Displaying 20 results from an estimated 20000 matches similar to: "Choosing a samba version for DC use"
2016 Dec 02
0
Choosing a samba version for DC use
On Fri, 2 Dec 2016 09:33:31 +0000
Brian Candler via samba <samba at lists.samba.org> wrote:
> Do people have any recommendations on which Samba version to choose
> for production use, as a domain controller and authentication
> database for 802.1x only? (i.e. no file sharing)
>
> I note that:
>
> * CentOS 7 comes with samba 4.2.10 - labelled as "do not use"
2016 Dec 02
1
Choosing a samba version for DC use
On 02/12/2016 09:48, Rowland Penny wrote:
> It all depends on what you mean by 'compelling';-)
I was thinking of any important new functionality that I wouldn't want
to be without. As one example: I read that Samba isn't (or wasn't) able
to replicate SYSVOL automatically: having that implemented would save me
having to rsync SYSVOL around.
Looking at the history page
2016 Dec 06
2
smb.conf different between first DC and replica DC
Under ubuntu 16.04, compiling samba 4.5.1 from source, I've created an
initial DC and a replica DC by following:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
For the second one I had to add the extra DNS records as per:
2018 Mar 14
4
Error running CVE-2018-1057_helper on 4.5
I tried to run this script on a system running 4.5.15 built from source
under Ubuntu 16.04, but I get the following exception:
# PYTHONPATH="/usr/local/samba/lib/python2.7/site-packages/"
./samba_CVE-2018-1057_helper --lock-pwchange
Temporarily overriding 'dsdb:schema update allowed' setting
Traceback (most recent call last):
File "./samba_CVE-2018-1057_helper",
2016 Dec 06
4
samba 4.5.1 tdb panic with ZFS
I am trying to install samba 4.5.1 from source, as a domain controller
only, under Ubuntu 16.04, with ZFS filesystem (actually inside an lxd
container with ZFS backing).
Out-of-the-box, samba-tool domain provision does not like the filesystem:
ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
ProvisioningError: Your filesystem or build does not support posix
2016 Oct 23
2
Error joining Linux member to 4.5.0 DC: Indicates the SID structure is not valid
4.4.5 seems to work fine for me too, so I guess it is a regression from
changes added to 4.4.6 and 4.5.0?
On 10/21/2016 3:12 PM, Arthur Ramsey wrote:
> I can confirm that rolling back to 4.4.4 resolved the issues for me.
> I had the same problem with 4.4.6.
>
> Thanks,
> Arthur
This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED HEALTH
2016 Dec 06
2
samba 4.5.1 tdb panic with ZFS
On 06/12/2016 16:06, Brian Candler wrote:
> Ah OK... I've just seen Rowland's reply, "Just don't use ZFS". That's
> clear enough :-)
FYI, I rebuilt the system using btrfs but initially I got the same issue
[^1]
It turns out this came from running inside an unprivileged lxd
container. After setting "security.privileged true" it was happy.
So I guess
2004 Jun 11
7
Can't open configuration file
Hi I'm getting
Jun 11 13:12:46 "Fatal: Can't open configuration file /home/dovecot/dovecot-pgsql.conf: Permission denied
this file have fulle permissions and has belonged to dovecot and root but still no joy
what am i missing must be something stupid on this side
Thanks for the previos comments about scripting I am swithcing to postgress for the mail env and will look at mysql
2017 Apr 04
1
Problems adding DC to Samba 4.1.6 AD
I inherited an AD "domain" which is running Ubuntu 14.04, with Samba 4.1.6
with "built-in" AD-DNS. The network has only one AD server, which runs on
KVM as a guest - (convenient so I can make backups and test stuff without
breaking my network.
We have around 500 users on the system, and I'm trying to upgrade to 16.04
and a more current version of Samba without making all
2017 Apr 05
2
Demoting offline DC on 4.3.11-Ubuntu
I have recently added a DC to my AD - Former DC was Samba 4.1.6, new DC is
4.3.11 (latest supported by Ubuntu).
There's also a Window 2008 server I had tried to join as an AD - that
server, wouldn't completely join and replicate to the 4.1.6 samba AD, and
now it will not Un-join the AD "domain" either via dcpromo.
