similar to: winbind inconsistent group membership

Displaying 20 results from an estimated 5000 matches similar to: "winbind inconsistent group membership"

2017 Mar 14
2
AD replication issue
Changes replicate to it, but not from it. vsc\VSC-DC02 DSA Options: 0x00000001 DSA object GUID: fe066b13-6f9e-4f3c-beb4-37df1292b8cb DSA invocationId: 8a2b1405-07b1-4d92-89dd-1d993e59e378 ==== INBOUND NEIGHBORS ==== DC=DomainDnsZones,DC=mediture,DC=dom vsc\DC01 via RPC DSA object GUID: da9bb168-47a0-4368-aff3-bf06d1b869d2 Last attempt @ Tue Mar 14
2017 Mar 13
2
AD replication issue
I believe the problem is a lack of outbound replication for non PDC emulator DCs. You'll notice isn't even trying because last successful was epoch (never) yet there are no errors. Inbound replication for this DC seems fine. [root at vsc-dc02 ~]# samba-tool drs showrepl [...]==== OUTBOUND NEIGHBORS ==== DC=DomainDnsZones,DC=mediture,DC=dom aws\AWS-DC01 via RPC DSA object GUID:
2017 Mar 13
3
AD replication issue
On 3/13/2017 2:15 PM, Arthur Ramsey via samba wrote: > Upgraded to 4.6.0 on all nodes. Still seeing the same issue. > > If I create an object on vsc-dc02, epo-dc01 or aws-dc01 DCs it doesn't > replicate. If I create it on vsc-dc01 (PDC emulator) then it does > replicate. > > On 03/13/2017 12:13 PM, Arthur Ramsey wrote: >> >> I believe the problem is a lack
2016 Oct 17
3
Replications errors on 4.5.0 (WERR_BADFILE)
Executing the following with nsupdate seems to have fixed replication. update add 28f7281f-3955-4885-8a7d-42a36ee87590._msdcs.mediture.dom. 900 A 192.168.222.5 show send update add 8b750a53-3d39-4bc0-8fe9-9bffa9e413aa._msdcs.mediture.dom. 900 A 172.16.1.106 show send update add fe066b13-6f9e-4f3c-beb4-37df1292b8cb._msdcs.mediture.dom. 900 A 192.168.168.65 show send New DNS records I create
2014 Sep 12
1
Group Policy failures related to machine password replication
We are using Samba-4.1.11. I can run gpupdate /force without error on my machine. H:\>type \\dc01.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini [General] Version=65551 displayName=New Group Policy Object H:\>type \\dc02.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini [General] Version=65551 displayName=New
2016 Oct 07
0
BIND9.8 DLZ performance issue
I'm hoping the issue is just load balancing, but I'm not sure. I can't see to get the traffic balanced across two DCs. I ran this script on all Linux nodes to balance the traffic. #!/usr/bin/perl use strict; use warnings; my $primary_name_server; my $random = int(rand(10)); open(my $resolv_conf_fh, '< /etc/resolv.conf') or die("Unable to open /etc/resolv.conf for
2017 Mar 13
5
AD replication issue
I forgot to associate inter-site links (all using default), which fixed a lot though I'm still having an issue. * vsc site o vsc-dc01 o vsc-dc02 * aws site o aws-dc01 * epo site o epo-dc01 * vsc-dc01 => anywhere: OK * vsc-dc02 => anywhere: not replicating * aws-dc01 => anywhere: OK * epo-dc01 => anywhere: OK I've tried with samba_kcc =
2015 Oct 22
0
pam_winbind could not lookup name
I upgraded Samba from 4.2.0 to 4.3.1 on my domain controllers. Now on 2 of 4 I get the following. Oct 22 15:07:38 dc01 sshd[1372]: pam_winbind(sshd:auth): getting password (0x00000250) Oct 22 15:07:38 dc01 sshd[1372]: pam_winbind(sshd:auth): pam_get_item returned a password Oct 22 15:07:38 dc01 sshd[1372]: pam_winbind(sshd:auth): could not lookup name: #
2016 Oct 20
2
Error joining Linux member to 4.5.0 DC: Indicates the SID structure is not valid
Error joining Linux member to Samba 4.5.0 DC. /usr/bin/net join -w MEDITURE -S dc01.mediture.dom -U Administrator Enter Administrator's password: Failed to join domain: failed to lookup DC info for domain 'MEDITURE.DOM' over rpc: Indicates the SID structure is not valid. ADS join did not work, falling back to RPC... Thanks, Arthur This e-mail and any attachments may contain
2017 Mar 14
2
AD replication issue
Well vsc-dc01 is actually dc01 for the host name, sorry I forgot about that. This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED HEALTH INFORMATION. If you are not the intended recipient, any use or disclosure of this information is STRICTLY PROHIBITED; you are requested to delete this e-mail and any attachments, notify the sender immediately, and notify the
