similar to: Questions for minimal AD DC, DNS setup and Posix use

On Tue, 3 Dec 2024 09:15:36 +0100 Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > Hi, i have some problems with a recently joined Read Only Domain > controller. > > I had 2 Domain Controllers based on Windows Server 2019 (hosts > vmw2srvdc1 an vmw2srvdc2). I and i recently added a new site (PSN) > and Read Only DC in this second site based on samba (host

On Sun, May 5, 2019 at 9:52 AM Rowland Penny via samba < samba at lists.samba.org> wrote: > On Sun, 5 May 2019 09:20:37 -0300 > Emerson Kfuri via samba <samba at lists.samba.org> wrote: > > > Hello, > > > > Recently I started using RODC servers on my environment and noticed a > > few issues with it: > > - lack of LDAP SPNs > > -

Hello, Recently I started using RODC servers on my environment and noticed a few issues with it: - lack of LDAP SPNs - "samba_dnsupdate" not working with "insufficient access rights" (it works from RWDCs) - "samba-tool dbcheck" changes instancetype of basically all objects from 4 to 0. New replicated objects continues being created with instancetype 4 and dbcheck

On Mon, 30 Dec 2024 16:07:31 +0000 Manzini Enrico via samba <samba at lists.samba.org> wrote: > Hi Rowland > We actually use RODC's because we have a customer with hub and spoke > configuration with 4 RWDC's in the central site, and about 80 remote > sites with RODC's deployed, all of these with low hardware security, > sites where the machine can physically can

Ok, but why if i browse the network from the client with the remote rodc and the rwdc used as replication partner for rodc join online, everything work as expected, but if i shutdown the rwdc used for rodc join replication partner offline, client no work anymore? The join command for the remote rodc RODC-1 is: samba-tool domain join scratch.lan RODC --server=dc-1.scratch.lan --realm=SCRATCH.LAN

Hi We are running the latest 4.6.7 Sernet samba packages on a Ubuntu 12.02 LTS servers with one PDC and 05 RODC's located at the branches. The sysvol replication is working fine from the PDC to the RODC's but the RODC's are failing to login the local clients when the link between the branch and the Main campus is offline. The branch computers and users are added into the Allowed

Hi Rowland, Thanks for you answer, specially on a sunday! :-) On Sun, May 5, 2019 at 11:31 AM Rowland Penny via samba < samba at lists.samba.org> wrote: > On Sun, 5 May 2019 10:13:07 -0300 > Emerson Kfuri <emersonkfuri at gmail.com> wrote: > > > On Sun, May 5, 2019 at 9:52 AM Rowland Penny via samba < > > samba at lists.samba.org> wrote: > > >

On Tue, 24 Dec 2024 11:38:17 +0000 Manzini Enrico via samba <samba at lists.samba.org> wrote: > Hello, > we are testing a dc/rodc configuration with Samba AD, but we are > stuck with a problem that occurs when one of the writable DCs (the > one that was used as a partner during rodc join) is shutdown: Test > configuration: > - writeable dc and read only dc Samba

Hi Rowland We actually use RODC's because we have a customer with hub and spoke configuration with 4 RWDC's in the central site, and about 80 remote sites with RODC's deployed, all of these with low hardware security, sites where the machine can physically can be stolen, so we opted to use RODC's machines at the remote sites The connectivity and dns resolution works both fine, with

Hai, ? Im try to get my id for administrator groups on both server the same. ? with?4.1.17 the solution was simple.. we stop samba on both servers. scp /var/lib/samba/private/idmap.ldb root at 192.168.0.2:/var/lib/samba/private/ ? started samba, and the id's where the same. ? Im using winbindd now with samba 4.2.1 but... ? DC1:? id administrator uid=0(root) gid=100(users)

On Wed, 24 Jan 2024 15:54:38 +0100 Jakob Curdes via samba <samba at lists.samba.org> wrote: > Hello, we have setup a SAMBA4 RODC in our setup where we have two > exisitng RW Samba4 DC's. > > The RODC is joined correctly and can preload user accounts etc. It > also can resolve its own name and the name of other DC's, also the > SRV records needed. > We created

Hello, we have setup a SAMBA4 RODC in our setup where we have two exisitng RW Samba4 DC's. The RODC is joined correctly and can preload user accounts etc. It also can resolve its own name and the name of other DC's, also the SRV records needed. We created an own site with specific subnet for this RODC "area". But we did not manage to get a join of a Windows server working

> Jakob Curdes via samba<samba at lists.samba.org> wrote: > >> Hello, we have setup a SAMBA4 RODC in our setup where we have two >> exisitng RW Samba4 DC's. >> >> The RODC is joined correctly and can preload user accounts etc. It >> also can resolve its own name and the name of other DC's, also the >> SRV records needed. >> We created

On Tue, 7 Aug 2018 17:44:37 +0200 Stefan Kania via samba <samba at lists.samba.org> wrote: > Hi Andrej, > > then it works, but on a "normal" addc it works without "-U ". This is probably because you will be running the command from the RODC on the RWDC. > > One more Question: > When I do a "host -t srv _ldap._tcp.example.net" I only see

Il 03/12/24 10:13, Rowland Penny via samba ha scritto: > On Tue, 3 Dec 2024 09:15:36 +0100 > Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > >> Hi, i have some problems with a recently joined Read Only Domain >> controller. >> >> I had 2 Domain Controllers based on Windows Server 2019 (hosts >> vmw2srvdc1 an vmw2srvdc2). I and i recently

On Wed, 24 Oct 2018 09:45:39 +1300 Garming Sam <garming at catalyst.net.nz> wrote: > > On 23/10/18 9:48 PM, Rowland Penny via samba wrote: > > On Tue, 23 Oct 2018 10:07:29 +1300 > > Garming Sam via samba <samba at lists.samba.org> wrote: > > > >> Hi, > >> > >> On 20/10/18 1:26 AM, Julien Ropé via samba wrote: > >>>  The

On Mon, 6 May 2019 08:42:03 +0200 Adam Minski <aminski316 at gmail.com> wrote: > > Good Morning. > > I've tested RODC functionality using samba-4.9.4 and > samba-4.11.0pre1-GIT-f1a1c300e19 built on Debian 9. The builds using > the internal Heimdal KDC and the internal DNS backend. > > For me there's no lack of LDAP SPNs and samba_dnsupdate works as >

When I run "gpresult /R" on one of my domain users the ". . . following security groups" listed at the bottom of the output includes "Denied RODC Password Replication Group". Did a little web search digging and found that RODC stands for Read Only Domain Controller. My domain consists of two DC's and one member server with three W10 workstations. I have never

Hi people. I migrate some PDC NT4 to samba 3.3.x, some users have info the Workstations parameter, I need to remove that info, because they cannot login on any other machine, I have read the pdbedit, smbldap-usermod but wont't where I can do that. Any info will be appreciated, thanks!!! -- LIving the dream...

Hello Stefan, you need to use "-U" with user from Domain Admin group(maybe it works with other users too, but I didn't test it). Andrej Am 07.08.2018 um 17:00 schrieb Stefan Kania via samba: > When I start the replication from the other DC it works as you can see: > ------- > root at addc-01:~# samba-tool drs replicate rodc-01 addc-01 dc=example,dc=net > Replicate