similar to: Samba4 Domain UP, but no roaming profiles

Logon scripts assigned to a user do not execute when the user logs on; it did before the upgrade. I can run the script from the command line and it completes OK [like \\{DOMAIN}\netlogon\logon.bat]. I can also browse to the [netlogon] share without issue. Upgrade was from a late 4.0.x to 4.1.x to current 4.2.x. User's can logon without other issues [apparently]. Platform: CentOS7

Since upgrading S4 DCs I am see the following message in log.samba - DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames: Unsupported operation requested: FFFFFFF8Unable to fetch value for secret BCKUPKEY_13bb48fc-0844-4736-9972-e26453333856, are we an undetected RODC? DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames: Unsupported operation requested:

I need to add persistent routes to a policy routing table. I can add rules to an IP policy table after installing NetworkManager-config- routing-rules; but I have not found how to add routes to a table other than the specific table. Manually I do a: ip route add default via 192.168.1.6 dev ens192 table pods Rules load automatically via the /etc/sysconfig/network-scripts/rules- {interface}

I added three DCs to a single DC Samba4 AD domain. They initially replicated and came up - but replication does not appear to be ongoing. A change made to a user via MMC connected to one DC does not appear on another DC. It the logs I see bursts of the following message: [2014/08/12 15:08:08.026270, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid

We'd like to add an adm (administrative template) to our Samba4 server. I see where the .adm files are in the filesystem - /opt/s4/var/locks/sysvol/micore.us/Policies/{ED429C7D-156A-4F75-B21D-92DB8E10ACAB}/Adm/conf.adm - but how can I add a new ADM file? The ADM file in question allows the controlling of IE Favorites and a few other items on XP (not available in the default templates for

On Mon, 2016-09-19 at 20:57 +0200, Marc Muehlfeld wrote: > > Logon scripts assigned to a user do not execute when the user logs > > on; it did before the upgrade. > * What kind of upgrade are you talking about? > NT4 to AD? (migration) > x.y to 4.2? AD 4.0.21 -> 4.2.x This worked prior to the upgrade. > * Is this an PDC or DC? They are DCs. > * Where have you

I have a site with a working Samba4 AD domain with a single DC. It works. I've added three new DCs to the domain [using the SerNet packages for 4.0.21]. The intention is to then demote the old, original Samba4 DC. But problems exist for netlogon/sysvol. One of the new DCs - the second one added - works, clients can access netlogon & sysvol. However the other two DCs have ACL errors

> > Initially, it appears to have worked. ... > > It shows the same on one of the S4 DCs, but the > > DomainDnsZonesMasterRole still shows as "no current owner" on the > > third S4 DC [all Sernet 4.5.2].  Argh. > You could try checking the database on the third DC, 'samba-tool > dbcheck --help' for more info. > You could also try forcing

> You seem to be missing two FSMO roles: > DomainDnsZonesMasterRole > ForestDnsZonesMasterRole > Just what version of Samba are you using ? My Samba 4.5.2 domain also appears to be missing these roles. Can I simply seize these roles? [root at larkin27 ~]# samba-tool fsmo show SchemaMasterRole owner: CN=NTDS Settings,CN=TEMP2008R2DC,CN=Servers,.. InfrastructureMasterRole owner:

I removed a DC using the DC removal tool mentioned in http://gallery.technet.microsoft.com/scriptcenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3 as https://bugzilla.samba.org/show_bug.cgi?id=10734 prevents normal DC demotion. The DC was still all over in DNS, so I had to pick it out. Now replication between the remaining three DCs is broken [root at larkin26 ~]# samba-tool drs showrepl

I believe a schema change on a Windows DC (2008rc) has broken replication with our S4 DCs. Anyone have any tips or pointers to resolve this? I have three S4 DCs [CentOS6] and one Windows 2008R2 DC. The Windows 2008R2 DC has the schema master FSMO, and I believe the Exchange schema was added. I am willing to pay US dollars to get this issue resolved. I need the replication restored, the

