similar to: keytabs basics linux <=> AD ?

Hello, Sorry for take so long to answer, but I was not able to do the tests because the computer is in use and out of my office. Finally I've progressed in this topic with realmd, sssd and autofs, but now I'm locked on mounting shares from my member server. I'm able to use autofs and smbclient to mount and connect to sysvol share on my DC server, but when I try to connect to my

Hai,   now realmd sssd and autofs are all not my cookies.. but..   i see 2 things. 1) you missing the CIFS spn. here is shows how to make them and extract them. https://wiki.samba.org/index.php/Generating_Keytabs  https://wiki.samba.org/index.php/Keytab_Extraction      2) for the smblcient try :  smbclient //server.domain.dom/escaner -U user -W DOMAIN.DOM -R host -k -d 3 -m SMB2 ....added

This is with -d10, I test in Windows 10 (joining to domain) and same error, "Internal error". One thing, I don't execute the domain provision command because I put all the files created in the old server into the new server, that's metter??? INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10

I think MJ is using samba with AD backend and Rowland RID. Rowland, try AD backend if your using rid atm. Gr. Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens mj via samba > Verzonden: woensdag 11 oktober 2017 13:25 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Using GPO to mount shares on Linux > > >

Hi All Is this behaviour expected in smbclient: I have a kerberized Samba server and a share that works as expected on desktop clients, but when I use smbclient with a valid ticket with the -k flag I get a KDC lookup failure kev at client:/home/testuser$ smbclient -k -L //fileserver gss_init_sec_context failed with [ Miscellaneous failure (see text): unable to reach any KDC in realm LAN]

On Sat, 12 Aug 2017 05:56:36 +1200 Andrew Bartlett via samba <samba at lists.samba.org> wrote: > On Fri, 2017-08-11 at 08:02 -0400, Ing. Luis Felipe Domínguez Vega via > samba wrote: > > gss_init_sec_context failed with [ The context has expired: Success] > > SPNEGO(gse_krb5) creating NEG_TOKEN_INIT failed: > > NT_STATUS_INTERNAL_ERROR > > Can you please show

Hi, for a static cifs mount (automount from fstab) I would like to use kerberos with a SPN. The share is accessed from a http service, so I use HTTP/www.samdom.example.com with the username http-www.samdom.example.com. Unfortunately I can not get it to work. The keytab is generated as described on [1]. # klist -kt /etc/http.keytab Keytab name: FILE:/etc/http.keytab KVNO Timestamp

Hi List, I am currently testing inter-forest trusts between a pair of AD domains. All DCs and member servers are using Sernet Samba 4.4.5. I have set up conditional forwarding in by Bind setup (I'm using BIND9_DLZ) and all machines can resolve each other. On the DCs, I can see users from the other side of the trust using wbinfo -u --domain=<other domain>. In addition if I set up ID

Hello, a short history, I am using samba 4 with Debian 9 from the repository, 2 days ago the server was broken, but I was copy all the /var/lib/samba directory to a safe place, then I was installed a new server with the same Debian and samba from repository, and stopped smbd, nmbd and winbind, unmask samba-ad-dc and finally copied all the directory from the old server to the new server and started

hey, now after observe last changes on the weekend… i have also the issue. After 10 hours i can’t connect to the shares on my member server. On Log of DC i found this: [2016/10/02 20:35:45.601265, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: AS-REQ PL0024$@HQ.KONTRAST from ipv4:<member-ip>:55578 for krbtgt/HQ.KONTRAST at HQ.KONTRAST [2016/10/02

so i add the pam yesterday and now after 10 hours no connection to member is possible. :( Same errors in logs i send yesterday OLIVER WERNER Systemadministrator > Am 03.10.2016 um 18:54 schrieb Rowland Penny via samba <samba at lists.samba.org>: > > On Mon, 3 Oct 2016 17:56:07 +0200 > Oliver Werner <oliver.werner at kontrast.de <mailto:oliver.werner at

Dear, Does anyone have any idea what may be causing this error? Even I had to leave off Samba, because I believe that due to NT_STATUS_INTERNAL_ERROR error, several desktops are presenting failure credentials when they try to access shares. After I left off Samba, the errors are gone. ------------------- Mensagem original ------------------------------- Assunto: Re: [Samba]

Am 11.03.2019 um 09:24 schrieb Rowland Penny via samba: > On Mon, 11 Mar 2019 07:16:30 +0100 > Christian via samba <samba at lists.samba.org> wrote: > >> Dear all, >> >> we are transitioning from an openldap / MIT KDC setup to a samba4 AD. >> I am doing this by setting up a samba NT4 domain, populating it from >> LDAP and sticking in the password hashes

Dear Rowland Strange thing is that I do not receive notification on my email about your answers. Here we run an internal DNS. Samba was configured with Bind 9 as secondary DNS. When I put in domain.local settings, it is because we omit the company name. But the name of my domain ends with .local. I disabled Avahi daemon. When I try to run the command you quoted: smbclient -k -L

On Fri, 30 Sep 2016 14:31:06 +0200 Oliver Werner <oliver.werner at kontrast.de> wrote: > Hi rowland, > > is pam really need? > > Users should not login via terminal to this system. this is only as > Samba File-Server > Lets put it this way, to connect to the domain member your users must be known to the underlying OS. The domain member I am typing this on, uses a

Hi all: since about a month we encountered a problem with R -e command: spaces in the "command" of R -e "command" are no more tolerated. This same issue affects 2.11 patched (05-05-2010), 2.10.1, and current devel (at least the one of two weeks ago). (I skip the mid of the printouts, replaced with ...) * R -e "message('aaa aaa')" ARGUMENT

I am seeing an issue with getting certain sip devices to be recognized as defined SIP clients host= in the sip.conf and the only deference that I can find btw sources that work and don't work is that devices that send packets with an Initial Via header of themselves appears to work and pick the context correctly but those that don't have the Via just get dropped in the context of the

Hello, El 20 oct. 2017 4:50 p. m., "Rowland Penny via samba" <samba at lists.samba.org> escribió: On Fri, 20 Oct 2017 14:57:42 +0200 Daniel Carrasco via samba <samba at lists.samba.org> wrote: > Hello, > > Sorry for take so long to answer, but I was not able to do the tests > because the computer is in use and out of my office. > > Finally I've

After a lot of processing I get a matrix into M. I expected each row and column to be a vector. But it is a list. R-Inferno says... "Arrays (including matrices) can be subscripted with a matrix of positive numbers. The subscripting matrix has as many columns as there are dimensions in the array—so two columns for a matrix. The result is a vector (not an array) containing the selected

I am trying to do the simplest thing in the world. The following works: aaa <- ifelse(aaa==5, 6, 7) But if I want to change the if...else syntax instead, it gives errors and assigns 7 to aaa. Here is the problem code: aaa <- 5 if ( aaa==5 ) { aaa <- 6 } else { aaa <- 7 } Here is the output: > aaa <- 5 > if ( aaa==5