Displaying 20 results from an estimated 2000 matches similar to: "DC replication issues / different attributes"
2016 Nov 30
1
DC replication issues / different attributes
Hi Rowland,
thanks for your reply. Any clue when this patch goes into production and being pushed into the sernet repository?
And will the database be fixed when upgrading or are there any manual steps necessary?
Cheers,
Julian
> -----Ursprüngliche Nachricht-----
> Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von
> Rowland Penny via samba
> Gesendet: Mittwoch, 30.
2016 Sep 06
2
Winbind / Samba auth problem after username change
Hi Rowland,
we're using the Windows mmc for administrating samba sernet DCs running samba-sernet-ad 4.2.11-9.
4 Domain controllers are present. Primary DC replicates to a second in our local office and to 2 others in a vpn connected network.
Changes are made on our primary dc always. DC 3 and 4 and the primary and secondary DC responsible for ssh authentication on our linux boxes
having the
2016 Sep 07
5
Winbind / Samba auth problem after username change
I would suggest.
Stop samba and winbind
Backup
/etc/krb5.keytab
/var/lib/samba
/var/cache/samba
Remove everything in :
/var/lib/samba
/var/cache/samba
And remove :
/etc/krb5.keytab
Put in this config ( from Rowlands suggestion. )
Can you try this smb.conf:
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.local
netbios name = vmu09tcse01
dedicated keytab file = /etc/krb5.keytab
2016 Sep 06
1
Winbind / Samba auth problem after username change
Well we've changed the logon name (SAMAccountName) and the Name and Surname of the user object.
-----Ursprüngliche Nachricht-----
Von: Rowland Penny [mailto:rpenny at samba.org]
Gesendet: Dienstag, 6. September 2016 11:37
An: samba at lists.samba.org
Cc: Julian Zielke <jzielke at next-level-integration.com>
Betreff: Re: [Samba] Winbind / Samba auth problem after username change
On Tue,
2016 Sep 06
3
Winbind / Samba auth problem after username change
Hi Mathias,
thanks for your advice on how to use getent. However you’re mentioning SSSD which is working fine. I was referring to it because we changed to that method lately but the server having the problem is NOT using this new method but the old winbind+samba combination.
Sorry it it was confusing.
Cheers,
Julian
Von: mathias dufresne [mailto:infractory at gmail.com]
Gesendet: Dienstag, 6.
2016 Sep 07
7
Winbind / Samba auth problem after username change
Well, I always get 0 results, whether using cn, full username, wildcards, another existing and working user etc.
# cat /etc/passwd | grep 'ren_test'
returns nothing
# wbinfo -u | grep 'ren_test'
returns: ren_test4
I also created a backup of all those ldb files and restarted the samba service. Now there's no new sam.ldb but a file looking similar to it.
Here's
2016 Sep 06
3
Winbind / Samba auth problem after username change
Hi,
before we switched to SSSD we've been implementing the ssh authentication method via Domain using winbind+samba.
Version installed on our machines is (still) 2:4.1.6+dfsg-1ubuntu2.14.04.13. So far everything has been working fine, however
after we had to change a user's logon name in the domain he can't login anymore. auth.log shows still his old username followed by "from
2017 Feb 22
1
Best practice scheduler for SMB server
Hi,
short question:
Which schedulers are recommended on running a samba smb server using > 1000 files but high I/O on reads/writes on those files?
- Julian
Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschlie?lich f?r den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie bitte,
2016 Sep 07
5
Winbind / Samba auth problem after username change
No, i dont think is needed for all to rejoin.
Now next server, do the same but now dont delete everything
Again stop samba and winbind.
Backup the 2 /var/lib/samba and /var/cache/samba folder.
Now in /var/lib/samba delete winbind*.tdb
And *.tdb in /var/cache/samba
USE THE SMB.CONF as before, modify it for the needed server.
Start samba and winbind again.
Type wbinfo -u first and
2016 Sep 07
4
Winbind / Samba auth problem after username change
Good Morning Rowland,
oh well, the bad side of the Internet... well the samba stuff was implemented by a former co-worker so I've to get into everything he did.
