Displaying 20 results from an estimated 4000 matches similar to: "samba 4.2.1 copy idmap...and problems with bi-directional sysvolsync."
2015 Apr 29
0
samba 4.2.1 copy idmap...and problems with bi-directional sysvolsync.
Hai Rowland / Andrey,
that.. was a stupid one to miss..
that was because it was checking against defaults of samba, forgot to put that one back..
and yes, tested it also with, and im noticing the same. (different id's )
so.. back to winbind... and now id's are same again..
thanks. .
and andrey, im using my sysvol scripts to set it up.
have a look here,
2015 Apr 24
5
Strange GPO rights samba 4.2.1
Hai,
?
Im having a strange thing with sernet samba 4.2.1 on debian wheezy.
?
I installed 2 dc.s with my scripts.
?
i did setup the sysvol replication and now im seeing the following when i create new policies.
?
The default GPO's
drwxrwx---+ 4 root????????? BUILTIN\administrators 4096 Apr 24 10:17 {31B2F340-016D-11D2-945F-00C04FB984F9}
drwxrwx---+ 4 root????????? BUILTIN\administrators
2015 Apr 30
10
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
Please read the reported bug and bjorn answer.. which does not help any to a solution of fix, or explenation.
But the big question now is, does someone somewhere know what bjorn is talking about.
i did search for "gencache" but no go here..
just from old documentation.
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/tdb.html
gencache.tdb Generic caching database.
2017 Jan 12
2
Corrupted idmap...
I forgot about ldbsearch. Here is a dump of xid numbers.
root at dc01:~# ldbsearch -H /var/lib/samba/private/idmap.ldb | grep xidNumber
xidNumber: 3000028
xidNumber: 3000013
xidNumber: 3000033
xidNumber: 3000003
xidNumber: 3000032
xidNumber: 3000023
xidNumber: 3000019
xidNumber: 3000010
xidNumber: 65534
xidNumber: 3000031
xidNumber: 3000022
xidNumber: 3000026
xidNumber: 3000017
xidNumber: 3000027
2015 Apr 30
1
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
On 30/04/15 09:09, L.P.H. van Belle wrote:
> ( sorry for mailing directly bjorn, but please have a look )
>
> I still think this is a bug..
>
> why not a bug:
> If i do assign a UID/GID to a user, then yes, this wil work fine.
> new users and groups sure.. but now im talking about the default domain groups..
>
> why a bug:
> User administrator and the domain groups
2018 Jul 24
1
Tracing the consequences of overlapped id mappings
Hi,
I'm trying to find out consequences of overlapped idmap settings that
used with 4.3.11 DC's. I'm about to upgrade these DC's to 4.8 version.
Before deploying new DCs, I want to make sure that any side effects
regarding id map settings will be left behind.
# ldbsearch -H /var/lib/samba/private/idmap.ldb | grep xidNumber \
| cut -d' ' -f2 | sort
0
100
3000000
2016 Oct 26
3
NT_STATUS_INVALID_SID
I have a brand-new install of Debian 8 without systemd and a
freshly-built Samba 4 install with issues. I created this as a
standalone AD DC, setup group policies, etc and then took it to the
client location. Now nothing works. I keep getting "RPC server
unavailable" on Windows machines and trying to list shares on the DC
itself results in NT_STATUS_INVALID_SID. I am lost as there are
2015 Apr 24
0
Strange GPO rights samba 4.2.1
>-----Oorspronkelijk bericht-----
>Van: rowlandpenny at googlemail.com
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: vrijdag 24 april 2015 11:06
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Strange GPO rights samba 4.2.1
>
>On 24/04/15 09:52, L.P.H. van Belle wrote:
>> Hai,
>>
>> Im having a strange thing with
2017 Sep 26
3
Domain member server: user access
Hai Rowland,
Im pretty sure this is a bug in the DC part.
I'll show.
