Displaying 20 results from an estimated 6000 matches similar to: "Password change question/2: 'syncpassword' suffices on *ONE* DC?"
2017 Oct 30
0
Password change question/2: 'syncpassword' suffices on *ONE* DC?
On Mon, 2017-10-30 at 17:00 +0100, Marco Gaiarin via samba wrote:
> I'm forced, for legacy reasons, to use 'syncpassword'.
> Docs are scarce, so i ask here.
>
>
> Seems to me that the ''consumer'' (eg, 'samba-tool user
> syncpasswords',
> with or without '--daemon') get activated after every password
> change,
> indipendently
2017 Sep 26
3
syncpasswords/getpassword: some examples, please...
[Clearly, this question is intimately connected to the previous...]
I need a way to ''preprocess'' or at least intercept password changes,
because i need to propagate them to other ''legacy'' systems.
I've looked around and found syncpasswords / getpassword samba-tool
commands, but really i've not understood how they work.
Seems to me that can be useful in
2017 Oct 26
2
syncpassword and (strange) base64...
I've setup in my domain the 'samba-tool user syncpasswords' to catch
password changes, to propagate correctly to some legacy system.
I've done some tests, but today i've found the ''daemon'' is not
running. After fiddling a bit, i've found the culprit came from the
fact that a user have a base64 version of the password as:
2017 Oct 31
1
syncpassword and (strange) base64...
On Tue, 2017-10-31 at 19:05 +0100, Marco Gaiarin via samba wrote:
>
> > So, the question has to be, just what do you need to sync the passwords
> > to ?
>
> Really i don't need that. But 'samba-tool user setpassword --random-password'
> passwords get processed by 'syncpasswords', as ''normal'' ones.
Either way, if we can't handle
2017 Oct 31
2
syncpassword and (strange) base64...
On Tue, 31 Oct 2017 18:19:39 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
>
> > Seems a bit strange to me...
>
> Seems a bug to me, so i've fired up:
>
> https://bugzilla.samba.org/show_bug.cgi?id=13114
>
>
> Thanks.
>
I normally only use 'samba-tool user setpassword --random-password'
when I create a user that will
2020 Jan 07
4
'check password script' timeout, diferences between AD and NT mode?
Here we use a (custom-made, internal) password propagation system,
hooked around 'check password script'.
Recently we suffer a network outgage (another one ;-), and the system
that take care of password propagation goes offline.
+ NT domains continue to work, clearly password not propagate
+ AD domain stop to work (eg, users password change on windows stop to
work), because the
2018 Jan 15
1
Encrypted secrets break something in 'samba-tool user syncpasswords'?
On Mon, 2018-01-15 at 10:55 +0100, Marco Gaiarin via samba wrote:
> Mandi! Stefan Metzmacher via samba
> In chel di` si favelave...
>
> > Encrypted secrets
> > -----------------
>
> This change/break something in 'samba-tool user syncpasswords'?
Can you please explain what you are asking here? Are you asking if it
intentionally changes the behaviour of
2017 Oct 31
0
syncpassword and (strange) base64...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> I normally only use 'samba-tool user setpassword --random-password'
> when I create a user that will never log in and then use kerberos with
> a program e.g. squid. I usually also set the password to never expire.
Silimar user case. I need to create accounts by scripts, where
passwords are set by other means (eg,
2019 Oct 01
5
Upgrade DC 4.5 -> 4.8, timings?
I've read all docs on upgrades, from wiki to Louis notes, and i think
i'm ready to upgrade.
First step, move from stretch to jessie, and from 4.5 to 4.8, upgrade
in place.
But having a domain with 6 DCs, i'm a bit scared to upgrade all DC in
one turn, and i'm think about something like:
a) upgrade DC with FSMO roles, then wait 1-2 day to spot troubles
b) then upgrade all DC in
2017 Oct 31
0
syncpassword and (strange) base64...
> Seems a bit strange to me...
