similar to: winbind failover not working

I'm (finally) getting around to putting a backup LDAP authentication server on my network. The backup uses syncrepl to grab the database, and to my eyes both LDAP servers answer read queries identically. I'm testing the client side of this configuration on virtual CentOS 5 i386 machine. /etc/ldap.conf reads ----- %< ----- base dc=DOMAIN,dc=com timelimit 30 bind_timelimit 30

Hi, I have a quite "simple" setup for a particular customer that loves redundancy and failover. PDC + BDC with LDAP Passwords on two 389-ds in multimaster node + several samba member servers Actually pointing singularly on both the systems everything works great. As soon as I modify my passdb backend line from the single form to the form containing both backends that is from passdb

hi..... i don't know if its posible. i have two ldap directories, and i want use them to use as my dovecot users backend... so i have two configurations files... "dovecot-ldap1.conf" and " dovecot-ldap2.conf" and i try setting like: Test 1: (simil postfix ) :D This dont work auth default { : : passdb ldap { args=

Hi , I 've been trying to get my 2 Samba DCs to replicate between each other but it fails DC1: Freebsd-9.1-Release, Samba 4.02, hostname ldap1, objectGUID: a2454bb4-9f94-4879-a5ff-c1a40537cb5e DC2: Freebsd-9.1-Release, Samba 4.02, hostname ldap2, objectGUID: 0103c98e-0b54-4ca4-a4e5-2259fa6b0563 ===the output showrepl command========== [root at ldap1 ~]# samba-tool drs showrepl

Hello, I am running v2.0.13. In my dovecot.conf I have: userdb { args = /etc/dovecot/dovecot-usrdb-ldap.conf driver = ldap } passdb { args = /etc/dovecot/dovecot-passdb-ldap.conf driver = ldap } Is it legitimate to include multiple ldap userdb's, like: userdb { args = /etc/dovecot/dovecot-usrdb-ldap1.conf driver = ldap } passdb { args =

Hello, I'm trying to set up a centos 5.3 machine to do authentication via openldap. I've got it working, I'm not sure if I have it 100% right, but I can use ldapsearch to query the directory, use finger, id, chown, and other utilities with ldap usernames and groups, log in via ssh as an ldap user and if it's a new user automatically have the home directory created. Having got this

Hi all, I?m having some trouble setting up a samba failover scenario. This is what I?ve done: Subnet 192.168.1.0 -> Samba PDC e Samba BDC Subnet 192.168.20.0 -> LDAP Master e LDAP Slave If all servers are up I can login to domain. If I put the LDAP Master service down I am still able to login from the Slave LDAP. But if the server where the master LDAP is installed is down

hello the passdb backend no longer accepts multiple backends in a chaining configuration since samba 3.0.23a . question: will the following confi still work? passdb backend = ldapsam://ldapserver1 ldapsam://ldapserver2 ? the idea is to use 2 ldap servers werner Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm

I forgot. dig a pre01svdeb02.pilsbacher.at @192.168.16.205 dig a pre01svdeb02.pilsbacher.at @192.168.16.206 Can you run these also for me. And there are no CNAMEs pointing to the AD-DCs ?

Hi! I'm trying to get Samba running to accept more than one ldap server in smb.conf. I applied this patch (http://groups.google.com/groups?q=smb.conf+second+ldap+server&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=ar08ok%241pjt%241%40FreeBSD.csie.NCTU.edu.tw&rnum=5) to the samba (2.2.5) sources, but samba doesn't query the second ldap server I specified in smb.conf. Is there

Hello, We are using samba-3.0.25a and we want to join our system onto the Active Directory server in a specific location. The argument 'createcomputer' is exactly what we want and it works perfectly when we do a 'net ads join' but fails when we do a 'net rpc join'. The computer object always gets created in the 'Computers' folder. Looking at the code it appears

Hello, I'm trying this here first before moving to the apache list. Maybe someone of you use mod_authnz_ldap with multiple ldap servers declaration for redundancy. With one server declared it is working. Here is what I've tried for adding another one (space separated as read in the apache's doc) : .... AuthLDAPURL

Hi folks, there are two Samba4 DC server. The first one is the "PDC", and after I finished to set up that, I've joined the second one. There is a Linux client, where I configured the samba, and joined it to domain as member. Now I see these: # net ads status -U administrator objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user objectClass:

Hello, Our Postfix setup uses multi-instance feature. I would like to enable dovecot SASL mechanisms in postfix. Open two unix sockets is not a problem for us: service auth { unix_listener /var/spool/postfix-instance1/private/auth { mode = 0660 user = postfix group = postfix } unix_listener /var/spool/postfix-instance2/private/auth { mode = 0660 user = postfix group

I am trying to reconfigure a samba server to use authentication from the University domain. * smbd seems to start OK * net ads testjoin is fine * net ads join -U xxUSERNAME createcomputer="xxCOMPUTER" fails with: Failed to join domain: failed to set machine spn: Constraint violation (where xxTEXT indicates redaction - sorry I'm not sure what's confidential and what isn't)

On Tue, 06 Feb 2018 14:09:08 -0500 Dan Oriani via samba <samba at lists.samba.org> wrote: > > I'm not opposed to the idea. Does 'net ads join' support supplying > the machine name as the user, and the one-time-password given to it? > The only reason I'm using adcli at all is the preset-computer option > which I couldn't find an analogue to in 'net

Hi Rowland, On Wed, Nov 08, 2017 at 09:45:48AM +0000, Rowland Penny wrote: > On Wed, 8 Nov 2017 09:24:30 +0100 > Ervin Hegedüs via samba <samba at lists.samba.org> wrote: > > > Hi folks, > > > > there are two Samba4 DC server. The first one is the "PDC", and > > after I finished to set up that, I've joined the second one. > > I am a

Quoting Dan Oriani via samba <samba at lists.samba.org>: > Quoting Rowland Penny via samba <samba at lists.samba.org>: > >> On Tue, 06 Feb 2018 14:09:08 -0500 >> Dan Oriani via samba <samba at lists.samba.org> wrote: >> >>> >>> I'm not opposed to the idea. Does 'net ads join' support supplying >>> the machine name as

> -----Original Message----- > From: Andrew Bartlett [mailto:abartlet@samba.org] > > passdb backend = ldapsam:"ldaps://ldap1 ldaps://ldap2" > is what you want. This helped me a little bit forward. I suggest to add this line also to samba-pdc help. But still I ran into problems. I fixed the passdb lines on PDC and BDC. If the second server (on PDC slave-ldap and on BDC

Hello all, I am trying to make one of my solaris server member of our w2k3 ads domain. ldap and kerberos packages are installed. * when I try to get a ticket granting ticket, no problem ... kinit klist are all running fine .. below my krb5 config file # cat /etc/krb5/krb5.conf [logging] kdc = FILE:/var/log/krb5/krb5kdc.log # admin_server = FILE:/var/log/krb5/kadmind.log default =