Displaying 20 results from an estimated 2000 matches similar to: "ldbsearch/kerberos issue"
2019 Feb 27
4
status on samba trusts
Now I have a some time to answer, maybe a few of your questions.
Am 26.02.19 um 20:59 schrieb lists via samba:
> Hi,
>
> No replies unfortunately. Unsure why.
There are still a lot of questions open and I think a lot of things have
to be done.
>
> We searched the list, and we found little discussion on the subject of
> trusts. We see occasional questions, but they are often
2019 Feb 28
2
status on samba trusts
Thanks everybody!
The sudden burst of help (both on- and offlist) is much appreciated. :-)
I'll get back to my test setup next week, and try again with these new
insights.
MJ
On 2/28/19 3:46 PM, L.P.H. van Belle via samba wrote:
> Hai Maurik-Jan,
>
> Stefan's work can be found here, i'm reading it myself and its really good.
>
>
2010 Jun 18
1
problems with puppetmaster using intermediate CA cert
Hi,
I''m trying to develop a manifest to setup a new puppet master. To solve
the SSL certificates I''ve created a root CA outside of puppet, and have
generated an intermediate CA for the new puppet master to use. I''ve also
configured my puppetmaster daemon to use it''s own ssl directory. So the
new puppetmaster is at the same time a client of the old puppet
2019 Feb 21
2
status on samba trusts
Hi,
Having read the release notes on the status of trusts within samba, we
see for 4.9
> "improved support for trusted domains"
but we also always see these messages:
> "Both sides of the trust need to fully trust each other!"
and
> "DCs of domain A can grant domain admin rights in domain B"
What we would like to achieve is a one-way incoming trust
2019 Feb 26
0
status on samba trusts
Hi,
No replies unfortunately. Unsure why.
We searched the list, and we found little discussion on the subject of
trusts. We see occasional questions, but they are often left unanswered,
like this one.
If someone could point us to some good up-to-date docs on trusts with
samba then we would really appreciate it.
We setup a test environment (one samba 4.9.4 testad2 AD, one native
windows
2019 Feb 28
0
status on samba trusts
Hi Stefan,
Thanks for your input. I'll check the dns stuff. I put resolvers for
both domains as primary and secondary on both machines, but I guess
that's not good enough.
I'll look into setting up a (query logging) dns proxy, that should tell
us at least who is asking what.
Any chance to share that (german) article you wrote?
My german is not perfect, but good enough to
2019 Feb 28
0
status on samba trusts
Hai Maurik-Jan,
Stefan's work can be found here, i'm reading it myself and its really good.
2004 Feb 03
1
Problems copying some files from windows to linux
Hi,
This might not be entirely samba server related, but the problem I am
experiencing is affecting a planned implementation of a new Samba
Server, and from the smbmount man page, it appears that this is the
recommended list to reqest help - so hopefully someone might be able to
assist :-).
I am running a Debian Linux machine (kernel 2.6.0) with Samba 3.0.1
which will soon be replacing an
2019 Feb 28
2
status on samba trusts
Hi MJ,
Am 28.02.2019 15:31, schrieb mj via samba:
> Hi Stefan,
>
> Thanks for your input. I'll check the dns stuff. I put resolvers for
> both domains as primary and secondary on both machines, but I guess
> that's not good enough.
>
NO, it's not good enough ;-) Setting up a DNS-Proxy is real easy. Just a
few lines :-).
> I'll look into setting up a (query
2019 Mar 05
0
status on samba trusts
Hi Stefan, others,
Just to report back that things work very nicely now that DNS is using
one dns proxy that resolves both AD domains. I am testing now with a
'full' two-way trust, and everyhing seemed to work, including the tests
from samba-tool and from windows "domains and trusts" perspective.
From an administrative point of view, the fact that your have to add
2010 May 05
12
puppet for switches
This might be a crazy idea, but it just popped into my head, and I
wanted to know if it''s possible. Perhaps not possible right now, but
possible in a theoretical sense.