This brings me to my actual question -
Now that I have
2020 Jun 02
2
"ssh -Q key" does not list rsa-sha2 algorithms
On Tue, 2 Jun 2020 at 18:48, Brian Candler <b.candler at pobox.com> wrote:
[about ssh -Q ssh_config_keyword]
> There is also "-Q key-sig" in recent versions (not sure exactly how recent, but 7.6 doesn't have it)
Added in the same commit (Feb this year), first released in 8.3:
https://github.com/openssh/openssh-portable/commit/d4d9e1d40514e2746f9e05335d646512ea1020c6
--
2008 Nov 28
0
Choosing a DC in a multiple DC network
Hello,
I have a linux server that is joined to our domain that has multiple Domain
Controllers at multiple sites.
The DCs are all synced together and this is a Windows Server 2003
environment.
I configured a linux server to join the domain using winbind (security =
ads).
That is, it was joined with "net ads join -U user@DOMAIN.COM"
When I configured the server, I installed krb5 but
2016 Dec 10
3
How to join join Ubuntu desktop to AD
On 09/12/2016 15:55, Rowland Penny wrote:
>> But did you give Domain Users a gid? If you don’t do that, winbind
>> and getent will not find any UNIX users (doesn’t matter if the users
>> have a uid and gid within the range you’ve specified in smb.conf).
>> It’s been a while since I had this problem - my memory is it’s not
>> clearly mentioned in the wiki at all.
2007 Sep 14
3
epoll appears to break
The following program is a minor variant on the sample given in the README
with eventmachine-0.8.1. I am running under CentOS 4.5 (kernel
2.6.9-55.0.2.plus.c4) with a ruby-1.8.5 RPM from the CentOS testing
repository.
When I run it, I find that set_comm_inactivity_timeout doesn''t do anything.
That is, if I client opens a connection, it stays open indefinitely.
However, if I comment out
2012 Nov 14
2
Avoid Split-brain and other stuff
Hi!
I just gave GlusterFS a try and experienced two problems. First some background:
- I want to set up a file server with synchronous replication between branch offices, similar to Windows DFS-Replication. The goal is _not_ high-availability or cluster-scaleout, but just having all files locally available at each branch office.
- To test GlusterFS, I installed two virtual machines
2012 Mar 10
1
High CPU Usage After Glusterfs install
Hi Guys,
I have 2 servers with a fresh install of glusterfs and I am seeing a very high CPU load.? I am trying to just do a very basic config to get this started and for the life of me, I don't know what could be causing it.? The CPU goes up to 100% across all 4 CPU's on each gluster node and I am seeing timeouts coming from the vms that I am testing with.? I simply copied the
2012 Jun 29
2
compile glusterfs for debian squeeze
Hello, I'm compiling glusterfs for a debian squeeze.
When I do a make command, I see These parameter:
GlusterFS configure summary
===========================
FUSE client: yes
Infiniband verbs: yes
epoll IO multiplex: yes
argp-standalone: no
fusermount: no
readline: no
georeplication: yes
I would like to create a package that can be used both as a client and a server.
I'm not interested
2016 Dec 12
2
How to join join Ubuntu desktop to AD
On 12/11/2016 8:59 AM, Brian Candler via samba wrote:
> On 10/12/2016 16:25, Brian Candler wrote:
>> I think there's plenty of emphasis now, but I think there is a part
>> which is misleading:
>>
>> > To enable Samba to retrieve user and group information from Active
>> Directory (AD):
>> >
>> > * Users must have at least the uidNumber
2020 Jan 30
3
SSH certificates - restricting to host groups
On 30/01/2020 12:53, Michael Str?der wrote:
> On 1/30/20 1:27 PM, Brian Candler wrote:
>> I am trying to work out the best way to issue SSH certificates in such
>> way that they only allow access to specific usernames*and* only to
>> specific groups of host.
> I also thought about this for a while. The only idea I came up with is
> to have separate CAs used as trust
2007 Sep 04
11
returning(...) ?
The following construct is an ActiveSupport-ism:
returning(Foo.new) do |foo|
...
end
I don''t especially like it, since it''s both more verbose and less efficient
than the direct alternative:
foo = Foo.new
...
foo
It doesn''t occur many times in Merb, so does anyone agree with me that it
should be removed?
I tried doing this (patch attached) and I find