Displaying 20 results from an estimated 10000 matches similar to: "Trouble with Kerberos authentication"
2017 Feb 24
4
Samba firts DC fail over
Hello,
I am currently testing for Samba4. The creation of the domain and the secondary Dc implementation works well. But by performing tests for a fail over situation I realized that when the DC that created the domain is in fail over the linux client machine can no longer retrieve the list of users from the domain. I would like to know if a person has already faced this situation and if so how he
2017 Feb 24
2
Samba firts DC fail over
Just a thought if the client machines are still getting a listing in the
DNS for the failed machines wouldn't this be a problem? How would the
programs know not to use the failed server? Is there a way to temporarily
move the failed machines out of dns listings?
On Fri, Feb 24, 2017 at 8:52 AM, Vinicius Bones Silva via samba <
samba at lists.samba.org> wrote:
> No, the question is
2017 Jan 10
3
Winbind PAM RHEL
HI,
on debian i use pam winbind by adding
the file /usr/share/pam-configs/winbind and enable this.
Is there another way on RHEL? i have configure RHEL that wbinfo -u gives me the users and getent passwd also.
id <username> is not possible. It tells me user unknown.
With authconfig i have enable winbind for authentication.
Im Using RHEL6 and Samba 4.4.9
Best wishes
OLIVER WERNER
2016 Nov 09
2
Block samba hosts by domain
Hi everybody,
I'm setting up a Samba under RHEL 7.0, just a simple samba server. But I'm
having trouble with blocking access to shares, to be specific with domain
block.
I'm using default config in samba.conf, just added the share's config.
While blocking by network range it works. Even when some IPs in the network
172.25.0.X are subdomains of example.com, they are not blocked.
2017 Jan 11
4
SSL Certificate
Hello!
Taking advantage of the email, I tried to make an ldap query with tls
and I had an error ..
Version Samba 4.4.4
samba-tool testparm -v --suppress-prompt|grep tls
ldap ssl = start tls
tls cafile = tls/ca.pem
tls certfile = tls/cert.pem
tls crlfile =
tls dh params file =
tls enabled = Yes
tls keyfile = tls/key.pem
tls
2016 Oct 24
2
Hidden folder
Can I keep invisible folder to windows clients without renaming it by suffix '.' in front of file with samba 4?
2017 Feb 15
2
question about ntlm
Hai,
Since im still having problems reading the man smb.conf about the NTLM settings, im asking here.
How do i allow NTLM auth for my proxy.
I have been playing around with :
client NTLMv2 auth
raw NTLMv2 auth
ntlm auth
lanman auth
i’ve added the proxy user to the winbind_privileged group.
and did set the needed rights.
chgrp winbindd_priv
2017 Feb 17
4
samba ad sysrepl
Hello,
I have installed an samba ad1 and an samba ad2 with replication.
On the dc1 "samba-tool drs showrepl" say "... was successful"
On dc2 there is the same.
When dc1 goes down I get an Error (on my client):
Active Directory Users and Computers error: "server is not operational"
What is wrong here?
For my understand that is no Replication, when one goes down and
2016 Oct 27
1
smb.conf veto files entry question
While working on my existing member file server smb.conf config file I
found an entry for "veto files" like the following:
veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
The "man smb.conf" entry says:
veto files (S)
This is a list of files and directories that are neither
visible
nor accessible. Each entry in the list must be
2017 Feb 07
2
testparm 4.6.0rc2
using testparm of 4.6.0rc2 against the smb.conf of a production server (the production
server is not using rc2, dont worry) produces the error:
[root at fwborda1 samba-460rc2]# testparm /root/smb.conf
Load smb config files from /root/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[sysvol]"
2016 Oct 27
3
NT_STATUS_INVALID_SID
On Thu, 27 Oct 2016 10:51:08 -0200
Vinicius Bones Silva via samba <samba at lists.samba.org> wrote:
> Wait, now I'm confused. Idmap lines do not need to be set up on the
> DCs? Then how does windows figure's out the ids in the Unix
> Attributes tab? I thought you needed both rfc2307 and idmap on the
> DC and the members.
