similar to: My smb.conf of samba4 as classic primary domain controller

Displaying 20 results from an estimated 10000 matches similar to: "My smb.conf of samba4 as classic primary domain controller"

2018 Jan 11
2
Deploy software in fileserver folder
Hey Luke, thanks for the help!!! It's working now!!! God bless you and your family!! :D Remember that GPOs need to run as the context of either the computer or the > user. Computers typically do not have access to many folders on a file > server, even as "Everyone". That is why the NETLOGON folder works. > > If you're deploying as a USER configuration, then it
2018 Jan 10
2
Deploy software in fileserver folder
Which GPO? Computer or User Configuration? Remember that GPOs need to run as the context of either the computer or the user. Computers typically do not have access to many folders on a file server, even as "Everyone". That is why the NETLOGON folder works. If you're deploying as a USER configuration, then it should run as the context of the user, meaning the Everyone permission
2018 Jan 11
2
Deploy software in fileserver folder
Hi Elias, > I thought it worked, but after I uninstalled the software that I deployed > via user scope, it did not reinstall. I selected the "Redeploy application" > option, but it also did not work. The user scope GPO are run with the privileges and access tokens of the logged on user, so the user have local admin rights for install and need access rights to the share you
2018 Jan 09
3
Deploy software in fileserver folder
Hello list, I tried to set up a folder on our fileserver domain member, so I can deploy software for users' machines, but is not working. If I put the software inside "netlogon" it installs correctly. \\172.16.1.7\storage\programs Auth Users - read & execute, list folder contents, read and write Do I need other permissions? -- Elias Pereira
2015 Oct 09
4
Migrate directories and files
hello guys, In my tests lab did the migration ldap base of the old samba3 to Samba4 ADCD. It's possible to migrate directories and files from users of the old samba3 to Samba4 ADDC? -- Elias Pereira
2023 Dec 06
1
Failed to store repsFrom - Indexed and full searches both failed!
"Indexed and full searches both failed" is not a good sign. Failed in this case doesn't just mean 'returned no results', it means 'database error'. It could be on any record, as the filtering for a full search has to happen across the whole DB and if any of those filter tests fail, it will do this. I think you have another working DC, if so I would demote this
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
The saga continues... I've spent a whole day with log level 5 and 7 and no error. All I have to do is return the log to the default and the error reappears. I monitored the "LDAP Query: Duration", but I didn't notice any crashes in the queries. I don't know if it's a long time, but some queries took 1.5s. Is there anything else I can do? On Mon, Mar 25, 2024 at
2023 Dec 06
1
Failed to store repsFrom - Indexed and full searches both failed!
Any thoughts? :D On Tue, Dec 5, 2023 at 4:59?PM Elias Pereira <empbilly at gmail.com> wrote: > hi, > > After an update to our DC4, I started to notice the error "Failed to store > repsFrom - Indexed and full searches both failed!" in the logs. > > root at dc4:~# tail -f /var/log/samba/log.samba > Copyright Andrew Tridgell and the Samba Team 1992-2023 >
2017 Dec 02
2
idamp ad/rid
Found it! :) I thought in make a script more or less that way. #!/bin/bash # GROUP=ADM GUID=10000 # Domain Users UID=10000 # get the next ID ? for USER in $(samba-tool group listmembers $GROUP) do samba-tool user edit $USER -H ldap://samdom.example.com \ -U administrato --nis-domain=samdom \ --unix-home=/home/$USER \ --uid-number=${NEXTID} \
2014 Dec 22
5
Net groupmap list strange result
On 22/12/14 17:47, Elias Pereira wrote: > And now, I run the command "samba-tool user list" and the result is as > follows: > > *# samba-tool user list* > *ldb_wrap open of secrets.ldb* > *Could not find machine account in secrets database: Failed to fetch > machine account password from secrets.ldb: Could not find entry to match > filter:
2024 Apr 02
1
How to diagnose a busy LDAP server process in the Samba AD DC
