFATO-MK.COM from ipv4:192.168.1.31:33822 for krbtgt/KLIN.KIFATO-MK.COM at KLIN.KIFATO-MK.COM
ldb: ldb_trace_request: SEARCH
dn: <rootDSE>
scope: sub
expr: (&(objectClass=user)(userPrincipalName=techgroup at KLIN.KIFATO-MK.COM))
control:
2012 Sep 29
1
Samba4 LDAP returns wrong responses in some cases, BIND-DLZ refuses to update
Hello.
We have a couple of questions regarding Samba 4.1.0pre1-GIT-aad669b running on Gentoo GNU/Linux
1) Is MS 1.2.840.113556.1.4.1941 operator support implemented (planned to be implemented) in Samba 4 internal LDAP server? Please compare:
$ ldapsearch -h 192.168.1.32 -x -D 'CN=someadminuser,OU=Administrators,DC=klin,DC=kifato-mk,DC=com' -b
2015 Jul 01
3
strange: 20 characters max in samAccountName
Hi all,
Sernet Samba 4.2.2 as Active Directory on Debian 7.8. No other DC.
I can't log in with on Windows systems (Windows 7) when samAccountName are
longer than 20 characters. This seems to be a LAN MAN or NT4 limitation
which should not happen on AD domain.
Any idea what could leads my to that limitation?
I can log in using administrator account or any other having a short
(enough)
2018 Mar 04
1
Samba AD + Kerbero + NFS "Client no longer in database"
I am soo lost trying to get Samba AD 4.7.5 as a Kerberos source for
NFSv4. The NFS server is the Samba AD server running Ubuntu Server
16.0.4.3 and the client is Linux Mint 18.3
This export WORKS and mounts on client
########## /etc/exports ##########
/mnt/fileshare *(rw,no_subtree_check,async)
############################
This export DOES NOT
########## /etc/exports ##########
2013 Aug 07
2
Samba 4 empty password
Hello,
We are trying to setup a SAMBA-Server with users that have empty passwords.
We are using:
Samba 4.0.8
Kernel 3.10.5
Slackware 14.0 x64
When we set a password the login successes!
That's what we get when trying to login:
[2013/08/07 13:31:46, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: AS-REQ media1 at BC from ipv4:10.0.99.100:62078 for
2016 Aug 22
1
Upgrade 4.2.14 --> 4.3.11
Hi,
I had Samba 4.2.14 working as AD DC with shares. After upgrade to version 4.3.11 AD DC authentication, ADUC, etc, stopped working. Shares still work fine.
OS. Oracle Linux 6.x with UEK, uptodate. Samba compiled from source.
Upgrade procedure (nothing special):
./configure --enable-selftest
make
make install
Testparm output:
# Global parameters
[global]
workgroup = EXAMPLE
realm =
2012 Sep 25
1
DRS replication fails with Windows 2003 R2
Hello.
We're trying to integrate Samba 4 as a DC in production. We aim to replace our only Windows 2003 Enterprise R2 Russian DC with 2 Samba DCs. However, we've got a replication problem, we aren't shure is it a bug or misconfiguration.
Both Windows and Samba DCs are virtual amd64 machines, running under the control of Xen (so, at least the time is the same). Windows VM has GPLPV
2016 Jul 05
1
Login not possible / machine account issues
Well, in my option, you the have found your problem.
https://technet.microsoft.com/en-us/library/cc721940(v=ws.10).aspx
3) ..... After the unique system information is removed, ....
And
https://blogs.msdn.microsoft.com/aaron_margosis/2009/11/05/machine-sids-and-domain-sids/
Says:
Mark?s point is that SIDs must be unique within the authority in which they are used. So while DEMOSYSTEM
2013 Nov 04
1
Running SQL Server xp_logininfo with Samba PDC
We have setup Samba 4.1 as a PDC. We have successfully connected several
Windows 2008 Servers to the domain and created various users/groups.
During an application installation on the Windows server, it runs the
command in SQL server:
master..xp_logininfo 'MYDOMAIN\useraccount'
SQLserver is running as a service user created on the domain (here called
MYDOMAIN)
This returns:
Msg
2015 May 27
1
check password script for samba 4 ad dc
I would like to bump my question
2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>:
> Hmm, looks like it's not. I've just set the password for something that
> cracklib-check would argue using both ad management tools and at windows
> login. Should it work that way or I'm missing something?
>
> My dc's smb.conf:
>
> [global]
>
2017 Mar 18
2
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
I made some progress with the issue, but didn't solve it completely
It's basically a kind of bug (i'm not sure if it's on kerberos side or
samba, I think samba is the culprit here (?).