On Mon, 2016-12-12 at 19:45 +0000, Rowland Penny via samba wrote: > You seem to be missing two FSMO roles: > > > DomainDnsZonesMasterRole > > > ForestDnsZonesMasterRole > > > Just what version of Samba are you using ? > > My Samba 4.5.2 domain also appears to be missing these roles. > > Can I simply seize these roles? > > [root at larkin27 ~]#

Hi all, SPN = servicePrincipalName A simple search returning all servicePrincipalName declared in your AD: ldbsearch -H $sam serviceprincipalname=* serviceprincipalname An extract from result concerning a lambda client: # record 41 dn: CN=win-client345,OU=Machines,DC=ad,DC=domain,DC=tld servicePrincipalName: HOST/MB38W746-0009 servicePrincipalName: HOST/MB38W746-0009.ad.domain.tld

Hi everyone This is our first proper test of Samba 4 and we've been up with an opensuse server, an ubuntu client, an opensuse client and a win 7 client. 24 hours without a problem:) 1. We have got as far as deciding where roaming profiles should go. In 3.6 we had them inside the users home folder. Someone said that was not good. Going with the Samba 4 wiki, we put them in

On 12/29/2017 3:59 AM, Wojciech ?ysiak wrote: > firstly check which zone are your interface in : > > bash> firewall-cmd --get-active-zones > > then all you have to do is add a service to the firewall > > firewall-cmd --zone=<INSERT YOUR ZONE> --add-service=openvpn --permanent > > assuming that your Openvpn is running on standard port 1194/tcp|udp, > If not

Hi, sometimes I see following in the logs: /source4/rpc_server/drsuapi/writespn.c:234(dcesrv_drsuapi_DsWriteAccountSpn) Failed to modify SPNs on CN=PCNAME,CN=Computers,DC=DOMAIN,DC=NAME,DC=NAME,DC=de: error in module acl: Constraint violation during LDB_MODIFY (19) In the net i found this "explanation": "LDAP_CONSTRAINT_VIOLATION Indicates that the attribute value specified in

Package: sernet-samba-4.2.14-23.el6.x86_64 These DCs were very recently upgraded from a prior version. [2016/09/19 09:32:55.168161, 0] ../source4/libcli/smb2/signing.c:116(smb2_check_signature) Bad SMB2 signature for message of size 202 [2016/09/19 09:32:55.168511, 0] ../lib/util/util.c:559(dump_data) [0000] 77 B3 94 9B 70 78 8B 21 1E 56 D0 78 E1 80 BB 5C w...px.! .V.x...\ [2016/09/19

On Mon, 19 Sep 2016 10:50:25 -0400 Adam Tauno Williams via samba <samba at lists.samba.org> wrote: > On Mon, 2016-09-19 at 10:45 -0400, Adam Tauno Williams via samba > wrote: > > Since upgrading S4 DCs I am see the following message in log.samba - > > The message "Unable to fetch value for secret BCKUPKEY_13bb48fc-0844 > > -4736-9972-e26453333856, are we an

On Tue, 2018-05-15 at 13:04 -0500, Chris Adams wrote: > Once upon a time, Adam Tauno Williams <awilliam at whitemice.org> said: > > Rules load automatically via the /etc/sysconfig/network- > > scripts/rules- > > {interface} files.??Routes added to /etc/sysconfig/network- > > scripts/routes-{interface} are always added to the default policy. > What are you

Hello I try to add a windows 10 client to a existent samba 3 domain. I have installed a windows 10 build 10049 with all Updates. On the windows client I added/modified the following Registry Keys that I can join to to the Samba 3 Domain. HKLM->System->CCS->LanmanWorkstation->Parameters DNSNameResolutionRequired = 0 DomainCompatibilityMode = 1 On the Samba Server I created the