2016 Oct 19
2
Replications errors on 4.5.0 (WERR_BADFILE)
The errors went away, but replication still isn't working properly. There are objects missing on all DCs, but it isn't consistent at all. showrepl: http://pastebin.com/bYfCZcNG Thanks, Arthur On 10/17/2016 12:32 PM, Arthur Ramsey wrote: > This fixed DNS issues. > > samba_upgradedns --dns-backend=BIND9_DLZ > /usr/local/samba/bin/samba-tool domain exportkeytab >
2016 Sep 29
2
BIND9.8 DLZ performance issue
Hello, I'm running Samba 4.5.0 and bind-9.8.2-0.47.rc1.el6_8.1. One DC of four, the PDC, is magnitudes slower running /usr/local/samba/sbin/samba_dnsupdate --verbose --all-names. When that is running on that DC it seems to block any queries. The load average is usually under 0.5. The DC was unsafely halted, which could have corrupted something. I ran a dbcheck with samba-tool and it
2017 Mar 14
0
AD replication issue
On 3/14/2017 10:29 AM, Arthur Ramsey wrote: > Changes replicate to it, but not from it. > > vsc\VSC-DC02 > DSA Options: 0x00000001 > DSA object GUID: fe066b13-6f9e-4f3c-beb4-37df1292b8cb > DSA invocationId: 8a2b1405-07b1-4d92-89dd-1d993e59e378 > > ==== INBOUND NEIGHBORS ==== > > DC=DomainDnsZones,DC=mediture,DC=dom > vsc\DC01 via RPC >
2017 Mar 13
0
AD replication issue
Upgraded to 4.6.0 on all nodes. Still seeing the same issue. If I create an object on vsc-dc02, epo-dc01 or aws-dc01 DCs it doesn't replicate. If I create it on vsc-dc01 (PDC emulator) then it does replicate. On 03/13/2017 12:13 PM, Arthur Ramsey wrote: > > I believe the problem is a lack of outbound replication for non PDC > emulator DCs. You'll notice isn't even
2017 Mar 13
0
AD replication issue
That bug is reported? Do you have a link? You're saying it is just an issue with the logging or am I correct that this indicates an outbound replication isn't trying. On 03/13/2017 01:45 PM, lingpanda101 via samba wrote: > On 3/13/2017 2:15 PM, Arthur Ramsey via samba wrote: >> Upgraded to 4.6.0 on all nodes. Still seeing the same issue. >> >> If I create an
2016 Oct 14
2
Replications errors on 4.5.0 (WERR_BADFILE)
Replication has been running smoothly until I upgraded to 4.5.0. I had various errors with all BDCs and a force sync didn't resolve it. I shutdown all BDCs, demoted them with --remove-other-dead-server then joined new BDCs with new names. At first replication was intermittently failing (consecutive failures counter kept resetting), but it seemed OK, just slow if anything. Now they all
2016 Oct 28
1
NT_STATUS_INVALID_SID
OK, I am both panicked and lost now. I stopped Samba, uninstalled, removed the source directory, removed every Samba directory on the system (/var/lib/samba, /var/log/samba, /var/cache/samba, /var/run/samba, /usr/lib/python2.7/dist-packages/samba), rebooted, cloned 4-5-stable, configured, built, installed, provisioned a new domain, and this is what I get. I am following the guide to the letter.
2016 Oct 17
0
Replications errors on 4.5.0 (WERR_BADFILE)
I increased the debug level to 10 and found this dreplsrv_notify: Failed to send DsReplicaSync to fe066b13-6f9e-4f3c-beb4-37df1292b8cb._msdcs.mediture.dom for DC=DomainDnsZones,DC=mediture,DC=dom - NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE. I manually created the DNS entry, but it doesn't resolve. Other DNS records supplied by BIND_DLZ are working. I tried adding a host file
2016 Oct 19
2
Can't connect via smb to s4 DC
I have 4 samba 4.5.0 DCs. I can connect via smb to two of them and can't connect to another two. I get an error "The request is not supported". Those same two DCs I cannot connect to via smb also have issues via ADUC. I get an "RPC server is unavailable" when trying to connect with ADUC. Here's my smb.conf: http://pastebin.com/7J8hNd0Y. Thanks, Arthur This
2016 Oct 23
2
Error joining Linux member to 4.5.0 DC: Indicates the SID structure is not valid
4.4.5 seems to work fine for me too, so I guess it is a regression from changes added to 4.4.6 and 4.5.0? On 10/21/2016 3:12 PM, Arthur Ramsey wrote: > I can confirm that rolling back to 4.4.4 resolved the issues for me. > I had the same problem with 4.4.6. > > Thanks, > Arthur This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED HEALTH