Is it possible that puppet could be modified to be used to manage
switches that have a command line based interface?
When I manage our Allied Telesis switches (which have a CLI similar to
cisco IOS) I wonder if I could
2005 Sep 21
1
Print Sharing problems. (Samba/CUPS, windows client)
Hi,
I've spent way too many hours trying to make this work and have hit a
wall. Hoping that someone can provide me with the clue that resolves
this issue....
I'm unable to print from a domain connected windows XP client to our
samba server, apparently due to credential/access restrictions.
The Samba Server is running on Debian linux, and is version 3.0.14a.
It's LDAP
2018 Jan 09
3
samba_dlz shutting down on named reload
Hello there.
I´ve been having problems with dynamic dns update by dhcp on my samba ADDC
running on CentOS 7 on an RPI2. After a while, the dhccp_dyndns.sh stops
stops being able to authenticate with named.
for the longest time I was stumped with this, exploring all kinds of
kerberos issues, but found out that *restartint* named did resolve the
issue.
I have finally traced this problem down to a
2016 Oct 07
0
BIND9.8 DLZ performance issue
I'm hoping the issue is just load balancing, but I'm not sure. I can't
see to get the traffic balanced across two DCs.
I ran this script on all Linux nodes to balance the traffic.
#!/usr/bin/perl
use strict;
use warnings;
my $primary_name_server;
my $random = int(rand(10));
open(my $resolv_conf_fh, '< /etc/resolv.conf') or die("Unable to open /etc/resolv.conf for
2017 Nov 30
2
Samba AD /dns /dhcp
Hello there. I hope I'm in the right place for some Samba AD advice.
I recently added two extra ADs to a setup I inherited.
Originally there was a single Samba AD with BIND9_DLS config. DHCP was
separate.
Subsequently I installed Samba on two Raspberry Pis to act as backup
servers.
Basically, I followd this set of instructions:
2014 May 08
1
Trouble demoting DC with broken replication
Hi all,
I am currently struggling to remove one of our Samba4 DC from the
domain. Some time ago, adding a new Samba DC to our AD did not succeed
and I had to demote the new server again. After removal, replication on
one of the old/existing DCs got weird.
/usr/local/samba/bin/samba-tool drs showrepl gives the following:
Standardname-des-ersten-Standorts\dc02
DSA Options: 0x00000001
DSA object
2014 Sep 12
1
Group Policy failures related to machine password replication
We are using Samba-4.1.11.
I can run gpupdate /force without error on my machine.
H:\>type \\dc01.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini
[General]
Version=65551
displayName=New Group Policy Object
H:\>type \\dc02.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini
[General]
Version=65551
displayName=New
2015 Mar 27
0
Replication error after trying to sync sysvol
Found the problem. There is a DNS Problem on one machine. This happend
because I was testing some samba AD settings in a virtual machine,
without knowing that NAT isn't shielding this properly - this vm
propagated the "new" IP to one of the dcs.
DC04> ping DC03
gives wrong IP!
This should be fixable with the samba-tool dns update?
On 03/27/2015 01:14 PM, Johannes Amorosa |
2016 Sep 27
1
named ( bind 9.9.4 ) fails to start
Thanks Rowland,
You saved me from a world of pain, I've now got named back up and running
and also accessible via windows DNS GUI.
the SOA record still says ns=dc03.. which is strange and the only place
dc03 exists in the ouput of
samba-tool dns query localhost mydomain.com @ ALL
Is this something I can fix in the windows DNS GUI or do I need to do
something with like FSMO ?
Which btw
2015 Mar 27
2
Replication error after trying to sync sysvol
I tried to synchronize the sysvol folders, on two dcs. Something went
wrong since yesterday we have replication problems:
One machine shows this, while the other one is happy.
samba-tool drs showrepl
==== INBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=ourdomain,DC=com
Default-First-Site-Name\DC03 via RPC
DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
Last attempt @