similar to: Converting classic domain to AD

I noticed that smbclient worked on some solaris 11 machines but not others. The issue a slightly different version of libarchive on the machine (0.12 vs 0.13), even though I thought all machines had been patched to the same level. So I decided to recompile. When recompiling samba 4.4.7 on solaris 11 I saw the following warning Checking for header krb5.h

The trusts aren't really working with Windows 2008 either (where DOMAINC is the Windows 2008 domain.) # /usr/local/samba/bin/net rpc trustdom establish DOMAINC Enter DOMAINA$'s password: Could not connect to server DOMAINC_DC Trust to domain DOMAINC established # Active Directory Domains and Trusts MMC on the Windows 2008 AD DC (DOMAINC_DC) seems to think the

I am not sure if this is relevant root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainB Enter DOMAINA$'s password: Could not connect to server DomainB_DC Trust to domain DomainB established root at sambaPDC:~# root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainC Enter DOMAINA$'s password: Could not connect to

I am trying to configuring Samba 4 classic PDC to trust Windows 2012 domain "DomainB" - the PDC is running Windows 2012 but the forest and domain functional levels are still Windows 2008. On the Win 2012 PDC I try to set up an incoming trust, but it fails with "The local security authority is unable to obtain an RPC connection to the active directory domain controller

In summary * DomainA Samba classic domain- PDC and BDC are running Samba 4.4.7. The PDC is called "SambaPDC." * DomainB Windows AD domain , level 2008, domain controller is Windows 2012 or 2012R2 (you are correct that there are not primary and backup controllers in AD) * DomainC Windows AD domain, level 2008, domain controllers are Windows 2008 I need to get

See inline comments: On Tue, 22 Nov 2016 12:04:57 -0500 Gaiseric Vandal via samba <samba at lists.samba.org> wrote: > I am trying to configuring Samba 4 classic PDC to trust Windows > 2012 domain "DomainB" - the PDC is running Windows 2012 but the > forest and domain functional levels are still Windows 2008. On the > Win 2012 PDC I try to set up an incoming trust,

On both Samba 4.5.1 member server and Samba 3.6.25 member server I tried the following command wbinfo –set-uid-mapping=35049,S-1-5-21-xx-xx-xxx-xxx this should have created a mapping entry consistent with the one on the domain controller for a trusted user But I got the following error failed to call wbcSetUidMapping: WBC_ERR_NOT_IMPLEMENTED As far as I can tell from network

Running a mix of samba versions (3.6.25 and 4.5.1) in two domains- one "classic" (with samba domain controllers) and one AD (with windows domain controllers.) The eventual goal is to drop the classic domain in favor of the AD domain. Also trying to move from samba 3.x to 4.x since Samba 3 is EOL'd. the "wbinfo -u" command will list users in the servers domain

I increased the logging to 10 on the problem member server. Didn't see anything of interest. I did a packet capture on the PDC while typing " net rpc testjoin" from both the problem member server (4.4.14) and a working member server (4.4.13) e.g SMB: ----- SMB Header ----- SMB: SMB: CLIENT REQUEST SMB: Command code = 0x72 SMB:

On a samba 4.5.1 domain controllers (PDC and BDC), classic domain , LDAP is used as the backend for both user accounts AND for the idmapping of trusted domains . Partial smb.conf below workgroup = THISDOMAIN security = user passdb backend = ldapsam:ldap://xxxxxxxxxxxxxxxxx idmap config * : backend = tdb idmap config * : range = 5000-6000 idmap config THISDOMAIN :

On Tue, 2017-06-20 at 17:23 -0400, Gaiseric Vandal via samba wrote: > I have several Samba 4.4.x servers (Solaris 11 x86_x64) in a samba > classic domain. Samba patches are provided via the Oracle solaris > package update system. > > > The two domain controllers are running Samba 4.4.8. > > > A few weeks ago I ran the latest package updates on a non-critical

I have several Samba 4.4.x servers (Solaris 11 x86_x64) in a samba classic domain. Samba patches are provided via the Oracle solaris package update system. The two domain controllers are running Samba 4.4.8. A few weeks ago I ran the latest package updates on a non-critical server, which brought it up to 4.4.13. All was OK as far as I could tell. This weekend I updated packages

Hi, I am not sure it's the same issue, but I had a similar problem when upgrading from DSM 5.x to 6.0 : error after domain join : "Connection failed. Please check your network settings" . With the help of the (very efficient) Synology support, we solved the problem by uninstalling an old Cluster HA DSM package that was installed on the NAS but not used. Just in case it could help.

On both the synology (samba 4.1.20) and PDC (samba 3.6.25) testparm showed client schannel = Auto server schannel = Auto I don't know if the server even supports schannel. Maybe it doesn't any all the clients successfully negotiated not to use it. On the synology, I set client schannel = no This fixed my domain membership issue. Although

Solaris 11 include samba 3.6.25. I compiled samba 4.5.1 using GCC 4.8 and gmake. Had set following env variables to make sure krb5.conf was found # CPLUS_INCLUDE_PATH=/usr/include:/usr/include/kerberosv5/ # C_INCLUDE_PATH=/usr/include:/usr/include/kerberosv5/ After setting "client ldap sasl wrapping = plain" I was able to join to a Windows 2008 domain with samba 4.

I tried recreating the trusts. I start by setting up trusts on Windows side, using Active Directory Domains and Trusts on the DomainB AD server. . I specify the the samba domain (DOMAINB) but before I can even specify trust type or direction I get the following: Cannot continue Trust relationship can not be created… The local security authority is unable to obtain an RPC

If I add winbind rpc only = Yes to smb.conf file then "wbinfo -u" will list users in the current domain. It won't list users in any trusted domains (including domains in the same forest.) This indicates that the domain is having some issue retrieving user names via LDAP. The forest is 2008 function level. The domain was 2003 functional level but I just raised that

Setting my domain controllers to use SMB2 breaks windows domain authentication for Windows clients. I don't know why. The clients in question are Windows 7 and Windows 2008 R2. Once I set the domain controllers and problem member server to server max protocol = NT1 server min protocol = NT1 client max protocol = NT1 client min protocol = NT1 the

I have a Synology NAS array appliance. It is linux based and uses samba for file sharing. Normally the config is done via a gui interface but you can ssh to the array. The domain controllers are running Samba 3.6.x in classic domain mode. I have member servers running 3.6.x and 4.3.8. no problem. I recently updated the Synology "OS." The current version of samba is

Thanks for the advice. I had played with NT4 a little bit to see if I could use it for setting up a resource domain for windows 2003 machines- since it looks like you can join Windows 2003 machines to an NT4 domain (so why PCNL can't I don't know), and then establish trusts between NT4 and PCNL. I didn't really want to have NT4 machines in my enviroment any longer than necessary so