Displaying 20 results from an estimated 10000 matches similar to: "Samba4 Domain UP, but no roaming profiles"
2016 Sep 19
5
Upgraded SAMBA4 DC's, now no logon scripts
Logon scripts assigned to a user do not execute when the user logs on;
it did before the upgrade.
I can run the script from the command line and it completes OK [like
\\{DOMAIN}\netlogon\logon.bat]. I can also browse to the [netlogon]
share without issue.
Upgrade was from a late 4.0.x to 4.1.x to current 4.2.x. User's can
logon without other issues [apparently].
Platform: CentOS7
2016 Sep 19
2
"Unable to fetch value for secret ..., are we an undetected RODC?"
Since upgrading S4 DCs I am see the following message in log.samba -
DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames:
Unsupported operation requested: FFFFFFF8Unable to fetch value for
secret BCKUPKEY_13bb48fc-0844-4736-9972-e26453333856, are we an
undetected RODC?
DsCrackNames: Unsupported operation requested: FFFFFFF8DsCrackNames:
Unsupported operation requested:
2018 May 15
2
Persisting Routes In A Routing Table Other Than The Default
I need to add persistent routes to a policy routing table. I can add
rules to an IP policy table after installing NetworkManager-config-
routing-rules; but I have not found how to add routes to a table other
than the specific table.
Manually I do a:
ip route add default via 192.168.1.6 dev ens192 table pods
Rules load automatically via the /etc/sysconfig/network-scripts/rules-
{interface}
2014 Aug 12
2
Four DCs, No Replication
I added three DCs to a single DC Samba4 AD domain.
They initially replicated and came up - but replication does not appear
to be ongoing. A change made to a user via MMC connected to one DC does
not appear on another DC.
It the logs I see bursts of the following message:
[2014/08/12 15:08:08.026270,
0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv)
Failed to bind to uuid
2012 Dec 17
1
Samba4: Upload an Administrative Policy Template?
We'd like to add an adm (administrative template) to our Samba4 server.
I see where the .adm files are in the filesystem -
/opt/s4/var/locks/sysvol/micore.us/Policies/{ED429C7D-156A-4F75-B21D-92DB8E10ACAB}/Adm/conf.adm
- but how can I add a new ADM file?
The ADM file in question allows the controlling of IE Favorites and a
few other items on XP (not available in the default templates for
2016 Sep 19
2
Upgraded SAMBA4 DC's, now no logon scripts
On Mon, 2016-09-19 at 20:57 +0200, Marc Muehlfeld wrote:
> > Logon scripts assigned to a user do not execute when the user logs
> > on; it did before the upgrade.
> * What kind of upgrade are you talking about?
> NT4 to AD? (migration)
> x.y to 4.2?
AD 4.0.21 -> 4.2.x
This worked prior to the upgrade.
> * Is this an PDC or DC?
They are DCs.
> * Where have you
2014 Aug 12
1
Sysvol "incorrect parameter" on some new DC's
I have a site with a working Samba4 AD domain with a single DC. It
works.
I've added three new DCs to the domain [using the SerNet packages for
4.0.21]. The intention is to then demote the old, original Samba4 DC.
But problems exist for netlogon/sysvol. One of the new DCs - the second
one added - works, clients can access netlogon & sysvol.
However the other two DCs have ACL errors
2016 Dec 13
1
Doubt about Global Catalog on Samba 4
> > Initially, it appears to have worked. ...
> > It shows the same on one of the S4 DCs, but the
> > DomainDnsZonesMasterRole still shows as "no current owner" on the
> > third S4 DC [all Sernet 4.5.2]. Argh.
> You could try checking the database on the third DC, 'samba-tool
> dbcheck --help' for more info.
> You could also try forcing
2016 Dec 12
2
Doubt about Global Catalog on Samba 4
> You seem to be missing two FSMO roles:
> DomainDnsZonesMasterRole
> ForestDnsZonesMasterRole
> Just what version of Samba are you using ?
My Samba 4.5.2 domain also appears to be missing these roles.
Can I simply seize these roles?
[root at larkin27 ~]# samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS Settings,CN=TEMP2008R2DC,CN=Servers,..
InfrastructureMasterRole owner:
2015 Apr 12
2
Removed old DC, now replication hopelessly broken [HELP]
I removed a DC using the DC removal tool mentioned in
http://gallery.technet.microsoft.com/scriptcenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3
as https://bugzilla.samba.org/show_bug.cgi?id=10734 prevents normal DC
demotion.
The DC was still all over in DNS, so I had to pick it out.
Now replication between the remaining three DCs is broken
[root at larkin26 ~]# samba-tool drs showrepl
2016 Nov 16
4
Schema Change Breaks Replication
I believe a schema change on a Windows DC (2008rc) has broken
replication with our S4 DCs. Anyone have any tips or pointers to
resolve this?
