similar to: Domain controller in a chroot

Displaying 20 results from an estimated 30000 matches similar to: "Domain controller in a chroot"

2015 Mar 17
5
Domain controller in a chroot
Le 17/03/2015 11:25, Sven Schwedas a ?crit : > On 2015-03-17 11:13, S?bastien Le Ray wrote: > >> I'm sucessfully running a fileserver on it, just wanting to avoid issues >> in case of network link outage. > So your users, which cannot connect due to network link outage, won't be > prevented from logging in? Sounds like a splendid idea. My users will be able to open
2015 Mar 17
3
Domain controller in a chroot
Le 17/03/2015 11:06, Sven Schwedas a ?crit : > Not really an option : :-) > total used free shared buffers cached > Mem: 496 470 25 0 58 82 > > That's why I'm targetting the chroot > You won't be able to run a usable file server *and* DC on this little > resources anyway. That's barely
2015 Mar 17
2
Domain controller in a chroot
Hi, The goal of the chroot is to split the two roles, not to provide any additional security Regards Le 17/03/2015 10:01, Sven Schwedas a ?crit : > On 2015-03-17 09:27, S?bastien Le Ray wrote: >> Hi list, >> >> Since it is considered ?harmful? to run a domain controller that acts a >> fileserver I was considering the option of putting the AD DC into a >>
2015 Mar 17
2
Domain controller in a chroot
Le 17/03/2015 10:43, Rowland Penny a ?crit : > Hi, you could do what a lot of people do, run the DC in a VM. > > Rowland > Not really an option : :-) total used free shared buffers cached Mem: 496 470 25 0 58 82 That's why I'm targetting the chroot
2015 Mar 17
4
Domain controller in a chroot
Le 17/03/2015 15:40, Peter Serbe a ?crit : > Hi S?bastien, > > S?bastien Le Ray schrieb am 17.03.2015 14:15: > >> So even with two interfaces and bind interfaces only you cannot do it? Sad > I am by no means an *nix epert. Maybe it is possible - but I don't know > anyone how ever talked about doing something like that. And given the > _very_ limited resources, You
2015 Mar 17
0
Domain controller in a chroot
On 2015-03-17 11:40, S?bastien Le Ray wrote: > > > Le 17/03/2015 11:25, Sven Schwedas a ?crit : >> On 2015-03-17 11:13, S?bastien Le Ray wrote: >> >>> I'm sucessfully running a fileserver on it, just wanting to avoid issues >>> in case of network link outage. >> So your users, which cannot connect due to network link outage, won't be >>
2015 Mar 17
0
Domain controller in a chroot
On 2015-03-17 11:13, S?bastien Le Ray wrote: > Le 17/03/2015 11:06, Sven Schwedas a ?crit : >> Not really an option : :-) >> total used free shared buffers cached >> Mem: 496 470 25 0 58 82 >> >> That's why I'm targetting the chroot >> You won't be able to run a usable file
2015 Mar 17
2
Domain controller in a chroot
Le 17/03/2015 14:45, Rowland Penny a ?crit : > On 17/03/15 13:29, S?bastien Le Ray wrote: >> >> >> Le 17/03/2015 14:25, Rowland Penny a ?crit : >>> Ah, but from my testing, winbindd on 4.2 works very similar to >>> winbind, it still ignores most of the RFC2307 attributes and as I >>> understand it, trusts still do not work. >> Mmmm
2017 Sep 05
3
Server GC/name.dom/dom is not registered with our KDC: Miscellaneous failure (see text): Server (GC/name/dom@DOM) unknown
Today's episode of "why is AD break", brought to you by: > [2017/09/05 10:17:06.015617, 3] ../source4/auth/gensec/gensec_gssapi.c:613(gensec_gssapi_update) > Server GC/graz-dc-1b.ad.tao.at/ad.tao.at is not registered with our KDC: Miscellaneous failure (see text): Server (GC/graz-dc-1b.ad.tao.at/ad.tao.at at AD.TAO.AT) unknown > [2017/09/05 10:17:06.015717, 0]
2017 May 05
2
Memory leak in samba-ad-dc on 4.5.x not related to aio?
On Fri, May 05, 2017 at 10:21:05AM +0200, Sven Schwedas wrote: > On 2017-05-05 10:09, Volker Lendecke wrote: > > On Fri, May 05, 2017 at 09:42:47AM +0200, Sven Schwedas via samba wrote: > >>> root 9988 0.8 59.4 1571936 606488 ? S Apr26 114:41 /usr/sbin/samba > > > > Can you post /proc/9988/smaps somewhere? > > Sure,
2017 Nov 13
2
Winbind error "Could not fetch our SID - did we join?"