Seems a bug to me, so i've fired up:
https://bugzilla.samba.org/show_bug.cgi?id=13114
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it
2019 Oct 02
3
Upgrade DC 4.5 -> 4.8, timings?
Hai Marco.
Just upgrade it. ;-)
It's not needed to move FSMO roles, in the last 4 years of upgradeing..
I did that exactly... 0 times.
Steps shown work fine. ;-)
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marco Gaiarin via samba
> Verzonden: woensdag 2 oktober 2019 11:29
> Aan: samba at
2019 Jun 12
2
Question about migration from samba3 to samba4
Hello,
Actually we have pdc with Samba3 for domain and now install Samba4 for migrate the old samba3. My question is, Is possible make a progressive user migration and both environments works together (shared folders, printers, etc). Or the unique option is migrate all users from samba3 to samba4 ??
Thanks.
2018 Mar 22
1
[OT?] Strangeness on clients migrating NT -> AD...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> > There's the OLD PDC for the domain 'SVCORSI', and the new AD DC for
> > the domain 'LNFFVG', with different SID! They are different domains!
> OK, but if the win7 machines were domain members of 'SVCORSI', then
> they still might be trying to find it, best thing is to turn it off.
2024 May 27
1
Printer desappeared... configuration and backup?
Samba AD domain, composed of different DCs and DMs, someone used (also) as print
server with CUPS, with Point'n'Print (driver loaded server side).
This morning in a site all printers but 1 'desappeared': really the don't desappear,
simply the association between printers and driver get lost someway, so
printer come back to standard CUPS printer name, so clients say that
2024 May 27
1
Printer desappeared... configuration and backup?
From my experience when driver associates or re-associates with printer, printer ?shared name? changes.
From a windows client perspective the printer disappears and needs reconnecting.
After re-associating check the shared name.
LP
On 27 May 2024 at 11:10 +0100, Marco Gaiarin via samba <samba at lists.samba.org>, wrote:
>
> Samba AD domain, composed of different DCs and DMs, someone
2018 Mar 22
2
[OT?] Strangeness on clients migrating NT -> AD...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> So, it sounds like you have a PDC for the domain 'DOMAIN' and an AD DC
> for the domain 'DOMAIN' both using the same SID, I don't think this is
> going to work. I suggest you turn the old PDC off.
No no no! I'm not mad! ;-)
There's the OLD PDC for the domain 'SVCORSI', and the new AD DC
2019 Sep 19
3
Script to sync xID/idmap.ldb, some questions...
I'm scripting the ''replica'' of DC xID db (idmap.ldb) between DCs,
following:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings
but i've two question.
1) because i've just in place the sysvol replica, i've thinked of
copying the 'idmap.ldb.bak' file on sysvol share (in debian,
2020 Sep 11
4
Winbind offline cache and strangeness...
I've setup a portable system (ubuntu 16.04) joined to my AD domain,
that in their primary network works as expected.
But in this 'COVID time', the portable start to roam around, and users
say me that, suddenly after some days of use, get incredibly
sloooowww... after that users reboot, and cannot get back in, login
refused.
I've setup a VPN, but clearly if users cannot login
2018 Sep 18
1
Syncing password change across NT4 and AD domains
Hello,
Thanks to the assistance from Samba devs, I managed to upgrade existing
Samba 3 (NT4) domain to Samba 4 (they are co-existing in the same
network, while services/computers are being migrated to AD).
The sequence of actions was
- run "classic upgrade" against local OpenLDAP-based replica of existing
NT4 domain
- extract from Samba 3 domain LDAP dump Posix attributes for users
2019 Apr 12
0
External Authentication
Mandi! Vex Mage via samba
In chel di` si favelave...
> I've spun up a Samba4 server and set it up as an active directory domain
> controller and I can definitely see that this is a very robust system and
> is working well however; I don't see a management solution to
> synchronization between the campus LDAP server and Samba4 AD/DC.
You can sync users simply wrapping some