Here’s the information you’ve requested, additionally with my config files I know changed based on the samba wiki:
smb.conf:
cat /etc/samba/smb.conf
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.local
netbios name =
2017 Apr 25
2
Flooding Samba DC with random requests
Hi,
our virtual DCs specs are:
1vCPU, 1GB RAM
System is running on iSCSI Storage in an Openstack Enviroment.
Smb.conf on our DC 03 and 04:
==================
# Global parameters
[global]
workgroup = NLI
realm = nli.local
netbios name = dc04
server role = active directory domain controller
allow dns updates = nonsecure
dns forwarder =
2016 Sep 07
2
Winbind / Samba auth problem after username change
AVAHI is not running on our machines.
We're using Samba from the official sernet repository. I did a find-command on all sam.ldb files and
this is the only one which exists. Also when I delete them and restart the samba service, it's being created again, so
I guess it's the correct file the daemon is working with.
I've used the ldbsearch with the full logon name, however even
2016 Sep 06
2
Winbind / Samba auth problem after username change
Yes,
the change is reflected into groups. The user's DN has all the new information we entered. The group has a memberOf string with the same correct information.
A net cache flush on our DCs didn't help either. Since on another server using the same DCs and authentication mechanisms has no problems with the new name it's seems to be
a server-related issue and not a DC one.
- Julian
2016 Sep 06
2
Winbind / Samba auth problem after username change
BTW I noticed that most configs use the wildcard parameter. So the smb.conf now uses:
idmap config * : backend = rid
idmap config * : range = 16777216-33554431
But still no change... I really wonder where this old username is coming from...
> -----Ursprüngliche Nachricht-----
> Von: Julian Zielke
> Gesendet: Dienstag, 6. September 2016 18:10
> An: 'Rowland Penny' <rpenny
2016 Sep 06
2
Winbind / Samba auth problem after username change
On Tue, 6 Sep 2016 15:38:57 +0000
Julian Zielke <jzielke at next-level-integration.com> wrote:
> No, getent NEWusername produces a result SHOWING the old username -
> not the other way around. The machine is a domain member. We did a
> join using net join ads.
Where is it displaying the old username ?
>
> The passwords file has only the standard local users in there.
Well
2017 Apr 25
3
Flooding Samba DC with random requests
Hi,
yesterday we experienced a heavy request flooding from multiple servers being a domain member against our Samba Sernet DCs.
All those servers are domain members and allow login using PAM (Samba+Winbind).
Running TCPDump we had like 400 Requests per 5 seconds like this:
tcpdump -i eth0 dst port 389
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0,
2016 Sep 07
2
Winbind / Samba auth problem after username change
- It really ends in local. So I guess I can leave this one.
- I've corrected the double entry in nsswitch.conf
The command returns:
# getent passwd | grep ren_test
ren_test4:*:12521:10513:ren_test4:/home/NLI.LOCAL/ren_test4:/bin/bash
What I copied into the message before was our object directly from the DC.
I thought you said "ldapsearch", not ldbsearch ;-)
Well here's the
2016 Sep 06
0
Winbind / Samba auth problem after username change
Mathias,
yes I did the flush whish was also shown in the tutorials I found on the net, right after deleting the cache files. Didn’t help either. :-/
Von: mathias dufresne [mailto:infractory at gmail.com]
Gesendet: Dienstag, 6. September 2016 13:33
An: Julian Zielke <jzielke at next-level-integration.com>
Betreff: Re: [Samba] Winbind / Samba auth problem after username change
Julian,
Last
2016 Sep 06
6
Winbind / Samba auth problem after username change
On Tue, 6 Sep 2016 11:41:59 +0000
Julian Zielke via samba <samba at lists.samba.org> wrote:
> OK I think I got some more information for you guys. I just did
> “getent passwd <NEWusername>” and got: <OLD
> username>:*:<ID>:<ID2>::/home/…/<OLD username>:/bin/bash.
>
> When I do “su - <NEW username>” I get a valid shell with notification
2016 Sep 07
1
WG: Winbind / Samba auth problem after username change
On Wed, 7 Sep 2016 13:20:32 +0000
Julian Zielke via samba <samba at lists.samba.org> wrote:
> I just did a cp -p *.ldb to a backup directory and restarted the
> services. Of course I didn't delete it since I don't know whether
> this action would be fatal.
>
>
There is a tool for doing this, 'tdbbackup', and deleting sam.ldb etc
would be fatal.
Rowland