Displaying 20 results from an estimated 20000 matches similar to: "Samba 4 for test"
2018 Jan 11
2
Deploy software in fileserver folder
Hey Luke, thanks for the help!!! It's working now!!!
God bless you and your family!! :D
Remember that GPOs need to run as the context of either the computer or the
> user. Computers typically do not have access to many folders on a file
> server, even as "Everyone". That is why the NETLOGON folder works.
>
> If you're deploying as a USER configuration, then it
2018 Jan 10
2
Deploy software in fileserver folder
Which GPO? Computer or User Configuration?
Remember that GPOs need to run as the context of either the computer or the
user. Computers typically do not have access to many folders on a file
server, even as "Everyone". That is why the NETLOGON folder works.
If you're deploying as a USER configuration, then it should run as the
context of the user, meaning the Everyone permission
2018 Jan 11
2
Deploy software in fileserver folder
Hi Elias,
> I thought it worked, but after I uninstalled the software that I deployed
> via user scope, it did not reinstall. I selected the "Redeploy application"
> option, but it also did not work.
The user scope GPO are run with the privileges and access tokens of the
logged on user, so the user have local admin rights for install and need
access rights to the share you
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
The saga continues...
I've spent a whole day with log level 5 and 7 and no error. All I have to
do is return the log to the default and the error reappears.
I monitored the "LDAP Query: Duration", but I didn't notice any crashes in
the queries.
I don't know if it's a long time, but some queries took 1.5s.
Is there anything else I can do?
On Mon, Mar 25, 2024 at
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
1.5 seconds is pretty long, I would look into what those queries are.
I would also look into repeated queries, sometimes these things are
clients stuck in a loop where they don't complete because they expect
some termination condition.
Andrew Bartlett
On Tue, 2024-04-02 at 09:25 -0300, Elias Pereira via samba wrote:
> The saga continues...
> I've spent a whole day with log level 5
2024 Apr 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
Hello Andrew,
1. What is the explanation for the fact that when the log level is set to 5
or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but when it is at the
default log level, it does?
Another point I've noticed before is that when I run the command
"samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes" (*Checked
15337 objects (0 errors)*), and in another
2024 Mar 25
1
How to diagnose a busy LDAP server process in the Samba AD DC
Hello Andrew,
What's the explanation for when the log level is set to 5, the error
NT_STATUS_IO_TIMEOUT doesn't appear, but when it's at the default log
level, it does?
On Mon, Mar 18, 2024 at 10:33?AM Elias Pereira <empbilly at gmail.com> wrote:
> hi Andrew, thanks for the help!!!
>
> It seems to me the LDAP process being busy would be the root cause here.
>>
2024 Apr 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
On Thu, 2024-04-11 at 14:21 -0300, Elias Pereira wrote:
> Hello?Andrew,
>
> 1. What is the explanation for the fact that when the log level is
> set to 5 or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but
> when it is at the default log level, it does?
I don't have an explanation for this, sorry. ?Have you looked into the
1.5 second queries, what is sending them and
2017 May 30
2
member domain idmap config ad/rid
>
> Simple answer:
> Administrator, No
> Domain Admins, Yes
Ok. It was already that way.
root at fileserver:/etc/samba# getent group
...
domain admins:x:10004:
domain users:x:10000:
dap:x:10003:
dti:x:10001:
For some reason with the administrator user is not working, I put my user
as domain admin and include him as a member of unix and now I can access
the security tab.
2024 Jan 04
1
{Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired
Hi Rowland,
Could you tell me what the correct permissions are for the bind9 files?
On Wed, Jan 3, 2024 at 5:46?PM Elias Pereira <empbilly at gmail.com> wrote:
> The only 'problem' I can see is that the group is set to 'bind' instead
>> of 'root', why is this ?
>
> If I'm not mistaken, I did it on the wiki, but maybe I needed an older
>
2023 Apr 14
1
eduPerson schema on samba4
hi,
I created a lab to test adding the eduPerson schema.