On the DC.
dc1:~# getent passwd winadmin
NTDOM\winadmin:*:10000:100::/home/users/winadmin:/bin/bash
wbinfo --group-info="Domain Users"
NTDOM\domain users:x:100:
id winadmin
uid=10000(NTDOM\winadmin) gid=100(users) groups=100(users),3000004(BAZRTD\group policy creator owners),3000008(NTDOM\domain admins)
2015 Apr 30
0
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
( sorry for mailing directly bjorn, but please have a look )
I still think this is a bug..
why not a bug:
If i do assign a UID/GID to a user, then yes, this wil work fine.
new users and groups sure.. but now im talking about the default domain groups..
why a bug:
User administrator and the domain groups are set by default by samba.
and its not consistant at all which is needed for a
2017 Jan 12
3
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
cool!
root at dc1:~ # wbinfo -r richard.h
10001
3000008
10000
10014
10004
10005
3000005
3000009
3000000
-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of lingpanda101 via samba
Sent: 12 January 2017 22:57
To: samba at lists.samba.org
Subject: Re: [Samba] Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 3:47 PM,
2018 May 11
1
wbinfo -r 'username' displays inconsistent results across DC's
Hello,
Looking up a users group membership I'm showing different results
on each DC. UID and GID mapping appears consistent but not all group
membership is displayed. I've verified idmap.ldb is backup up and copied
over to the other DC's. I do notice when taking a hot backup of
idmap.ldb, the file size is dramatically smaller than the original.
Using Microsoft RSAT to view
2016 Jun 28
2
id username output ADDC and Member.
>
> I love diving : )
>
Ok mathias,
Can you explain this.
This i dont get....
Why is this output so different, and i dont mean the difference with NTDOMAIN\..
See the groups differences... between a ADDC and a member server..
Samba 4.4.3 ADDC
id someusername
uid=10002(NTDOMAIN\someusername) gid=10000(NTDOMAIN\domain users) groups=10000(NTDOMAIN\domain
2024 Aug 26
1
winbind gives wrong primary id group
>> Hello,
>>
>> I have fresh instalation samba 4.17.12+dfsg from apt on Debian 12.
>>
>> I made new domain ADS2
>> (https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller).
>> root at dc-ads2:/etc/samba# samba-tool domain provision --use-rfc2307
>> --realm=ADS2.SES.SK --domain=ads2 --server-role=dc
>>
2016 Feb 12
2
sudden change GID number on DC
Hai,
I just noticed something strange with my group GID assignments.
This happens on my DC.
I have my “Domain Admins” “Domain Users” etc given a GID.
(im using ad backend )
Running
getent group "domain admins" gives back.
domain admins:x:3000008:administrator,admin
But this is fault.. that GID should be 10001
Anyone noticed this also ?
After
2017 Jan 13
2
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Also, I'm not sure whether this has any relevance to the problem but I did at one point try to set up a secondary AD server but was struggling to get it going so demoted it using "Demote an Offline Domain Controller" from this page
https://wiki.samba.org/index.php/Demote_a_Samba_AD_DC
I also went through the "Verifying the Demotion" checks on this page and all looked
2024 Jun 22
1
primary group for AD accounts
Hi
I've just recreated whole environment and after DC provision
?group "domain users" has gid 100
getent passwd
OFFICE\administrator:*:0:100::/home/OFFICE/administrator:/bin/bash
OFFICE\guest:*:3000011:3000012::/home/OFFICE/guest:/bin/bash
OFFICE\krbtgt:*:3000015:100::/home/OFFICE/krbtgt:/bin/bash
OFFICE\dhcpduser:*:3000016:100::/home/OFFICE/dhcpduser:/bin/bash
getent group
...
2017 Nov 10
1
[Curiosity] Default domain, DC and DM...
In my DC, without setting explicitly a 'winbind default domain', i can
check logins domainless:
root at vdcsv1:~# id gaio
uid=10000(LNFFVG\gaio) gid=10513(LNFFVG\domain users) gruppi=10513(LNFFVG\domain users),11001(LNFFVG\sir),10999(LNFFVG\unixadm),3000008(LNFFVG\domain admins),3000005(LNFFVG\denied rodc password replication group),3000005(LNFFVG\denied rodc password replication
2016 Oct 27
4
NT_STATUS_INVALID_SID
On Wed, 26 Oct 2016 17:27:37 -0400
Ryan Ashley via samba <samba at lists.samba.org> wrote:
> I guess I should note that it seems like the high SIDs will resolve,
> except for 300000. Below is an example.
>
> root at dc01:~# l /var/lib/samba/sysvol/medarts.lan/
> total 16
> drwxrws---+ 4 MEDARTS\reachfp 3000000 4096 Oct 17 17:45 Policies
> drwxrws---+ 2 MEDARTS\reachfp
2017 Jan 12
2
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi
root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes
...some error information...
Checked 3647 objects (2 errors)
root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix
Checking 3647 objects
Checked 3647 objects (0 errors)
root at dc1:~ # getfacl /usr/local/samba/var/locks/sysvol/
getfacl: Removing leading '/' from absolute path