>
>
>
The DCs have idmap.ldb, this
2017 Feb 03
2
LDAP problem
Hello everyone,
I'm using Samba4 in my CentOS server, and it was just fine. I could always use ldap commands like 'ldapsearch' and 'ldapadd' and I had no problem.
But one day, I don't know why, I couldn't use more ldapsearch or ldapadd. They return this:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
I'm using the same command as always, like:
2017 Feb 07
2
Module error after Samba update
I've just done a yum update and a reboot on one of our CentOS 7 DCs,
which has taken Samba from sernet-samba-4.5.1-6 to
sernet-samba-4.5.5-13. I now notice that the Samba log files contain
errors since the update.
The error message is:
"../lib/util/modules.c:48(load_module) Error loading module
'/usr/lib64/samba/vfs/acl_xattr.so':
/usr/lib64/samba/libsmbregistry-samba4.so:
2017 Jan 04
3
Samba4 + Winbind
Rowland,
I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm doing something wrong.
This is what I tried to do:
yum install pam*
./configure.developer --with-pam
make && make install
ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so
ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2
modified my nsswitch.conf
passwd:
2016 Oct 20
2
Error joining Linux member to 4.5.0 DC: Indicates the SID structure is not valid
On Thu, 20 Oct 2016 20:21:17 +0100
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Thu, 20 Oct 2016 14:06:18 -0500
> Arthur Ramsey via samba <samba at lists.samba.org> wrote:
>
> > On 10/20/2016 01:52 PM, Rowland Penny via samba wrote
> > > Have you given Administrator a uidNumber attribute ?
> > Yes, I have.
> > >
> > >
2016 Dec 16
2
remove dead server (samba 4.4.4)
Hi,
I'm trying to remove a DC from a site we have shutdown. The demote command is
throwing up this message:
[root at aragorn ~]# samba-tool domain demote --remove-other-dead-server=pippin
Removing nTDSConnection: CN=eca08dbb-1f34-476e-96dd-33ec22b2bc94,CN=NTDS
Settings,CN=GANDALF,CN=Servers,CN=SAOPAULO,CN=Sites,CN=Configuration,DC=e-trust,DC=com,DC=br
Removing nTDSDSA: CN=NTDS
2016 Oct 29
5
NT_STATUS_INVALID_SID
On Thu, 2016-10-27 at 17:23 -0200, Vinicius Bones Silva via samba
wrote:
> Hi Rowland,
>
> Just to let you know, we removed all the idmap entries we had on
> the smb.conf of our
> two DCs and the ids reported by getent passwd at the DCs were in the
> 3.000.000 range, as
> you said. We had to add back 'idmap_ldb:use rfc2307 = yes' to get the
> user listing
2016 Oct 25
3
Samba 4.5 y opensuse42.1
Hi friends:
I was installed Samba4 ver 4.5 on openSuSE 42.1 Leap, the smb.conf is:
# Global parameters
[global]
netbios name = SERVERDOM
realm = POLRMVAR.MTZ.SLD.CU
workgroup = POLRMVAR
dns forwarder = 10.44.0.5
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc
[netlogon]
2017 Jul 11
0
Trouble with Kerberos authentication
Did you create a kerberos keytab file to use with dovecot?
https://wiki2.dovecot.org/Authentication/Kerberos
Also, make sure there's a reverse DNS entry for the dovecot server, kerberos usually fails
if the reverse address is not resolvable.
Regards,
Vinicius.
Em 11/07/2017 06:41, Mark Foley via samba escreveu:
> I'm not sure whether this is a Dovecot issue or a Samba issue, but as
2018 Jun 22
2
WERR_BAD_NET_RESP on replication (--full-sync)
Thanks Garming.
We currently use a standalone bind DNS server. Will the later version of
samba work without the integrated DNS backend?
Cheers
Chris
On 21/06/18 23:41, Garming Sam wrote:
> Hi,
>
> Many of these syncing problems were solved in Samba 4.7 (and probably a
> few more in 4.8). There were a number of unresolved locking issues that
> we uncovered as well as some