Microsoft uses kind of weird SPN for Hyper-V. Weird as there are
"spaces" in the string - which is kind of unique as far as SPN's go,
usually SPN form a complete string.
So I kind
2016 Oct 03
3
Samba Member NT_STATUS_NETWORK_SESSION_EXPIRED
hey,
now after observe last changes on the weekend… i have also the issue.
After 10 hours i can’t connect to the shares on my member server.
On Log of DC i found this:
[2016/10/02 20:35:45.601265, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: AS-REQ PL0024$@HQ.KONTRAST from ipv4:<member-ip>:55578 for krbtgt/HQ.KONTRAST at HQ.KONTRAST
[2016/10/02
2016 Oct 04
1
Samba Member NT_STATUS_NETWORK_SESSION_EXPIRED
so i add the pam yesterday and now after 10 hours no connection to member is possible. :(
Same errors in logs i send yesterday
OLIVER WERNER
Systemadministrator
> Am 03.10.2016 um 18:54 schrieb Rowland Penny via samba <samba at lists.samba.org>:
>
> On Mon, 3 Oct 2016 17:56:07 +0200
> Oliver Werner <oliver.werner at kontrast.de <mailto:oliver.werner at
2010 May 23
1
Problems with W2K8R2 <-> S4 replication
Hello!
I'm trying to get Samba4 working as an additional AD DC. bin/net vampire
reports no errors, but when I start sbin/samba I got the following in my
var/samba.log:
--------------------
[Sun May 23 03:58:08 2010 MSD, 0
../smbd/server.c:373:binary_smbd_main()] samba version
4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the
Samba Team 1992-2010 [Sun May 23 03:58:08
2014 Nov 10
0
User's DPAPI/backupkey protected data lost when changing domain password
After a user changes their password (CTRL-ALT-DEL) in our Samba 4 domain
(4.1.12) they lose access to any stored passwords on their Windows PC.
I've set the log level in smb.conf to 4 and enabled the GPO to record DPAPI
log entries in Windows to get the below log data.
My reading of the two is that the Windows PC believes it is failing to reset
the access to its DPAPI store (where the saved
2012 Oct 29
3
Unable to create GPO with rc3 and a few authentication problems
Hello.
I had encountered a few problems with 2 Samba 4 rc3 DCs serving domain migrated from Windows 2003 R2. I post them altogether, since they look related.
1. Unable to create or delete GPOs.
# bin/samba-tool gpo create somegpo
ERROR(ldb): uncaught exception - LDAP error 50 LDAP_INSUFFICIENT_ACCESS_RIGHTS - <dsdb_access: Access check failed on
2012 Dec 06
1
Problem samba3 to samba4
Hello
I've migrated a samba 3 server to a samba 4 (.all the tests mentioned in
this howto are succesfull) .But i can't open a session with a
workstation on samba4 domain : approbation problem. The workstation name
which can't connect is "admin-pc"
Any idea ?
*Here are the logs of log.samba
*
Kerberos: Looking for ENC-TS pa-data -- *admin-pc$@SC*
[2012/12/06 12:50:59,
2018 Feb 12
0
Windows user domain accounts getting locked out regularly
Hi All,
We have a mixed environment running with Windows and Linux with samba as
the domain controller. Smart card login is configured and working
properly with pkinit and certs, etc
(https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login) though I
don't think this is related.
A handful of Windows clients are regularly getting their accounts locked
during what seems to be a
2016 Jul 17
1
Winbindd segfaults with bind9-dlz trying to login via libwinbind-pam
Hello,
I just found and odd behaviour here on my test environment (debian
jessie with samba 4.4.5 backported from sid).
I create and ad-dc as usual, adjust nsswitch.conf and enable
pam-auth-winbind (ruuning pam-auth-update). I also define /bin/bash as
template shell.
Now after i create an samba-user and the users home directory
(/home/DOMAIN/achim).
I can login with that account on the
2017 Dec 27
2
AD replication problem "WERR_DS_DRA_ACCESS_DENIED" - need help debugging
We have 3 ADCs based on Samba-4.7.4 (compiled from source,internal DNS)/
CentOS7: dcdo1,dcnh1 and dcge1. dcge1 holds all FSMO roles. The 3 ADCs
are on different locations connected via IPSec based VPN. No traffic is
filtered out.
All 3 ADCs replicate fine except dcdo1 -->dcnh1. Symptom:
[root at dcdo1 ~]# samba-tool drs replicate dcnh1.ad.kdu.com
dcdo1.ad.kdu.com dc=ad,dc=kdu,dc=com