similar to: Samba4 DC with Secondary Questions

Rowland, thank you for the reply. I must have misstated. We have successfully setup our first DC. It works great with DHCP and BIND9_DLZ and updates nicely as it is designed to, kerberos and all. The question is about the second server. Perhaps MY understanding of what I have read on the samba wiki, and others, is different than actual reality. http://bit.ly/2r3IOjt ;) Perhaps if I show

On Wed, 7 Jun 2017 10:29:12 -0700 Nowell Morris via samba <samba at lists.samba.org> wrote: > Hello all. > > I am currently working on setting an S4 domain to replace our aging > samba 3 setup. We have found many answers on the net, in various > documentation, but when it comes to setting up beyond one node > documentation becomes a little thinner. Have you by any

Hi Samba documentation admins, one of the the examples given on this page https://wiki.samba.org/index.php/User_and_Group_management is incorrect and probably should be updated. The snippet of code in question: $ samba-tool user add fbaggins    --random-password --use-username-as-cn    --surname="Baggins" --given-name="Frodo"    --initials=S --mail-address=fbaggins at

OK, further to my previous message I've configured BIND, but when I try to run samba_dnsupdate I get the following: Nov 18 16:19:23 sles-shire named[6112]: samba b9_putrr: unhandled record type 0 Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: starting transaction on zone _msdcs.main.adlab.netdirect.ca Nov 18 16:19:24 sles-shire named[6112]: samba_dlz: disallowing update of

I was hoping this would be simpler. I'd like to prepopulate an RODC with all users accounts that are permitted. But I can only pre-populate one at a time: samba-tool rodc preload (<SID>|<DN>|<accountname>) sles-shire:~ # samba-tool group listmembers 'Allowed RODC Password Replication Group - Shire' Allowed RODC Password Replication Group - Global WIN7-SHIRE$ bilbo

I have my own custom schema for email that I have been using for years with courier_imap and exim. I am experimenting with dovecot and trying to set up my conf so that it logs in using the ldap database. In the dovecot-ldap.conf there is a section # Filter for user lookup. Some variables can be used (see # http://wiki.dovecot.org/Variables for full list): # %u - username # %n - user

Is this a problem? Does this mean no replication links exist? michael at sles-bree:~> samba-tool drs showrepl -k yes Bree\SLES-BREE DSA Options: 0x00000025 DSA object GUID: 7ea641b0-d418-4c74-a4fa-c15b852467b8 DSA invocationId: 1017ff29-756c-4777-b395-b481f4b5387c ==== INBOUND NEIGHBORS ==== ==== OUTBOUND NEIGHBORS ==== ==== KCC CONNECTION OBJECTS ==== Connection -- Connection name:

OK, I am running (for many years now) an existing courier_imap maildir ++ setup with exim as the MTA. Has been fine. I have my own custom ldap schema for user account definition and authorization. I installed dovecot 1.0 beta 7 as a test and have it listening on a different port. I would like, if possible, to set things up so that a user could use either dovecot or courier. Having to

https://bugzilla.netfilter.org/show_bug.cgi?id=1303 Bug ID: 1303 Summary: nft improperly merges intervals Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: critical Priority: P5 Component: nft Assignee: pablo at netfilter.org

SERIOUSLY.... does ANYONE have ANY ideas??? I'm stumped silly. HELP!!!! thanks, dave > >Hi, I'm going to scream. > >I have a "dell-installed" red hat 7.2 build and I have been attempting to >get it to join my NT4.0 domain with samba... after getting past the old >version of samba that shipped with it and updating to the latest samba >from the samba web

OK! I'm getting farther and farther! :) I've managed to preload user and computer passwords onto a samba RODC: *sles-shire:/var/lib/samba/sysvol # samba-tool rodc preload 'win7-shire$' --server main.adlab.netdirect.ca** *Replicating DN CN=WIN7-SHIRE,CN=Computers,DC=main,DC=adlab,DC=netdirect,DC=ca Exop on[CN=WIN7-SHIRE,CN=Computers,DC=main,DC=adlab,DC=netdirect,DC=ca]

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

On Fri, 3 May 2019 10:45:43 +0100 Stephen via samba <samba at lists.samba.org> wrote: > Hi Samba documentation admins, one of the the examples given on this > page https://wiki.samba.org/index.php/User_and_Group_management is > incorrect and probably should be updated. > > The snippet of code in question: > > $ samba-tool user add fbaggins >

Hi, Nice little bug for you... SWAT is not implementing file permissions properly when editing smb.conf. an ls -l of my smb.conf looks like this: -rw-rw-r-- 1 root root 804 May 5 21:45 smb.conf Note the Owner / Group and 664 permission If I telnet to the server, log on as an ordinary user and do a "vi /etc/smb.conf" I get the file opened "Read-Only" and

Hi, It's just past 3am and for the past 6 hours I've been configuring a secondary name server to replace one that just crashed. My problem appears to be that port 53 is not open for some reason on my server even though I have this: [root at tribe etc]# netstat -an | grep ":53 " tcp 0 0 205.211.154.3:53 0.0.0.0:* LISTEN tcp

Hi all I have a 5 machine network with 4 machines running XP Pro SP-1 and one (the server) running Red Hat 9.0 with Samba 3.0.2pre1 Everything seems to run OK except when I try to connect to a shared folder on an XP machine from another XP machine - sometimes this works, sometimes I get "the system cannot find message text for message number 0x in the message file for (the share name)"

I just checked the SOA records on my samba DCs and noticed a few oddities: michael at sles-bree:~> for i in ad{1..4} sles-bree sles-shire; do host -t soa main.adlab.netdirect.ca $i | grep SOA; done main.adlab.netdirect.ca has SOA record ad1.main.adlab.netdirect.ca. hostmaster.main.adlab.netdirect.ca. 177 900 600 86400 3600 main.adlab.netdirect.ca has SOA record ad2.main.adlab.netdirect.ca.

OK, background/config. running * (show version reports 0.9.0) on Mandrake 9.2 (kernel: 2.4.22-32mdk) with a dual 800mhz PIII with 256M Ram 4port FXO digium card, no IRQ sharing I can find (cat /proc/pci & cat /proc/interrupts), vmstat reports a minimum of 80+% CPU idle when problem occurs. connect to a Grandstream 101 (GS) via vpn (no nat). Link has 100ms - 150ms ROUND TRIP latency

Hi Trever, things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour: root at ubuntu1:~# kinit user09999 user09999 at S4DOM.TEST's Password: root at ubuntu1:~# klist -v Credentials cache: FILE:/tmp/krb5cc_0 Principal: user09999 at S4DOM.TEST Cache version: 4 Server: krbtgt/S4DOM.TEST at