Displaying 20 results from an estimated 10000 matches similar to: "Samba4 AD sssd or pam_krb"
2015 Jun 23
2
Bi-directional sync for Sysvol folder -- Osync?
Dear Belle,
That produce the similar situation.
Thus I'm trying osync
And the result are much present according to my test case
And configuration are much streamline.
However, I'm not sure how it can work with 2 DC or more...
Thank You
On Mon, Jun 22, 2015 at 9:05 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:
> Hai Min Wai Chan,
>
> I have tested it as shown in
2015 Jun 25
2
Bi-directional sync for Sysvol folder -- Osync?
Hi,
I was thinking about bidirectional sync of sysvol and i've a question:
?What about DRBD?. You can create a disk partition in every node, create a
DRBD cluster and then mount that partition on sysvol folder. The
sincronization is bidirectional and in real time.
For now i've not tested this option, but i've plans to start some tests.
What is your opinion about this?
Greetings!!
2015 Jun 25
2
Bi-directional sync for Sysvol folder -- Osync?
Dear Daniel, Klaus
I've try that before
But because of how samba work on the files.
The Advise is No
Without CTDB, you will just shoot yourself on the foot...
On Thu, Jun 25, 2015 at 7:39 PM, Zerwes, Klaus <zerwes at rosalux.de> wrote:
> Just some notes:
> For master <-> master setup (bi-directional sync) you need AFAIK a cluster
> filesystem.
> I have no idea
2015 Jun 22
3
Bi-directional sync for Sysvol folder -- Osync?
Hello Min Wai Chan,
?
Can you explain more about,, the DC1 will remove any emptey directory on DC1.
tested it here, but that does not occure here.
i can create empty directories on DC1, and these are synced to DC2. empty or not.
?
?DC1 will overwrite any users/group change on DC2?
if setup correctly, your sysvol rights on DC1 and DC2 are the same..
?
i suggest you to the following.
get the
2015 Jun 18
3
Bi-directional sync for Sysvol folder -- Osync?
Hello all,
Just to ask have anyone try osync before?
https://github.com/deajan/osync
And would you think that this will fix our issue on
https://wiki.samba.org/index.php/SysVol_Bidirectional_Replication
Where DC2 files or folder will be removed?
Thank You.
2015 Jun 25
1
Bi-directional sync for Sysvol folder -- Osync?
2015-06-25 14:44 GMT+02:00 Daniel Carrasco Mar?n <danielmadrid19 at gmail.com>:
>
>
> 2015-06-25 14:12 GMT+02:00 Min Wai Chan <dcmwai at gmail.com>:
>
>> Dear Daniel, Klaus
>>
>> I've try that before
>> But because of how samba work on the files.
>>
>> The Advise is No
>> Without CTDB, you will just shoot yourself on the
2023 Apr 14
2
Is LDAP + Kerberos without Active Directory no longer supported?
On 4/14/23 02:47, Christian Naumer via samba wrote:
> We are only talking about joining your server to your REALM not the
> clients.
>
> It is possible to do this. See this example for FreeIPA:
>
> https://freeipa.readthedocs.io/en/latest/designs/adtrust/samba-domain-member.html#domain-member-configuration-overview
>
>
> But as you can see it is more complicated that
2002 Nov 09
2
Windows Client Sharing Problem (Access Denied)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greeting,
~ I've setup my Red Hat 7.3 With samba 2.2.5 to be a PDC. Which at the
same time, I'm having the same problem like *problems on windows part
<http://marc.theaimsgroup.com/?t=103675771200004&r=1&w=2>*.
Accessing from windows to Linux always not a problem.
But I'm having a problem to access it reverse. (from Linux
2005 Jun 13
2
x86_64 duplicate packages problem with apt
I installed Centos3.4-x86_64 and I notice that I get duplicate packages.
i.e. I also notice that the duplate packages exist on the cd install as
well.
[root at bayamo RPMS]# rpm -qa | grep pam_krb
pam_krb5-1.73-1
pam_krb5-1.73-1
when I use apt after downloading from Dag's site it complains about
duplicate packages after running apt-get update.
I am missing something to get my x86_64
2014 Mar 12
1
Strange GID and UID with winbindd + Samba AD DC
Dear All,
I've some strange entry on my getent as shown below.
It seem that
There are some strange value UID/GID
4294967295 <-- what number is this?