I took the schema from the link below and followed the wiki to add the
schema.
hxxps://
github.com/REFEDS/eduperson/blob/master/schema/activedirectory/eduPerson.adschema.ldf
I split the ldif into 3 parts.
attrs.ldif
classes.ldif
auxiliaryClass.ldif
At first there was no error when adding the ldifs with the commands given
in the wiki. To
2024 Feb 10
1
kcc_periodic output
Hi samba list!!!
Douglas, /usr/sbin/samba_kcc is made in python. Does it have a link to
source4/dsdb/kcc/kcc_periodic.c which is made in C?
The errors that appear in my DCs have their output in the C code.
Correct me if I'm wrong, but I read in some old posts on the list that
samba would have a new code for kcc (python code?), which would be
closer to what M$ uses.
Could this have anything
2024 Mar 18
1
How to diagnose a busy LDAP server process in the Samba AD DC
hi Andrew, thanks for the help!!!
It seems to me the LDAP process being busy would be the root cause here.
> Working out what is going on here shouldn't is a detective task - I always
> start with a wireshark trace. The client making all the noise/traffic will
> be the one causing the trouble.
In the wireshark analysis, should I filter only by the ldap protocol or
leave
2017 Dec 02
2
idamp ad/rid
Found it! :)
I thought in make a script more or less that way.
#!/bin/bash
#
GROUP=ADM
GUID=10000 # Domain Users
UID=10000 # get the next ID ?
for USER in $(samba-tool group listmembers $GROUP)
do
samba-tool user edit $USER -H ldap://samdom.example.com \
-U administrato --nis-domain=samdom \
--unix-home=/home/$USER \
--uid-number=${NEXTID} \
2017 May 30
2
member domain idmap config ad/rid
root at fileserver:~# getfacl /home/dados/
getfacl: Removing leading '/' from absolute path names
# file: home/dados/
# owner: root
# group: domain\040admins
user::rwx
group::rwx
other::---
Still with the same problem. No security tab on windows machine. :(
The "Administrator" and "Domain Admins" also need to have an unix attribute?
On Tue, May 30, 2017 at 4:08 PM,
2024 Mar 10
1
kcc_periodic output
Either the local server is busy, or possibly (but it would not explain
the samba_kcc) Samba's drepl process is stuck talking to a remote
server.
Is the drepl local processes very busy doing inbound replication?
My instinct is either the server is very busy (and this should show up
in CPU use) or a transaction is being held open excessively.
Andrew Bartlett
On Sat, 2024-03-09 at 19:11 -0300,
2024 Mar 10
1
kcc_periodic output
>
> Is the drepl local processes very busy doing inbound replication?
How can I check this?
My instinct is either the server is very busy (and this should show up in
> CPU use) or a transaction is being held open excessively.
I use VMs on Proxmox. In DC1, I installed the Proxmox agent, and CPU usage
via the dashboard is very low. However, when I checked using 'top,' the
LDAP
2024 Mar 09
1
kcc_periodic output
I've been grappling with a recurring set of errors for quite some time now:
- UpdateRefs failed with NT_STATUS_IO_TIMEOUT
- Failed samba_kcc - NT_STATUS_IO_TIMEOUT
- IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
Despite cranking up the log level to 10, the returned information remains
frustratingly cryptic and hard to decipher.
This error, being overly generic, continues to
2019 Aug 19
2
interference of the nmbd service with the dhcp of the debian server??
>
> Just a thought, is dhcpcd5 installed ?
No.
Does this happen on the XEN Server of Client (guest OS).
If Xen, which xen version?
xen 7.0.0
The command cat lan-dev-$(ip route | grep default |awk '{ print $5
}').network shows nothing. Do I need to create this file? His content is
just my interface. Ex: eth0?
On Mon, Aug 19, 2019 at 11:54 AM Rowland penny via samba <
samba
2024 Mar 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
Thanks for getting back to me.
It seems to me the LDAP process being busy would be the root cause
here. Working out what is going on here shouldn't is a detective task
- I always start with a wireshark trace. The client making all the
noise/traffic will be the one causing the trouble.
If it isn't clear from that, then look into the DB audit logging for
perhaps busy writes