/etc/hostname:villach-file /etc/hosts:# The following lines are desirable for IPv6 capable hosts /etc/hosts:::1 localhost ip6-localhost ip6-loopback /etc/hosts:ff02::1 ip6-allnodes /etc/hosts:ff02::2 ip6-allrouters /etc/hosts:127.0.0.1 localhost /etc/hosts:192.168.16.214 villach-file /etc/krb5.conf:[libdefaults] /etc/krb5.conf: default_realm = AD.TAO.AT /etc/krb5.conf: dns_lookup_realm = true
2015 Mar 17
2
Domain controller in a chroot
Le 17/03/2015 14:25, Rowland Penny a ?crit : > Ah, but from my testing, winbindd on 4.2 works very similar to > winbind, it still ignores most of the RFC2307 attributes and as I > understand it, trusts still do not work. Mmmm interesting. I've been looking for a while to 4.2 precisely for this reason (rfc2307 to get consistent UID on DC) and the commit I found was only a special
2014 Jan 15
2
Samba 4 and Debian
I've wasted the last two days trying to get various versions of samba 4 packages getting to run under Wheezy. ? Wheezy's own packages are incomplete betas. ? Inverse provides their own packages (for SOGo), but they only care about getting their one use case to work; smbd doesn't work all, winbind has problems, and the postinst script resets my smb.conf with nonsense. Before I try
2017 Aug 24
5
sysvolreset doesn't reset all ACLs
Ok, rechecked this, your correct. This did work fine. In now at samba 4.6.7, you? This worked untill ( last i checked ) 4.6.5 :-(( now sysvolreset is totaly broken. :-(( New thing for my ToDo list.. Try this script, the rights are my defaults "after a sysvol reset" Place the script somewhere within /var/lib/samba Preffered that location . Run it with : bash script.sh sysvol/ !
2017 Sep 05
4
Server GC/name.dom/dom is not registered with our KDC: Miscellaneous failure (see text): Server (GC/name/dom@DOM) unknown
> Keytabs look reasonable, as far as I can see, but why does > graz-dc-sem have the same SPN output as graz-dc-1b in > addition to its own? A snapshotted server/cloned server? I dont know but thats not correct. I suggest, cleanup the DS with FSMO roles. Then remove a failty server and re-add it as a new installed DC. ( the good DS with FSMO) First backup:
2016 Sep 28
2
Good Bye SAMBA?!?!?
Am 28.09.2016 um 04:01 schrieb Steve Litt via samba: > Why would ANYBODY type a command when they could perform a bunch of > mouse clicks. Better yet, you can automate Windows tools with a screen > scraper and a keyboard injector, or with a top notch language like > Powershell or Visual Basic *lol* why would ANYBODY click in a GUI when he have a console - and i mean that really
2014 May 15
2
routed mode
Hi, I have installed a centos65_guest_1 system on a centos65 host with virt-manager. By default libvirt has a default network in NAT mode. At centos65_guest_1 when pinging to google it works. But I would like to use a routed mode for production enviroment with some services online, like http, ftp, ssh, etc. I have created the virtual network 192.168.100.0/24 with routed mode, and I have
2017 Apr 20
2
NT_STATUS_NO_LOGON_SERVERS after removing a DC and WERR_BADFILE when trying to remove broken DC
On 2017-04-07 13:44, Sven Schwedas via samba wrote: > In the end I just upgraded all DCs to 4.5 and remote-deleted the broken > ones. Seemed to work without a hitch, manual removal was only necessary > to remove the IPs from DNS\_msdcs.ourdomain\gc\. Apparently not, adding new DCs failed with "WERR_DS_DATABASE_ERROR". `samba-tool dbcheck --fix` solved that. With that out of
2017 Nov 13
2
Winbind error "Could not fetch our SID - did we join?"
On Mon, 13 Nov 2017 15:20:05 +0100 Sven Schwedas <sven.schwedas at tao.at> wrote: > > > PS, your configs are still wrong. > > It would be *really* helpful if you explained *why*. Sprinkling magic > pixie dust over random config files isn't exactly purposeful > debugging. > Lets start with /etc/krb5.conf Samba doesn't need most of what you will find in it,
2014 Dec 05
2
Samba embedded device?
On Thu, Dec 4, 2014 at 5:19 AM, Sven Schwedas <sven.schwedas at tao.at> wrote: > Tbh, you might get away with using PCEngines' APU boards (the successor > to their Alix boards with a massively upgraded CPU) if individual > machines don't need RAID (because everything is replicated anyway). > I considered that, but what would you use for storage?? They have an mSATA