I get this info from my Domain member which serving as a files server.
Also some different GID from Samba AD DC
E.g wbinfo from AD DC (default configuration after classical migratation)
--> AD DC have no winbind configuration.
wbinfo
2005 Jun 08
2
policy or rules
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear all,
I''m a bit confused on the rules and would like your help.
I''ve 4 NIC,
eth0 --> WAN (net)
eth1 --> OSPF1 (bb1)
eth2 --> OSPF2 (bb2)
I would like to enable all the icmp function (ping and traceroute)
Wonder what effect will the following policy make.
bb0 all ACCEPT info
bb1
2015 Feb 17
1
Bi-direction sysvol script DC2 folder not sync
Dear Louis,
I think I found something interesting on the script...
https://wiki.samba.org/index.php/SysVol_Bidirectional_Replication
Let say we removed the "--delete-after" which caused DC2 folder to be
removed on the next sync...
It seem that the location of the folder are part of the cause.
If it is the 3rd or above... on the folder we sync...
/AD.DOMAIN.NET/Policies/YourNewfolder
2015 Feb 18
1
[OT] Postfix sasl authentication help
Dear all,
Would need some of your advise.
As I was the trying to get postfix sasl working with samba AD.
I've try to search online for a few examples some use ldap, kerberos or pam.
I'm using winbind on that system and I wonder if we can use winbind with sasl.
Or anyone have a more correct on how it should be done.
My existing setup was working with ldap before moving to samba4.
2013 Dec 03
4
Samba 4 DNS name Planing
Dear All,
Can help to advise if there are any name planing for dns?
e.g: I've a domain amtb-m.org
should my samba4 server be
ad.amtb-m.org?
OR should I create another non-reachable internal domain
e.g: ad.amtb-m.lan
For them?
What is the benefit on this or that?
Any documentation about that?
Thank you.
2014 Oct 02
4
Sysvol replication with Unison for more than 2 server.
Dear Louis,
Just to check...
Would it be possible to have more than 2 DC using Unison to sync?
I was trying to make this to the samba wiki.
But when reading the list I see Rowland talking about the SID and RID issue
Because of built-in group SID is not sync across domain.
Which I think samba should have their own way of dealing this or it will
just be a mess in a long run.
Did we have any
2014 Jan 20
3
samba4 and sssd and user mapping
Hi everyone,
on a server running samba4 with sssd for nsswitch mapping, I realized
recently that on windows workstation in the "folder propery/security
tab", users are mapped as "Unix user\userlogin" instead of
"DOMAINNAME\userlogin".
I guess this is due to the fact that sssd mapping with getent passwd
gives me user name without domain name (eg. userlogin), and
2014 Jul 10
2
Possible winbind bugs.
Dear All,
I've found a strange behavior on Winbind + getent group
If there are AD/winbind group didn't have any unix gid...
getent group will only show local group.
If all the AD/winbind group have unix gid
getent will reply with all the group I have included the AD/winbind group.
Did we have any bugs reported on this?
Thank You.
2015 Feb 26
2
Samba4 SSH SSSD-AD Problem
Hi,
I'm having a problem with ssh and sssd in a samba4 ad environment.
If I logon a linux client everything works fine. When entering klist I'm able
to see my ticket. When I try to connect/logon to another linux client with ssh
it is possible, but klist shows:
klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found.
So the ticket cache is not created during
2015 Jan 15
1
Fwd: Re: Samba4 and sssd, keytab file expires?
Hi Rowland,
this posting ended a lot of grief I had with expired keytabs.
While this is presumably an issue of sssd, I have no chance to
attack the issue right at its root*). But rejoining the domain
with the lines
dedicated keytab file = /etc/krb5.memberserver.keytab
kerberos method = secrets and keytab
winbind refresh tickets = Yes
seems to fix it. Phew...
Maybe You or someone
2014 Dec 31
4
Fwd: Re: Samba4 and sssd, keytab file expires?
Il 2014-12-31 16:29 Dr. Lars Hanke ha scritto:
>>> OK, you can get winbind to update your keytab, you need to alter your
>>> smb.conf slightly. You need to change 'kerberos method = secrets
>>> only'
>>> to either 'kerberos method = secrets and keytab' or 'kerberos method
>>> =
>>> system keytab' and add the line