similar to: Samba 4 for test

Hey Luke, thanks for the help!!! It's working now!!! God bless you and your family!! :D Remember that GPOs need to run as the context of either the computer or the > user. Computers typically do not have access to many folders on a file > server, even as "Everyone". That is why the NETLOGON folder works. > > If you're deploying as a USER configuration, then it

Which GPO? Computer or User Configuration? Remember that GPOs need to run as the context of either the computer or the user. Computers typically do not have access to many folders on a file server, even as "Everyone". That is why the NETLOGON folder works. If you're deploying as a USER configuration, then it should run as the context of the user, meaning the Everyone permission

Hi Elias, > I thought it worked, but after I uninstalled the software that I deployed > via user scope, it did not reinstall. I selected the "Redeploy application" > option, but it also did not work. The user scope GPO are run with the privileges and access tokens of the logged on user, so the user have local admin rights for install and need access rights to the share you

The saga continues... I've spent a whole day with log level 5 and 7 and no error. All I have to do is return the log to the default and the error reappears. I monitored the "LDAP Query: Duration", but I didn't notice any crashes in the queries. I don't know if it's a long time, but some queries took 1.5s. Is there anything else I can do? On Mon, Mar 25, 2024 at

1.5 seconds is pretty long, I would look into what those queries are. I would also look into repeated queries, sometimes these things are clients stuck in a loop where they don't complete because they expect some termination condition. Andrew Bartlett On Tue, 2024-04-02 at 09:25 -0300, Elias Pereira via samba wrote: > The saga continues... > I've spent a whole day with log level 5

Hello Andrew, 1. What is the explanation for the fact that when the log level is set to 5 or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but when it is at the default log level, it does? Another point I've noticed before is that when I run the command "samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes" (*Checked 15337 objects (0 errors)*), and in another

Hello Andrew, What's the explanation for when the log level is set to 5, the error NT_STATUS_IO_TIMEOUT doesn't appear, but when it's at the default log level, it does? On Mon, Mar 18, 2024 at 10:33?AM Elias Pereira <empbilly at gmail.com> wrote: > hi Andrew, thanks for the help!!! > > It seems to me the LDAP process being busy would be the root cause here. >>

On Thu, 2024-04-11 at 14:21 -0300, Elias Pereira wrote: > Hello?Andrew, > > 1. What is the explanation for the fact that when the log level is > set to 5 or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but > when it is at the default log level, it does? I don't have an explanation for this, sorry. ?Have you looked into the 1.5 second queries, what is sending them and

> > Simple answer: > Administrator, No > Domain Admins, Yes Ok. It was already that way. root at fileserver:/etc/samba# getent group ... domain admins:x:10004: domain users:x:10000: dap:x:10003: dti:x:10001: For some reason with the administrator user is not working, I put my user as domain admin and include him as a member of unix and now I can access the security tab.

Hi Rowland, Could you tell me what the correct permissions are for the bind9 files? On Wed, Jan 3, 2024 at 5:46?PM Elias Pereira <empbilly at gmail.com> wrote: > The only 'problem' I can see is that the group is set to 'bind' instead >> of 'root', why is this ? > > If I'm not mistaken, I did it on the wiki, but maybe I needed an older >

hi, I created a lab to test adding the eduPerson schema. I took the schema from the link below and followed the wiki to add the schema. hxxps:// github.com/REFEDS/eduperson/blob/master/schema/activedirectory/eduPerson.adschema.ldf I split the ldif into 3 parts. attrs.ldif classes.ldif auxiliaryClass.ldif At first there was no error when adding the ldifs with the commands given in the wiki. To

Hi samba list!!! Douglas, /usr/sbin/samba_kcc is made in python. Does it have a link to source4/dsdb/kcc/kcc_periodic.c which is made in C? The errors that appear in my DCs have their output in the C code. Correct me if I'm wrong, but I read in some old posts on the list that samba would have a new code for kcc (python code?), which would be closer to what M$ uses. Could this have anything

hi Andrew, thanks for the help!!! It seems to me the LDAP process being busy would be the root cause here. > Working out what is going on here shouldn't is a detective task - I always > start with a wireshark trace. The client making all the noise/traffic will > be the one causing the trouble. In the wireshark analysis, should I filter only by the ldap protocol or leave

Found it! :) I thought in make a script more or less that way. #!/bin/bash # GROUP=ADM GUID=10000 # Domain Users UID=10000 # get the next ID ? for USER in $(samba-tool group listmembers $GROUP) do samba-tool user edit $USER -H ldap://samdom.example.com \ -U administrato --nis-domain=samdom \ --unix-home=/home/$USER \ --uid-number=${NEXTID} \

root at fileserver:~# getfacl /home/dados/ getfacl: Removing leading '/' from absolute path names # file: home/dados/ # owner: root # group: domain\040admins user::rwx group::rwx other::--- Still with the same problem. No security tab on windows machine. :( The "Administrator" and "Domain Admins" also need to have an unix attribute? On Tue, May 30, 2017 at 4:08 PM,

Either the local server is busy, or possibly (but it would not explain the samba_kcc) Samba's drepl process is stuck talking to a remote server. Is the drepl local processes very busy doing inbound replication? My instinct is either the server is very busy (and this should show up in CPU use) or a transaction is being held open excessively. Andrew Bartlett On Sat, 2024-03-09 at 19:11 -0300,

> > Is the drepl local processes very busy doing inbound replication? How can I check this? My instinct is either the server is very busy (and this should show up in > CPU use) or a transaction is being held open excessively. I use VMs on Proxmox. In DC1, I installed the Proxmox agent, and CPU usage via the dashboard is very low. However, when I checked using 'top,' the LDAP

I've been grappling with a recurring set of errors for quite some time now: - UpdateRefs failed with NT_STATUS_IO_TIMEOUT - Failed samba_kcc - NT_STATUS_IO_TIMEOUT - IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT Despite cranking up the log level to 10, the returned information remains frustratingly cryptic and hard to decipher. This error, being overly generic, continues to

> > Just a thought, is dhcpcd5 installed ? No. Does this happen on the XEN Server of Client (guest OS). If Xen, which xen version? xen 7.0.0 The command cat lan-dev-$(ip route | grep default |awk '{ print $5 }').network shows nothing. Do I need to create this file? His content is just my interface. Ex: eth0? On Mon, Aug 19, 2019 at 11:54 AM Rowland penny via samba < samba

Thanks for getting back to me. It seems to me the LDAP process being busy would be the root cause here. Working out what is going on here shouldn't is a detective task - I always start with a wireshark trace. The client making all the noise/traffic will be the one causing the trouble. If it isn't clear from that, then look into the DB audit logging for perhaps busy writes