1.5 seconds is pretty long, I would look into what those queries are. I would also look into repeated queries, sometimes these things are clients stuck in a loop where they don't complete because they expect some termination condition. Andrew Bartlett On Tue, 2024-04-02 at 09:25 -0300, Elias Pereira via samba wrote: > The saga continues... > I've spent a whole day with log level 5
2024 Jan 04
1
{Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired
Hi Rowland, Could you tell me what the correct permissions are for the bind9 files? On Wed, Jan 3, 2024 at 5:46?PM Elias Pereira <empbilly at gmail.com> wrote: > The only 'problem' I can see is that the group is set to 'bind' instead >> of 'root', why is this ? > > If I'm not mistaken, I did it on the wiki, but maybe I needed an older >
2024 Apr 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
Hello Andrew, 1. What is the explanation for the fact that when the log level is set to 5 or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but when it is at the default log level, it does? Another point I've noticed before is that when I run the command "samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes" (*Checked 15337 objects (0 errors)*), and in another
2023 Apr 14
1
eduPerson schema on samba4
hi, I created a lab to test adding the eduPerson schema. I took the schema from the link below and followed the wiki to add the schema. hxxps:// github.com/REFEDS/eduperson/blob/master/schema/activedirectory/eduPerson.adschema.ldf I split the ldif into 3 parts. attrs.ldif classes.ldif auxiliaryClass.ldif At first there was no error when adding the ldifs with the commands given in the wiki. To
2024 Mar 25
1
How to diagnose a busy LDAP server process in the Samba AD DC
Hello Andrew, What's the explanation for when the log level is set to 5, the error NT_STATUS_IO_TIMEOUT doesn't appear, but when it's at the default log level, it does? On Mon, Mar 18, 2024 at 10:33?AM Elias Pereira <empbilly at gmail.com> wrote: > hi Andrew, thanks for the help!!! > > It seems to me the LDAP process being busy would be the root cause here. >>
2017 May 30
2
member domain idmap config ad/rid
> > Simple answer: > Administrator, No > Domain Admins, Yes Ok. It was already that way. root at fileserver:/etc/samba# getent group ... domain admins:x:10004: domain users:x:10000: dap:x:10003: dti:x:10001: For some reason with the administrator user is not working, I put my user as domain admin and include him as a member of unix and now I can access the security tab.
2024 Apr 11
1
How to diagnose a busy LDAP server process in the Samba AD DC
On Thu, 2024-04-11 at 14:21 -0300, Elias Pereira wrote: > Hello?Andrew, > > 1. What is the explanation for the fact that when the log level is > set to 5 or 7, the NT_STATUS_IO_TIMEOUT error does not appear, but > when it is at the default log level, it does? I don't have an explanation for this, sorry. ?Have you looked into the 1.5 second queries, what is sending them and
2017 May 30
2
member domain idmap config ad/rid
root at fileserver:~# getfacl /home/dados/ getfacl: Removing leading '/' from absolute path names # file: home/dados/ # owner: root # group: domain\040admins user::rwx group::rwx other::--- Still with the same problem. No security tab on windows machine. :( The "Administrator" and "Domain Admins" also need to have an unix attribute? On Tue, May 30, 2017 at 4:08 PM,
2017 Dec 02
2
idamp ad/rid
On Sat, 2 Dec 2017 10:21:07 -0200 Elias Pereira <empbilly at gmail.com> wrote: > Correcting! :) > > #!/bin/bash > # > GROUP=ADM > GUID=10000 # Domain Users > UID=10000 # get the next ID ? > > for USER in $(samba-tool group listmembers $GROUP) > do > samba-tool user edit $USER --nis-domain=samdom \ > --unix-home=/home/$USER \ >
2019 Aug 19
2
interference of the nmbd service with the dhcp of the debian server??
> > Just a thought, is dhcpcd5 installed ? No. Does this happen on the XEN Server of Client (guest OS). If Xen, which xen version? xen 7.0.0 The command cat lan-dev-$(ip route | grep default |awk '{ print $5 }').network shows nothing. Do I need to create this file? His content is just my interface. Ex: eth0? On Mon, Aug 19, 2019 at 11:54 AM Rowland penny via samba < samba