I have three S4 DCs [CentOS6] and one Windows 2008R2 DC. The Windows
2008R2 DC has the schema master FSMO, and I believe the Exchange schema
was added.
I am willing to pay US dollars to get this issue resolved. I need the
replication restored, the
2016 Dec 13
2
Doubt about Global Catalog on Samba 4
On Mon, 2016-12-12 at 19:45 +0000, Rowland Penny via samba wrote:
> You seem to be missing two FSMO roles:
> > > DomainDnsZonesMasterRole
> > > ForestDnsZonesMasterRole
> > > Just what version of Samba are you using ?
> > My Samba 4.5.2 domain also appears to be missing these roles.
> > Can I simply seize these roles?
> > [root at larkin27 ~]#
2016 Mar 10
2
Failed to modify SPNs on error in module acl: Constraint violation during LDB_MODIFY (19)
Hi all,
SPN = servicePrincipalName
A simple search returning all servicePrincipalName declared in your AD:
ldbsearch -H $sam serviceprincipalname=* serviceprincipalname
An extract from result concerning a lambda client:
# record 41
dn: CN=win-client345,OU=Machines,DC=ad,DC=domain,DC=tld
servicePrincipalName: HOST/MB38W746-0009
servicePrincipalName: HOST/MB38W746-0009.ad.domain.tld
2011 Dec 21
1
Samba 4 roaming profiles
Hi everyone
This is our first proper test of Samba 4 and we've been up with an
opensuse server, an ubuntu client, an opensuse client and a win 7
client. 24 hours without a problem:)
1. We have got as far as deciding where roaming profiles should go. In
3.6 we had them inside the users home folder. Someone said that was not
good. Going with the Samba 4 wiki, we put them in
2017 Dec 29
2
OpenVPN server and firewalld
On 12/29/2017 3:59 AM, Wojciech ?ysiak wrote:
> firstly check which zone are your interface in :
>
> bash> firewall-cmd --get-active-zones
>
> then all you have to do is add a service to the firewall
>
> firewall-cmd --zone=<INSERT YOUR ZONE> --add-service=openvpn --permanent
>
> assuming that your Openvpn is running on standard port 1194/tcp|udp,
> If not
2016 Feb 02
2
Failed to modify SPNs on error in module acl: Constraint violation during LDB_MODIFY (19)
Hi,
sometimes I see following in the logs:
/source4/rpc_server/drsuapi/writespn.c:234(dcesrv_drsuapi_DsWriteAccountSpn)
Failed to modify SPNs on
CN=PCNAME,CN=Computers,DC=DOMAIN,DC=NAME,DC=NAME,DC=de: error in module acl:
Constraint violation during LDB_MODIFY (19)
In the net i found this "explanation":
"LDAP_CONSTRAINT_VIOLATION
Indicates that the attribute value specified in
2016 Sep 19
4
Error "Failed extended allocation RID pool operation..."
Package: sernet-samba-4.2.14-23.el6.x86_64
These DCs were very recently upgraded from a prior version.
[2016/09/19 09:32:55.168161, 0]
../source4/libcli/smb2/signing.c:116(smb2_check_signature)
Bad SMB2 signature for message of size 202
[2016/09/19 09:32:55.168511, 0] ../lib/util/util.c:559(dump_data)
[0000] 77 B3 94 9B 70 78 8B 21 1E 56 D0 78 E1 80 BB 5C w...px.!
.V.x...\
[2016/09/19
2016 Sep 19
1
"Unable to fetch value for secret ..., are we an undetected RODC?"
On Mon, 19 Sep 2016 10:50:25 -0400
Adam Tauno Williams via samba <samba at lists.samba.org> wrote:
> On Mon, 2016-09-19 at 10:45 -0400, Adam Tauno Williams via samba
> wrote:
> > Since upgrading S4 DCs I am see the following message in log.samba -
> > The message "Unable to fetch value for secret BCKUPKEY_13bb48fc-0844
> > -4736-9972-e26453333856, are we an
2018 May 16
1
Persisting Routes In A Routing Table Other Than The Default
On Tue, 2018-05-15 at 13:04 -0500, Chris Adams wrote:
> Once upon a time, Adam Tauno Williams <awilliam at whitemice.org> said:
> > Rules load automatically via the /etc/sysconfig/network-
> > scripts/rules-
> > {interface} files.??Routes added to /etc/sysconfig/network-
> > scripts/routes-{interface} are always added to the default policy.
> What are you
2015 Apr 08
3
Windows 10 + Domain Join + Samba 3.x + Profile V5
Hello
I try to add a windows 10 client to a existent samba 3 domain.
I have installed a windows 10 build 10049 with all Updates.
On the windows client I added/modified the following Registry Keys that
I can join to to the Samba 3 Domain.
HKLM->System->CCS->LanmanWorkstation->Parameters
DNSNameResolutionRequired = 0
DomainCompatibilityMode = 1
On the Samba Server I created the